|
thanks christian i'll try what you suggested
|
|
|
|
|
Christian Graus wrote:
string.Format("SELECT studno, studlastname, studfirstname, studmiddlename FROM students WHERE(studno = {0}", nStudNo)
Christian, I expected better of you! You might want to ready my article on SQL Injection Attacks and Tips on How to Prevent Them[^]
Access does support parameterised queries, if not Stored Procedures.
[EDIT]
Actually, given that nStudNo is most likely an integer type then it is unlikely to be a viable target for an injection attack - but getting into the habit not inserting values like this means just not having to second guess what is going to open up a security hole and what is not.
[/EDIT]
My: Blog | Photos | Next SQL Presentation
WDevs.com - Open Source Code Hosting, Blogs, FTP, Mail and More
|
|
|
|
|
Colin Angus Mackay wrote:
Actually, given that nStudNo is most likely an integer type then it is unlikely to be a viable target for an injection attack
Yeah, I was coming back to make that point You're right though, I should have pointed out that such an approach is open to injection attacks generally, even though mentally I noted it didn't matter in this case. Certainly, any string that gets passed into SQL in my code would first be cleansed to protect against such an attack.
Colin Angus Mackay wrote:
Access does support parameterised queries, if not Stored Procedures.
That must be what he was trying to call, I have no idea about access, I think it's crap.
Christian Graus - Microsoft MVP - C++
|
|
|
|
|
<id>4054
<r>255
<g>249
232
this is my XML file.so i need to add some data like
R=45
G=69
B=123
to this XML File through vb.net
how can i do this task.
suis
|
|
|
|
|
LOL - I take it the tags are <R> <G> and <B>, given that you didn't check 'Do not treat <'s as HTML tags' and so they were turned into HTML.
Why are you turning an image into a HTML file ?
The web abounds with examples on how to do this, you really should look for yourself before asking.
Christian Graus - Microsoft MVP - C++
|
|
|
|
|
<id>4054
<r>255
<g>249
232
this is my XML file.so i need to add some data like
R=45
G=69
B=123
to this XML File through vb.net
how can i do this task.
suis
|
|
|
|
|
I'm porting a VC++ (6.0) function i wrote into VB - VBA code in my MS Access database.
My question is how can i preserve the precision of variables in VB? (I'm not very familiar with VB and the differences in types between VB and VC++).
Example:
#define MY_PI (3.1415926535897932384626433832795)<br />
#define MY_2PI (MY_PI*2.0)<br />
#define MY_DEG_TO_RADS (MY_PI / 180.0)<br />
#define MY_RADS_TO_DEG (180.0 / MY_PI)
then when I do similiar in VB
'VB - VBA code<br />
Public Const VB_PI As Double = (3.1415926535897932384626433832795)<br />
... it get shortend automatically to
<br />
Public Const VB_PI As Double = (3.1415926535897)<br />
For now, I'm only concerned with converting between Degrees <-> Radians, but the difference in precision is still a concern.
Thanks,
Johnny
|
|
|
|
|
Use Decimal instead of Double
// TODO: Write code.
|
|
|
|
|
You didn't get that kind of precision in C++. The C++ Reference says that only 15 digits of signifigance are maintained around the decimal point, using a 1-bit sign, 11-bit exponent, and a 52-bit mantissa. So in effect, your statements are identical. VC6 just didn't go back and drop the numbers that weren't being used.
The Double type in VBA is the same as the Double type in C++.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Thanks all for the info/help. I needed some verification on this from the experts.
Johnny
|
|
|
|
|
i m doing an ASP.NET Web Application...i would like to know how to use regular expressions for validating phone no, email id, date...etc..
please give an example
|
|
|
|
|
|
Hi,
I want to copy from .txt/.doc to clipboard .
How can i do this?.
Plz help me.
Thanks in advance,
Nisha
|
|
|
|
|
Hi,
Any thing has been avail in MSDN website. Goto there!!!
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/vbcon98/html/vbconcuttingcopyingpasting.asp
bye by
Somasundar R
|
|
|
|
|
just anybody know that how to store a .GIF images to a ms access database ?
suis
|
|
|
|
|
You can serialise an image in any format ( jpg, raw, gif, etc ), and get it as a stream of bytes. You can get that stream from your DB and use it to rebuild the GIF.
Christian Graus - Microsoft MVP - C++
|
|
|
|
|
I need help with the arrays and this is what i have done.
First i need to declare and initialize a procedure-level-one array named decRates that has five elements: 6.5,8.3,4,2,10.5.
Dim decRate() As Decimal= {6.5,8.3,4,2,10.5}
Dim decElement As Decimal
Now i need to display the arrays in the lblRate using For.. Next and also Do Loop
For Each decElement In decRate
Me.lblRate.Text= Me.lblRate.Text & decElement & ControlChars.NewLine
Next decElement
Can someone help me with the Do... Loop statement?
How do i also calculate the average of the numbers?
I hope that someone can help me!
|
|
|
|
|
Sounds like homework to me. At least you already started.
I think DoLoop is inadequate here. Nevertheless it could look like this:
Dim i As Integer
Do
Me.lblRate.Text = Me.lblRate.Text & decRate(i) & ControlChars.NewLine
i = i + 1
If i > decRate.Length - 1 Then
Exit Do
End If
Loop
To calculate the average just sum up all numbers and divide through the number of elements:
Dim sum As Decimal = 0
For Each decElement In decRate
sum = sum + decElement
Next decElement
Me.lblAverage.Text = sum / decRate.Length
|
|
|
|
|
Thanks for ur help Robert!
|
|
|
|
|
i m making an application in wich i need to send mail
can anyone plz help me
remember there is no namespace "system.web" and there is no class smtpmailmessage in vb.net
plz help
a code will be more helpful
|
|
|
|
|
System.Web.Mail.SmtpMail.Send is what you need. What do you mean there is no System.Web namespace ? Of course there is.
Christian Graus - Microsoft MVP - C++
|
|
|
|
|
this i valid namespace in c# but in vb.net there is no namespace with this name.
u can try it out
|
|
|
|
|
You're very mistaken. All you have to do is add a Reference to the System.Web .DLL and the namespace will work. C# has to do the exact same thing. As a matter of fact, ALL the managed languages under .NET have to do this to get access to the System.Web namespace.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
where should i browse that dll?
i need to add refrence but i cant locate that file
|
|
|
|
|
You don't have to locate the file. Just right-click the References folder, then click on Add Reference. When the dialog shows up, it'll list, on the .NET tab, all the .NET components in the GAC. Scroll down the list and you'll find System.Web.dll. Double-click it, then click OK. You can then use the Imports statement to import the namespaces you need.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|