Search Results

Search found 33585 results on 1344 pages for 'sql execution plan'.

Page 99/1344 | < Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106  | Next Page >

  • SQL Injection on INSERT

    - by freddy
    Hi, I'm currently testing Vulnerabiltys to SQL Injections for my companys application as an it-trainee. So I found, that the application is indeed vulnerable to injections because I can alter some of the insert statements. So I altered the insert Statement to this: INSERT INTO tablename( column, column1, column2, column3, column4,column5, column6, column7, column8 ) VALUES ( 10965972, 185796154, 25, 23,2023, '', CURRENT_DATE, 'v0201100', 18); DELETE * FROM tablename;-- , 2023,'a', CURRENT_DATE, 'v0201100', 18 ) I thought this should be a correct statement, but the MySQL Server returned this Error: MySQL Error: 1064 (You have an error in your SQL syntax;[...] Would be nice if somebody could help and tell my why the syntax is wrong... Thanks for your help :-)

    Read the article

  • connecting c# to sql-server

    - by every_answer_gets_a_point
    i am using this example to connect c# to sql server. can you please tell me what i have to include in order to be able to use sqlconnection? it must be something like: using Sqlconnection; ??? string connectionString = @"Data Source=.\SQLEXPRESS;AttachDbFilename=""C:\SQL Server 2000 Sample Databases\NORTHWND.MDF"";Integrated Security=True;Connect Timeout=30;User Instance=True"; SqlConnection sqlCon = new SqlConnection(connectionString); sqlCon.Open(); string commandString = "SELECT * FROM Customers"; SqlCommand sqlCmd = new SqlCommand(commandString, sqlCon); SqlDataReader dataReader = sqlCmd.ExecuteReader(); while (dataReader.Read()) { Console.WriteLine(String.Format("{0} {1}", dataReader["CompanyName"], dataReader["ContactName"])); } dataReader.Close(); sqlCon.Close();

    Read the article

  • How to migrate large amounts of data from old database to new

    - by adam0101
    I need to move a huge amount of data from a couple tables in an old database to a couple different tables in a new database. The databases are SQL Server 2005 and are on the same box and sql server instance. I was told that if I try to do it all in one shot that the transaction log would fill up. Is there a way to disable the transaction log per table? If not, what is a good method for doing this? Would a cursor do it? This is just a one-time conversion.

    Read the article

  • Jquery validation does not stop execution of "code behind" code of asp.net button

    - by shahk26
    Hi, I have a asp.net button which has click event which basically adds data into datbase. I also have a radiobuttonlist(i.e Approve / Decline) and a textbox. If user selects decline, the textbox becomes visible. I want to run validation that when user clicks on submit button, if the decline is selected then the textbox can not blank. I have used jquery validation for that. when I click button, the message apppears next to textbox that the field is required but it does not stop the execution of code behind. i.e.It adds data into database. Here is my code. <script type="text/javascript" language="javascript"> $(function() { $('#declinediv').hide(); //////// var $radBtn = $("table.rblist input:radio"); $radBtn.click(function() { var $radChecked = $(':radio:checked'); var value = $radChecked.val(); if (value == 'Decline' || value == 'Approve') { if (value == 'Decline') $('#declinediv').show(); else $('#declinediv').hide(); } else { $('#declinediv').hide(); } }); ////////////////////////// $("#aspnetForm").validate({ rules: { <%=txtdeclinereason.UniqueID %>: { minlength: 2, required: true } }, messages: { <%=txtdeclinereason.UniqueID %>:{ required: "* Required Field *", minlength: "* Please enter atleast 2 characters *" } }, onsubmit: true }); ////////////////////////////////// $('#btnsubmit').click(function(evt){ var isValid = $("#aspnetForm").valid(); if (!isValid) { evt.preventDefault(); } }); }); function myredirect(v, m, f) { window.location.href = v; } </script> <table style="border: 1px black solid; text-align: center; vertical-align: middle" width="100%"> <tr> <td> <asp:RadioButtonList ID="rbtnlstapprover" runat="server" RepeatDirection="Horizontal" CssClass="rblist" DataTextField="username" DataValueField="emailaddress"> <asp:ListItem Text="Approve" Value="Approve" /> <asp:ListItem Text="Decline" Value="Decline" /> </asp:RadioButtonList> <asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ControlToValidate="rbtnlstapprover" Text="*" ErrorMessage="Please select atleast one Approver" ValidationGroup="approvalgroup" Display="Dynamic" /> </td> </tr> <tr> <td> <div id="declinediv"> <asp:TextBox ID="txtdeclinereason" runat="server" TextMode="MultiLine" Columns="80" Rows="5" /> </div> </td> </tr> <tr> <td> <asp:Button ID="btnsubmit" runat="server" Text="Submit" CssClass="RegularButton" CausesValidation="true" ValidationGroup="approvalgroup" OnClick="btnsubmit_Click" /> </td> </tr> </table> How do I stop the execution of code behind? Thanks for your help.

    Read the article

  • A column insert or update conflicts with a rule imposed by a previous CREATE RULE statement.

    - by Ronnie Chester Lynwood
    hello. im working on a online game. i got some problems with inserting new data to table. im getting 2010-4-8 2:14, *** 37000, 513, [Microsoft][ODBC SQL Server Driver][SQL Server]A column insert or update conflicts with a rule imposed by a previous CREATE RULE statement. The statement was terminated. The conflict occurred in database 'KN_online', table 'ACCOUNT_CHAR', column 'strAccountID'., 261 NationSelect*** this error in logs. what does this means? how can i fix this? i've tried to delete RULE for my DB but I'm unable to delete RULE. im getting the rule 'dbo.unallowedchars' cannot be dropped because it is bounded to one or more clumn. I set all permissions right but its still not working.. thanks..

    Read the article

  • Why won't this SQL CAST work?

    - by Kev
    I have a nvarchar(50) column in a SQL Server 2000 table defined as follows: TaskID nvarchar(50) NULL I need to fill this column with some random SQL Unique Identifiers (I am unable to change the column type to uniqueidentifier). I tried this: UPDATE TaskData SET TaskID = CAST(NEWID() AS nvarchar) but I got the following error: Msg 8115, Level 16, State 2, Line 1 Arithmetic overflow error converting expression to data type nvarchar. I also tried: UPDATE TaskData SET TaskID = CAST(NEWID() AS nvarchar(50)) but then got this error: Msg 8152, Level 16, State 6, Line 1 String or binary data would be truncated. I don't understand why this doesn't work but this does: DECLARE @TaskID nvarchar(50) SET @TaskID = CAST(NEW() AS nvarchar(50)) I also tried CONVERT(nvarchar, NEWID()) and CONVERT(nvarchar(50), NEWID()) but got the same errors.

    Read the article

  • SQL 2005 w/ C# optimal "Paging"

    - by David Murdoch
    When creating a record "grid" with custom paging what is the best/optimal way to query the total number of records as well as the records start-end using C#? SQL to return paged record set: SELECT Some, Columns, Here FROM ( SELECT ROW_NUMBER() OVER (ORDER BY Column ASC) AS RowId, * FROM Records WHERE (...) ) AS tbl WHERE ((RowId > @Offset) AND (RowId <= (@Offset + @PageSize)) ) SQL to count total number of records: SELECT COUNT(*) FROM Records WHERE (...) Right now, I make two trips to the server: one for getting the records, and the other for counting the total number of records. What is/are the best way(s) to combine these queries to avoid multiple DB trips?

    Read the article

  • Dynamic table design (common lookup table), need a nice query to get the values

    - by Swoosh
    sql2005 This is my simplified example: (in reality there are 40+ tables in here, I only showed 2) I got a table called tb_modules, with 3 columns (id, description, tablename as varchar): 1, UserType, tb_usertype 2, Religion, tb_religion (Last column is actually the name of a different table) I got an other table that looks like this: tb_value (columns:id, tb_modules_ID, usertype_OR_religion_ID) values: 1111, 1, 45 1112, 1, 55 1113, 2, 123 1114, 2, 234 so, I mean 45, 55, 123, 234 are usertype OR religion ID's (45, 55 usertype, 123, 234 religion ID`s) Don't judge, I didn't design the database Question How can I make a select, showing * from tb_value, plus one column That one column would be TITLE from the tb_usertype or RELIGIONNAME from the tb_religion table I would like to make a general thing. Was thinking initially about maybe a SQL function that returns a string, but I think I would need dynamic SQL, which is not ok in a function. Anyone a better idea ?

    Read the article

  • SQL Server 2008 - Search Query

    - by user208662
    Hello, I am not a SQL Expert. I’m trying to elegantly solve a query problem that others have had to have had. Surprisingly, Google is not returning anything that is helping. Basically, my application has a “search” box. This search field will allow a user to search for customers in the system. I have a table called “Customer” in my SQL Server 2008 database. This table is defined as follows: Customer UserName (nvarchar) FirstName (nvarchar) LastName (nvarchar) As you can imagine, my users will enter queries of varying cases and probably mis-spell the customer’s names regularly. How do I query my customer table and return the 25 results that are closest to their query? I have no idea how to do this ranking and consider the three fields listed in my table. Thank you!

    Read the article

  • SQL Server 2008 log size management problems

    - by b0x0rz
    I'm trying to shrink the log of a database AND set the recovery to simple, but always there is an error, whatever i try. USE 4_o5; GO ALTER DATABASE 4_o5 SET RECOVERY SIMPLE; GO DBCC SHRINKFILE (4_o5_log, 10); GO the output of sp_helpfile says that log file is located under (hosted solution): I:\dataroot\4_o5_log.LDF please help me perform this operation as the log file got large when importing a lot of data and now this info is no longer needed, have multiple (lots of) backups since then. the exact error message when performing the query above is: incorrect syntax near '4'. RECOVERY is not a recognized SET option. incorrect syntax near _5_log'. i am using visual studio 2010 (also have SQL Server Express installed locally, SQL Server 2008 proper installed at provider (shared)) thnx a lot

    Read the article

  • How to get the position of a record in a table (SQL Server)

    - by Peter Siegmann
    Following problem: I need to get the position of a record in the table. Let's say I have five record in the table: Name: john doe, ID: 1 Name: jane doe, ID: 2 Name: Frankie Boy, ID: 4 Name: Johnny, ID: 9 Now, "Frankie Boy" is in the third position in the table. But How to get this information from the SQL server? I could count IDs, but they are not reliable, Frankie has the ID 4, but is in the third position because the record with the ID '3' was deleted. Is there a way? I am aware of ROW_RANK but it would be costly, because I need to select basically the whole set first before I can rank row_rank them. I am using MS SQL Server 2008 R2.

    Read the article

  • @@TRANCOUNT and a current connection

    - by AspOnMyNet
    Assume I connect to SQL server 2008 via SQL Server Management Studio ( SSMS ) and open new window W1 by clicking on New Query tab and write the following inside W1: BEGIN TRANSACTION; If I execute this statement 5 times, and then write (inside W1) SELECT @@TRANCOUNT; , then the value returned will be 5. But if I open another window W2 ( inside the same SSMS instance and thus on the same connection ) and write inside W2 SELECT @@TRANCOUNT; then value returned will be 0. @@TRANCOUNT variable returns the number of active transactions for the current connection. Both W1 and W2 windows were opened on the same connection, so shouldn’t ( according to the above quote ) in both W1 and W2 variable @@TRANCOUNT hold the same value? thanx

    Read the article

  • "Cleanly" Deploying an ASP.NET Application with LINQ to SQL Server

    - by Bob Kaufman
    In my development environment, my SQL Server is PHILIP\SQLEXPRESS. In testing, it's ANNIE, and the live environment will have a third name yet to be determined. I would have assumed that updating the following statement in web.config would have been enough: <add name="MyConnectionString"providerName="System.Data.SqlClient" connectionString="Data Source=PHILIP\SQLEXPRESS;Initial Catalog=MyDtabase;Integrated Security=True" /> When using SqlConnection, SqlCommand, SqlDataReader and friends, that's all it took. Using LINQ, it doesn't seem to work that nicely. I see the servername repeated in my .dbml file as well as in Settings.settings. After changing it in all of those places, I get it to work. However if I'm doing a few deployments per day during testing, I want to avoid this regimen. My question is: is there a programmatic solution for LINQ to SQL that will allow me to specify the connection string once, preferably in web.config, and get everybody else to refer to it?

    Read the article

  • Why does SQL Server keep throwing exceptions?

    - by Augusto Càzares
    I have my project in .NET that uses a database in SQL Server. I'm using Linq-to-SQL, sometimes when the project throws me an exception (Constraint) in a part of the project this same error keeps showing in other part of the project when I do another thing with the database. Like when I do an insertion and I had before an exception on delete the insertion throws me the delete exception, and it remains this way until I close and open again the project. My major problem is when this happen in my online project, this error in my project causes me problems in the project I'm testing online (I use the same database). I don't know if this exception is on the memory or something but its have been causing me a lot of headaches.

    Read the article

  • How can I load a sql "dump" file into sql alchemy

    - by JudoWill
    I have a large sql dump file ... with multiple CREATE TABLE and INSERT INTO statements. Is there any way to load these all into a SQLAlchemy sqlite database at once. I plan to use the introspected ORM from sqlsoup after I've created the tables. However, when I use the engine.execute() method it complains: sqlite3.Warning: You can only execute one statement at a time. Is there a way to work around this issue. Perhaps splitting the file with a regexp or some kind of parser, but I don't know enough SQL to get all of the cases for the regexp. Any help would be greatly appreciated. Will EDIT: Since this seems important ... The dump file was created with a MySQL database and so it has quite a few commands/syntax that sqlite3 does not understand correctly.

    Read the article

  • Export products and variants from SQL Server

    - by mickyjtwin
    I have a SQL Server DB that has a table of products, and another table which contains a list of the sku variants of each product if it has one. I want to export all the products and their SKU's into excel. At the moment, I have a helper SQL function which performs the subquery against a product_id and concatenates all the SKU's into a comma-delimited string, e.g: Product Code, Name, SKUs 111 P1 77, 22, 11 Is there an easier way to do this, so that each SKU is a row which the associated product code as well, i.e: Product Code, Name, SKUs 111 P1 77 111 P1 22 111 P1 11

    Read the article

  • Raw SQL sent to SQL Server from .NET on stored procedure call

    - by Jeff Meatball Yang
    Is there a way to get the raw text that is sent to SQL Server, as seen in SQL Profiler, from the ADO.NET call? using(SqlConnection conn = new SqlConnection(connString)) { SqlCommand cmd = conn.CreateCommand(); cmd.CommandType = CommandType.StoredProcedure; cmd.CommandText = "GetSomeData"; cmd.Parameters.Add("@id").Value = someId; cmd.Parameters.Add("@someOtherParam").Value = "hello"; conn.Open(); SqlDataReader dr = cmd.ExecuteReader(); // this sends up the call: exec GetSomeData @id=24, @someOtherParam='hello' // how can I capture that and write it to debug? Debug.Write("exec GetSomeData @id=24, @someOtherParam='hello'"); }

    Read the article

  • What is the preferred sql server column definition to use for a LINQ to SQL Version property?

    - by Mike Two
    We are using the IsVersion property on the ColumnAttribute on a property in a LINQ to SQL class for optimistic concurrency checks. What should the column definition be in the database? Currently we are using version_number int NOT NULL IDENTITY (1, 1) Do we need Identity? Can we get LINQ to SQL to update the version number for us? The only issue with Identity is that every row has a different number. We'd like to see the number increment by 1 when the row is updated.

    Read the article

  • Why prefix sql function names?

    - by AaronLS
    What is a scenario that exemplifies a good reason to use prefixes, such as fn_GetName, on function names in SQL Server? It would seem that it would be unnecessary since usually the context of its usage would make it clear that it's a function. I have not used any other language that has ever needed prefixes on functions, and I can't think of a good scenario that would show why SQL is any different. My only thinking is that perhaps in older IDE's it was useful for grouping functions together when the database objects were all listed together, but modern IDE's already make it clear what is a function.

    Read the article

  • Storing DateTime (UTC) vs. storing DateTimeOffset

    - by Frederico
    I usually have an "interceptor" that right before reading/writing from/to the database does datetime conversion (from UTC to localtime, and from localtime to utc), so I can use DateTime.Now (derivations and comparisions) throughout the system without worrying about timezones. Regarding serialization and moving data between computers, there is no need to bother, as the datetime is always UTC. Should I continue storing my dates (SQL 2008 - datetime) in UTC format or should I instead store it using DateTimeOffset (SQL 2008 - datetimeoffset)? UTC Dates in the database (datetime type) have been working and known for so long, why change it? What are the advantages? I have already looked into articles like this one, but I'm not 100% convinced though. Any thoughts?

    Read the article

  • hash password in SQL Server (asp.net)

    - by ile
    Is this how hashed password stored in SQL Server should look like? This is function I use to hash password (I found it in some tutorial) public string EncryptPassword(string password) { //we use codepage 1252 because that is what sql server uses byte[] pwdBytes = Encoding.GetEncoding(1252).GetBytes(password); byte[] hashBytes = System.Security.Cryptography.MD5.Create().ComputeHash(pwdBytes); return Encoding.GetEncoding(1252).GetString(hashBytes); } EDIT I tried to use sha-1 and now strings seem to look like as they are suppose to: public string EncryptPassword(string password) { return FormsAuthentication.HashPasswordForStoringInConfigFile(password, "sha1"); } // example output: 39A43BDB7827112409EFED3473F804E9E01DB4A8 Result from the image above looks like broken string, but this sha-1 looks normal.... Will this be secure enough?

    Read the article

< Previous Page | 95 96 97 98 99 100 101 102 103 104 105 106  | Next Page >