Search Results

Search found 300 results on 12 pages for 'ross braden'.

Page 7/12 | < Previous Page | 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Correct escaping of delimited identifers in SQL Server without using QUOTENAME

    - by Ross Bradbury
    Is there anything else that the code must do to sanitize identifiers (table, view, column) other than to wrap them in double quotation marks and "double up" and double quotation marks present in the identifier name? References would be appreciated. I have inherited a code base that has a custom object-relational mapping (ORM) system. SQL cannot be written in the application but the ORM must still eventually generate the SQL to send to the SQL Server. All identifiers are quoted with double quotation marks. string QuoteName(string identifier) { return "\" + identifier.Replace("\"", "\"\"") + "\""; } If I were building this dynamic SQL in SQL, I would use the built-in SQL Server QUOTENAME function: declare @identifier nvarchar(128); set @identifier = N'Client"; DROP TABLE [dbo].Client; --'; declare @delimitedIdentifier nvarchar(258); set @delimitedIdentifier = QUOTENAME(@identifier, '"'); print @delimitedIdentifier; -- "Client""; DROP TABLE [dbo].Client; --" I have not found any definitive documentation about how to escape quoted identifiers in SQL Server. I have found Delimited Identifiers (Database Engine) and I also saw this stackoverflow question about sanitizing. If it were to have to call the QUOTENAME function just to quote the identifiers that is a lot of traffic to SQL Server that should not be needed. The ORM seems to be pretty well thought out with regards to SQL Injection. It is in C# and predates the nHibernate port and Entity Framework etc. All user input is sent using ADO.NET SqlParameter objects, it is just the identifier names that I am concerned about in this question. This needs to work on SQL Server 2005 and 2008.

    Read the article

  • Using EclipseLink

    - by Ross Peoples
    I am still new to Java and Eclipse and I'm trying to get my application to connect to a database. I think I want to use EclipseLink, but all of the documentation on the matter assumes you already know everything there is to know about everything. I keep getting linked back to this tutorial: http://www.vogella.de/articles/JavaPersistenceAPI/article.html But it's basically useless because it doesn't tell you HOW to do anything. For the Installation section, it tells you to download EclipseLink and gives you a link to the download page, but doesn't tell you what to do with it after you download. The download page doesn't either. I used the "Install new software" option in Eclipse to install EclipseLink into Eclipse, but it gave me like 4 different options, none of which are explained anywhere. It gave me options JPA, MOXy, SDO, etc, but I don't know which one I need. I just installed them all. Everything on the web assumes you are already a Java guru and things that are second nature to Java devs are never explained, so it's very frustrating for someone trying to learn. So how do I install and USE EclipseLink in my project and what do I need to do to connect it to a Microsoft SQL server? Again, I am new to all of this so I have no clue what to do. Thanks for the help.

    Read the article

  • Parsing "true" and "false" using Boost.Spirit.Lex and Boost.Spirit.Qi

    - by Andrew Ross
    As the first stage of a larger grammar using Boost.Spirit I'm trying to parse "true" and "false" to produce the corresponding bool values, true and false. I'm using Spirit.Lex to tokenize the input and have a working implementation for integer and floating point literals (including those expressed in a relaxed scientific notation), exposing int and float attributes. Token definitions #include <boost/spirit/include/lex_lexertl.hpp> namespace lex = boost::spirit::lex; typedef boost::mpl::vector<int, float, bool> token_value_type; template <typename Lexer> struct basic_literal_tokens : lex::lexer<Lexer> { basic_literal_tokens() { this->self.add_pattern("INT", "[-+]?[0-9]+"); int_literal = "{INT}"; // To be lexed as a float a numeric literal must have a decimal point // or include an exponent, otherwise it will be considered an integer. float_literal = "{INT}(((\\.[0-9]+)([eE]{INT})?)|([eE]{INT}))"; literal_true = "true"; literal_false = "false"; this->self = literal_true | literal_false | float_literal | int_literal; } lex::token_def<int> int_literal; lex::token_def<float> float_literal; lex::token_def<bool> literal_true, literal_false; }; Testing parsing of float literals My real implementation uses Boost.Test, but this is a self-contained example. #include <string> #include <iostream> #include <cmath> #include <cstdlib> #include <limits> bool parse_and_check_float(std::string const & input, float expected) { typedef std::string::const_iterator base_iterator_type; typedef lex::lexertl::token<base_iterator_type, token_value_type > token_type; typedef lex::lexertl::lexer<token_type> lexer_type; basic_literal_tokens<lexer_type> basic_literal_lexer; base_iterator_type input_iter(input.begin()); float actual; bool result = lex::tokenize_and_parse(input_iter, input.end(), basic_literal_lexer, basic_literal_lexer.float_literal, actual); return result && std::abs(expected - actual) < std::numeric_limits<float>::epsilon(); } int main(int argc, char *argv[]) { if (parse_and_check_float("+31.4e-1", 3.14)) { return EXIT_SUCCESS; } else { return EXIT_FAILURE; } } Parsing "true" and "false" My problem is when trying to parse "true" and "false". This is the test code I'm using (after removing the Boost.Test parts): bool parse_and_check_bool(std::string const & input, bool expected) { typedef std::string::const_iterator base_iterator_type; typedef lex::lexertl::token<base_iterator_type, token_value_type > token_type; typedef lex::lexertl::lexer<token_type> lexer_type; basic_literal_tokens<lexer_type> basic_literal_lexer; base_iterator_type input_iter(input.begin()); bool actual; lex::token_def<bool> parser = expected ? basic_literal_lexer.literal_true : basic_literal_lexer.literal_false; bool result = lex::tokenize_and_parse(input_iter, input.end(), basic_literal_lexer, parser, actual); return result && actual == expected; } but compilation fails with: boost/spirit/home/qi/detail/assign_to.hpp: In function ‘void boost::spirit::traits::assign_to(const Iterator&, const Iterator&, Attribute&) [with Iterator = __gnu_cxx::__normal_iterator<const char*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > >, Attribute = bool]’: boost/spirit/home/lex/lexer/lexertl/token.hpp:434: instantiated from ‘static void boost::spirit::traits::assign_to_attribute_from_value<Attribute, boost::spirit::lex::lexertl::token<Iterator, AttributeTypes, HasState>, void>::call(const boost::spirit::lex::lexertl::token<Iterator, AttributeTypes, HasState>&, Attribute&) [with Attribute = bool, Iterator = __gnu_cxx::__normal_iterator<const char*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > >, AttributeTypes = boost::mpl::vector<int, float, bool, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na, mpl_::na>, HasState = mpl_::bool_<true>]’ ... backtrace of instantiation points .... boost/spirit/home/qi/detail/assign_to.hpp:79: error: no matching function for call to ‘boost::spirit::traits::assign_to_attribute_from_iterators<bool, __gnu_cxx::__normal_iterator<const char*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > >, void>::call(const __gnu_cxx::__normal_iterator<const char*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > >&, const __gnu_cxx::__normal_iterator<const char*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > >&, bool&)’ boost/spirit/home/qi/detail/construct.hpp:64: note: candidates are: static void boost::spirit::traits::assign_to_attribute_from_iterators<bool, Iterator, void>::call(const Iterator&, const Iterator&, char&) [with Iterator = __gnu_cxx::__normal_iterator<const char*, std::basic_string<char, std::char_traits<char>, std::allocator<char> > >] My interpretation of this is that Spirit.Qi doesn't know how to convert a string to a bool - surely that's not the case? Has anyone else done this before? If so, how?

    Read the article

  • Jquery Toggle & passing data

    - by Ross
    I have created a toggle button with jquery but I need to pass my $id so it can execute the mysql in toggle_visibility.php. how do I pass my variable from my tag ? Yes $("a.toggleVisibility").toggle( function () { $(this).html("No"); }, function () { $.ajax({ type: "POST", url: "toggle_visibility.php", data: "id", success: function(msg){ alert( "Data Saved: " + msg ); } }); $(this).html("Yes"); } );

    Read the article

  • Force File Reload Before Build

    - by Byron Ross
    We have a tool that generates some code (.cs) files that are used to build the project. The tool is run during the pre-build step, but the files are updated in the solution only after the build, which means the build needs to be performed twice to clear the errors after a change to the input. Example: Modify Tool Input File Run Build Tool Runs and changes source file Build Fails Run Build Tool Runs and changes source file (but it doesn's actually change, because the input remains the same) Build Succeeds Any ideas how we can do away with the double build, and still let our tool be run from VS? Thanks guys!

    Read the article

  • Is there a way to chain multiple value converters in XAML?

    - by Mal Ross
    I've got a situation in which I need to show an integer value, bound to a property on my data context, after putting it through two separate conversions: Reverse the value within a range (e.g. range is 1 to 100; value in datacontext is 90; user sees value of 10) convert the number to a string I realise I could do both steps by creating my own converter (that implements IValueConverter). However, I've already got a separate value converter that does just the first step, and the second step is covered by Int32Converter. Is there a way I can chain these two existing classes in XAML without having to create a further class that aggregates them? If I need to clarify any of this, please let me know. :) Thanks.

    Read the article

  • Controlling the Mc's of a loaded SWF

    - by Ross
    I have a controller.swf which loads an external swf into a movieclip. news_mc = loadEvent.currentTarget.content as MovieClip; the swf is called "news.swf" and has a movieclip on the maintimeline, frame 1 called "sb". I have tried everything to access this such as mews_mc.sb.alpha = 0; but nothing works?

    Read the article

  • How to list TODO: in Ant build output

    - by C. Ross
    Related: How to use ant to check for tags (TODO: etc) in java source How can I get ant to list TODO: tags found in my code in the build output when I run it. I would like build failure to be optional (ie: a setting) if they are found. I've tried Checkstyle as suggested in the related post, but it doesn't display the text of the TODO:. IE: [checkstyle] .../src/Game.java:36: warning: Comment matches to-do format 'TODO:'. [checkstyle] .../src/Game.java:41: warning: Comment matches to-do format 'TODO:'. [checkstyle] .../src/GameThread.java:25: warning: Comment matches to-do format 'TODO:'. [checkstyle] .../src/GameThread.java:30: warning: Comment matches to-do format 'TODO:'. [checkstyle] .../src/GameThread.java:44: warning: Comment matches to-do format 'TODO:'.

    Read the article

  • String Seach Replace AS3

    - by Ross
    I have a bit of text "this is the text want I want to do is replace the text, I have just added another is for good measure" This is stored as a standard string but I want to turn this into html and add css classes like, in this example wrapping around the word "is"; "this is the text want I want to do is replace the text, I have just added another is for good measure" Any ideas how I can do this in as3?

    Read the article

  • Debugging nth-child selector

    - by Ross
    I have the following selectors: .progress:nth-child(3n+1) { background: teal; } .progress:nth-child(3n+2) { background: red; } .progress:nth-child(3n+3) { background: blue; } However all of the items end up with a teal background. Are these selectors correct? I'm thinking I should get: Teal (every 3, starting with 1) Red (every 3, starting with 2) Blue (every 3, starting with 3) etc. I've tested on Firefox 3.5.8 and Opera 10.10 on Ubuntu. Also tested with nothing but these rules in the CSS. I'm using the YUI Reset stylesheet but excluding it does nothing.

    Read the article

  • SQL Reporting Services Daylight saving time query (pt 2)

    - by ross-starkey
    I posted a question a couple of days ago (SQL Reporting Services Daylight saving time query) which was I received an answer for (thanks very much) but did not elaborate on the whole problem I am experiencing. Not only did I require the returned date time format to account for day light saving but I also need the search parameter @StartDate to allow for DST. Currently if I key in a scheduled start time of 31/03/2010 11:00 and because the SQL DB has already taken the hours difference into consideration I get no results back. If I key in 31/03/2010 10:00 then the correct details are returned. Is there away using T-SQL or the like to get the search parameter to pass the adjusted time to the DB?

    Read the article

  • FTP in NetBeans 6.1

    - by Ross
    Is there an FTP browser hiding away in NetBeans 6.1? The help manual doesn't even suggest FTP exists. All I've been able to find so far is a tree viewer in the Services panel (no edit controls) and the ability to upload projects, folders and specific files from the Projects/Files views. Is there anywhere to delete or rename or will I have to keep switching back to my browser? I can see from the previews that there's a nice FTP controller in 6.5 but I'm not desperate enough to completely convert to a beta (yet).

    Read the article

  • Algorithm to generate a list of unique combinations based on a list of numbers

    - by ross
    I would like to efficiently generate a unique list of combinations of numbers based on a starting list of numbers. example start list = [1,2,3,4,5] but the algorithm should work for [1,2,3...n] result = [1],[2],[3],[4],[5] [1,2],[1,3],[1,4],[1,5] [1,2,3],[1,2,4],[1,2,5] [1,3,4],[1,3,5],[1,4,5] [2,3],[2,4],[2,5] [2,3,4],[2,3,5] [3,4],[3,5] [3,4,5] [4,5] Note. I don't want duplicate combinations, although I could live with them, eg in the above example I don't really need the combination [1,3,2] because it already present as [1,2,3]

    Read the article

  • Ideas for a rudimentary software licensing implementation

    - by Ross
    I'm trying to decide how to implement a very basic licensing solution for some software I wrote. The software will run on my (hypothetical) clients' machines, with the idea being that the software will immediately quit (with a friendly message) if the client is running it on greater-than-n machines (n being the number of licenses they have purchased). Additionally, the clients are non-tech-savvy to the point where "basic" is good enough. Here is my current design, but given that I have little to no experience in the topic, I wanted to ask SO before I started any development on it: A remote server hosts a MySQL database with a table containing two columns: client-key and license quantity The client-side application connects to the MySQL database on startup, offering it's client-key that I've put into a properties file packaged into the distribution (I would create a new distribution for each new client) Chances are, I'll need a second table to store validation history, so that with some short logic, the software can decide if it can be run on a given machine (maybe a sliding window of n machines using the software per 24 hours) If the software cannot establish a connection to the MySQL database, or decides that it's over the n allowed machines per day, it closes The connection info for the remote server hosting the MySQL database should be hard-coded into the app? (That sounds like a bad idea, but otherwise they could point it to some other always-validates-to-success server) I think that about covers my initial design. The intent being that while it certainly isn't full-proof, I think I've made it at least somewhat difficult to create an easily-sharable cracking solution. Also, I can easily adjust the license amount for a given client/key pair. I gotta figure this has been done a million times before, so tell me about a better solution that's just as simple to implement and provides the same (low) amount of security. In the event that external libraries are used, I prefer Java, as that's what the software has been written in.

    Read the article

  • Getting a summary of comments in Jira

    - by Ross Alexander
    I currently maintain a Jira system at work and I have been tasked with a rather strange request which is too find a way of 'making a summary of a comment'. In the ideal situation this would allow a user to write a comment and a quick summary however I doubt this is something available in Jira / something that is feasible. Alternatively a summary of all comments would be nice that will allow our technical writers a way to clarify fixes through the information in the comments. If any one out there has ANY suggestions or ideas on this they are most welcome :) Sorry if this question is slightly general but I cannot find any thing that remotely helps on google, wondering if any Jira experts can push me in the right direction. Thanks

    Read the article

  • Why is the value of this string, in a bash script, being executing?

    - by Ross
    Hello Why is this script executing the string in the if statement: #!/bin/bash FILES="*" STRING='' for f in $FILES do if ["$STRING" = ""] then echo first STRING='hello' else STRING="$STRING hello" fi done echo $STRING when run it with sh script.sh outputs: first lesscd.sh: line 7: [hello: command not found lesscd.sh: line 7: [hello hello: command not found lesscd.sh: line 7: [hello hello hello: command not found lesscd.sh: line 7: [hello hello hello hello: command not found lesscd.sh: line 7: [hello hello hello hello hello: command not found hello hello hello hello hello hello p.s. first attempt at a shell script thanks

    Read the article

  • How can you tell if an HTML dropdown is displaying the list of options

    - by Ross Goddard
    Is there a way to determine if a given drop down is currently active and displaying it's list of options? I am currently binding to the mousedown event of the dropdown and populating the options when the user clicks on it. Unfortunately the mousedown event fires when the user selects the option as well. If I can determine if the drop down is already displaying it's options, then I can skip populating the options.

    Read the article

< Previous Page | 3 4 5 6 7 8 9 10 11 12  | Next Page >