|
If you are having a problem with a specific article, you should contact the article author. However, from the way you've described the problem the article isn't all that great because it looks like there is the opportunity for SQL Injection Attacks to take place via the CSV file.
|
|
|
|
|
Hi friends,
I am working in .net 2005 and sql server 2000 use as back end.
My problem is how to insert jpeg file into database and how to retrieve it into .net form.
|
|
|
|
|
Store it into an image column. Information sent back and forth will be using byte arrays. You can obtain a byte array representation of an image from the Bitmap class, you can also instantiate an instance of a bitmap class using a byte array.
|
|
|
|
|
Hi All
What is actual use of inserted and deleted temporary system table in triggers in sql server2000?
what is the importance of using it?
Is there any kind of special situation where we need to use inserted and deleted temporary system table in sql server?
Thanks
monika
|
|
|
|
|
|
What is actual use of inserted and deleted temporary system table in triggers in sql server2000?
In trigger fired, you have to know what changes were made as part of the data modification. You can find this information in the inserted and deleted tables. For the AFTER trigger, these tables are actually views of the rows in the transaction log that were modified by the statement.
what is the importance of using it?
In case of Database Rollbacking....!!
Cheer
Pavan Pareta
|
|
|
|
|
Suppose i have a data table with 1 lakh records.My table have 25 columns. i want to search data table based on 10 columns. I may or may not provide input for 10 columns but i have to built query. How can i built query.
|
|
|
|
|
hi
you can also do this type
SELECT Column_1, Column_2, Column_3, Column_4, Column_5, Column_6, Column_7, Column_8, Column_9, Column_10 FROM tblName
Try
Pavan Pareta
|
|
|
|
|
can somebody throw some light on what data ware housing is.
|
|
|
|
|
|
Hi,
I am having problems logging into my reportserver on our 64bit sql server 2005, which runs on Windows 2003 server. It works 100%on the test machine, which is a 32bit normal WinXP pc, with sql server 2005 enterprise.
I noticed that if I browse to the reports (localhost/reports) on the 64bit machine via IE, I cant open the page - get "page cannot be displayed" error. I also get an error in the event log that says "Login failed for user 'NT AUTHORITY\SYSTEM'. [CLIENT: <local machine="">]". My Reporting Services Configuration tool says everything is ok, and working.
I am very new to reporting services, and dont know where to start debugging, or look for help.
|
|
|
|
|
Hi,
How can i concatenate two rows together? I have a table with id and three columns. I want to display all the colunms with same id in a row.
Original Table:
id column1 column2 column3
1 a b c
1 d e f
2 g h i
2 k l m
Desired Result:
id column1 column2 column3 column4 column5 column6
1 a b c d e f
2 g h i k l m
So rows are shifted up where ID is same. Is it possible to get this result through query? I'll very much appreciate any help.
Thanks
|
|
|
|
|
nobody is caring about this poor guys.
|
|
|
|
|
Maybe someone else has a better idea, but I can't think of a pretty way to do this. If the data is ALWAYS in two records, you could try something like:
select ids.id,
(select top 1 column1 from mytesttable t2 where t2.id = IDs.id order by column1) as column1,
(select top 1 column2 from mytesttable t2 where t2.id = IDs.id order by column1) as column2,
(select top 1 column3 from mytesttable t2 where t2.id = IDs.id order by column1) as column3,
(select top 1 column1 from mytesttable t2 where t2.id = IDs.id order by column1 desc) as column4,
(select top 1 column2 from mytesttable t2 where t2.id = IDs.id order by column1 desc) as column5,
(select top 1 column3 from mytesttable t2 where t2.id = IDs.id order by column1 desc) as column6
from (select distinct id from mytesttable) as IDs
Any other solution would probably involve a cursor and/or temporary table.
--EricDV Sig---------
Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them.
- Laurence J. Peters
|
|
|
|
|
Thank you for your solution. I have over 100 colunms in some of my tables so i guess using cursor and temp table would be the choice. Anyway, thanks for the idea.
|
|
|
|
|
Hi.
I use sql parameters every time i connect to a database, so it's about time i know the truth
Does SQL parameters block SQL injections 100%? and how is parameters different from normal SQL strings? (In the way it works)
|
|
|
|
|
|
Yes, i have read it, understand SQL injections and how to prevent it.
But is sql parameters really 100% secure, and how does it work? (does it put '' around the data input or/and does it have any checks against the attacks?)
|
|
|
|
|
|
Thanks for the link. Nice to know, but unfortunaly it does not answer my question.
|
|
|
|
|
Richard A. Abbott wrote: Also have a read of ...
http://www.securitypronews.com/news/securitynews/spn-45-20061019MaliciousCodeInjectionNotJustforSQLAnymore.html#resume[^]
Another article worth bookmarking
|
|
|
|
|
GentooBoxX wrote: is sql parameters really 100% secure, and how does it work?
As far as I know it is secure. I haven't run into any security breaches using SQL parameters. I pretty much stick to stored procedures. You may want to contact the author of the article I mentioned
Paul
|
|
|
|
|
I have never been able to execute an SQL injection attack on any on my applications that uses SQL parameters, but there is always someone better knowing out there
I will contact the author of the article you mentioned, did not even think of that for some weird reason.
|
|
|
|
|
GentooBoxX wrote: I have never been able to execute an SQL injection attack on any on my applications that uses SQL parameters, but there is always someone better knowing out there
Same here and I'd like to also know if it's 100% secure. I am for the time going with that until someone out there proves otherwise
|
|
|
|
|
Hi all.
I'm wondering if any of you would know of any articles and/or books regarding ways to keep track of who's been entering a particular record, modifying it, etc. I'm working on something right now that I would like to have something like it in place.
I can think of putting a couple of fields, last_modified_by and date_of_mod, into each table which see the need for tracking, but that seems clunky. It would work well enough for this project as only a few people will be using it and it's not very big but when I start getting into the bigger stuff, I'm sure that will break down.
So, if anybody knows of any good references, please, send it along.
Thanks,
Keith
|
|
|
|