|
I am measuring a string with the following code. The output string by no choice of mine is measured as 14 pt and I need to know some type of equivalent to that in em.
Dim stringSize As New SizeF
Dim g As Graphics
Using myFont As New Font("Courier", 1)
Using myBitmap As New Bitmap(1, 1)
g = Graphics.FromImage(myBitmap)
stringSize = g.MeasureString(outputString), myFont)
End Using
End Using Does anyone know of a solution here? The only equivalency I can find between em and other font measurements was a site that said a font size of 10 px would be 1 em and 11 would be 1.1 and so on.
CleaKO
"Now, a man would have opened both gates, driven through and not bothered to close either gate." - Marc Clifton (The Lounge)
|
|
|
|
|
Hi,
try the function "TextRenderer.DrawText" that returns the measure in pixels.
Hope this helps.
ADVANSIS
Peace!
|
|
|
|
|
Hi,
I have Three column in report A, B ,C the column C = A+b
I used formula
I need summrized column C in footer repoty when I used sum function appear this message
This field cannot be summarized
pls help me?
|
|
|
|
|
hi,
check whether datatype of Column A or Column B is numeric or not. I think Both A and B is not numeric
Rupesh Kumar Swami
Software Engineer,
Integrated Solution,
Bikaner (India)
|
|
|
|
|
Anyone knows how to set media format when ripping CD? e.i. WMA, MP3...
and also the bitrate?
Thanks.
|
|
|
|
|
can i insert the single quotes programatically into the database.
|
|
|
|
|
Hi,
Yes u can add quotes just by replacing single quote with double quote. Replacing will add only single quote in database.
Example:
strName=Xyz's
"Insert into table1(Name) Values('" & Replace(strName,"'","''") & "')"
Regards
Ali Raza
|
|
|
|
|
|
While the previous poster did answer your question the result is very poor and potentially dangerous advice.
That way SQL Injection Attacks lay. Please read SQL Injection Attacks and Tips on How To Prevent Them[^] and then change your code to use parameterised queries rather than string substitution.
|
|
|
|
|
That way SQL Injection Attacks lay - While you did answer the OP's question, the better answer would have been to replace string injection with parameterised queries. That way you don't have to worry about apostrophes in the data and you help prevent SQL Injection Attacks.
Please read SQL Injection Attacks and Tips on How to Prevent Them[^]
|
|
|
|
|
yes, you can.
try following format
str="insert into table1 values (" & """" & var1 & """" & ")"
where var1 may contain single & double quotes.
hope this helps
Rupesh Kumar Swami
Software Engineer,
Integrated Solution,
Bikaner (India)
|
|
|
|
|
|
Not another one. Please please please! Will people please learn about SQL Injection Attacks!
If you see someone asking a question like this again the best course is to guide them towards parameterised queries as it helps prevent SQL Injection Attacks. Any answer that still involved injecting data in to a SQL String is potentially dangerous.
Please read SQL Injection Attacks and Tips on How to Prevent Them[^]
|
|
|
|
|
Yes, you don't want an angry Scot after you!
__________________
Bob is my homeboy.
|
|
|
|
|
"If it's not Scottish - It's CR****P!"
|
|
|
|
|
Dave Kreskowiak wrote: "If it's not Scottish - It's CR****P!"
Gaun yersel there, Big Yin.
|
|
|
|
|
Colin Angus Mackay wrote: Gaun yersel there, Big Yin.
It took me a minute to figure that one out! Thank you!
|
|
|
|
|
Colin Angus Mackay wrote: Please please please! Will people please learn about SQL Injection Attacks!
No kidding...
|
|
|
|
|
I think that you should read what you are linking to yourself.
If the values are encoded correctly, there is no problem with concatenating string to create an SQL query. It's only if you do it wrong that the code is subject to SQL injections.
Doing it right is not trivial, though, and the methods presented in this thread is for example not at all suitable if you are using an MySQL database. To encode a string for MySQL you would instead replace "\" with "\\", then replace "'" with "\'".
So, using parameterised queries is good advice. It's not, however, the only way to protect the code against SQL injections.
---
single minded; short sighted; long gone;
|
|
|
|
|
Hi,
I don't know if could exist other problems, but I've resolved the problem doubling the apostrophes:
str="INSERT INTO Table1 VALUES(" & Replace(Var1,"'","''") & ")"
In this way, SQL injection by writing apostrophes is not possible (or it is anyway ?)
Peace!
|
|
|
|
|
But you are still injecting values into the SQL command. If you are injecting values in to the SQL command then attacks are possible. That's why it is called a SQL injection attack.
|
|
|
|
|
It isn't that hard to add in code to prevent the injection attacks, if I may add
|
|
|
|
|
How to add an event to Runtime Controls(TextBox) in vb6
Iam using VB6. During Form_Load iam creating textbox dynamically.
I want to add a event for the textbox.
Please tell me...
Thanks & Regards
Kumaran
|
|
|
|
|
I guess you have to take help of API's for that , as VB6 don't have any such provision provided for Events
Thanks & Wishes
Navneet Hegde
Nashik
Develop2Program & Program2Develop
|
|
|
|
|