|
The date controls may not expose the query to SQL Injection attacks but the pattern the OP used is indicative of the string concatenation pattern being used in all of his queries, which will be vulnerable.
The pattern is seen so commonly around here that M's response is a standard reaction to seeing the pattern.
|
|
|
|
|
Thanks!
I wouldn't be able to say it better.
|
|
|
|
|
Well...
I've updated my answer. Thanks for your valuable comment. As to my statement "your code is SqlInjection vulnerable" i believe that Dave's comment reflects on my point of view.
|
|
|
|
|
OK - I'm sorry if I came over a bit arsey... of course parametrised queries are the right approach. Nevertheless there are occasions when they are not necessary and it's just as easy to write the SQL directly, and personally I see little harm in that.
|
|
|
|
|
OK.
Cheers
Maciej
|
|
|
|
|
There's not really enough information here to help - but in general you can get a total either by using the SUM function in a SQL query
SELECT SUM(number_or_currency_field) FROM table_name WHERE etc or you can get the sum from your datagrid or grtidview either by adding the values in the appropriate cells after databinding, or adding them as you go in the rowdatabound event.
|
|
|
|
|
Dear all
By Excel VBA, how is it possible a button clicking into a Web page rendered by the new versions of FireFox (48+)?
Is there any javascript to be executed through an Excel VBA code?
Thanks in advance for any helps or suggestions on this issue.
Regards
E.C.
|
|
|
|
|
It depends on many factors...
|
|
|
|
|
Hi,
How can I find the current state of a listviewgroup?
What I found
Public Function GetgroupColapseState(groep As Integer) As Boolean
If Environment.OSVersion.Version.Major < 6 Then Return False
Dim GrpId As System.Nullable(Of Integer) = GetGroupID(Me.Groups(groep))
Dim statemask As Integer
<pre>
Dim nreturn As Integer = SendMessage(Handle, LVM_GETGROUPSTATE, groep, statemask)
End Function</pre>
is not working
LVM_FIRST = &H1000
LVM_GETGROUPSTATE = (LVM_FIRST + 92)
I want to not print the collapsed groups
Jan
|
|
|
|
|
Hi,
Is there nobody who can help.
Are all programmergeniusses on holyday?
Jan
|
|
|
|
|
SendMessage(IntPtr hWnd, int msg, int wParam, int lParam) , when msg = LVM_GETGROUPSTATE wil return a bit flag value expressing the group state of the group whose id = wParam. lParam contains a bit flag value expressing which group states are allowed.
So, first is to get something useful for these bit flag values. This enum can help:
<Flags()> _
Public Enum GroupState
LVGS_NORMAL = 0
LVGS_COLLAPSED = 1
LVGS_HIDDEN = 2
LVGS_NOHEADER = 4
LVGS_COLLAPSIBLE = 8
LVGS_FOCUSED = 16
LVGS_SELECTED = 32
LVGS_SUBSETED = 64
LVGS_SUBSETLINKFOCUSED = 128
LVGS_ALL = 65535
End Enum
(source: ObjectListView[^])
So, here are the points you could try:
- use GrpId.Value . This makes a big difference. If GetGroupId returns null, there is no point calling SendMessage.
- make stateMask a GroupState value, not a simple integer value, and give it a meaningful masking value (GroupState.LVGS_ALL for example).
- interpret the return value of SendMessage as a GroupState value.
In short:
Dim stateMask As GroupState = GroupState.LVGS_ALL
Dim GrpId As System.Nullable(Of Integer) = GetGroupID(Me.Groups(groep)
Dim result As GroupState
If (GrpId.HasValue)
result = (GroupState)SendMessage(Handle, LVM_GETGROUPSTATE, GrpId.Value, (int)stateMask)
End If
"I'm neither for nor against, on the contrary." John Middle
|
|
|
|
|
Thanks
this is the working result
Public Function GetgroupColapseState(ByVal lstvwgrp As ListViewGroup) As Boolean
If Environment.OSVersion.Version.Major < 6 Then Return False
Dim GrpId As System.Nullable(Of Integer) = GetGroupID(lstvwgrp)
Dim stateMask As ListViewGroupState = ListViewGroupState.all
If (GrpId.HasValue) Then
Dim result As ListViewGroupState = SendMessage(Handle, LVM_GETGROUPSTATE, GrpId.Value, stateMask)
Return (result And ListViewGroupState.Collapsed) = ListViewGroupState.Collapsed
End If
End Function
I wasn't giving as statemask
happy again
Jan
|
|
|
|
|
You are welcome.
"I'm neither for nor against, on the contrary." John Middle
|
|
|
|
|
if anyone can help create an organization chart in visual basic 6.0, I have 1 table and for relation there is parent
|
|
|
|
|
Switch to VB.NET and you will most likely find lots of helper classes.
|
|
|
|
|
Why on this earth are you starting new development work in VB6? It's been dead for quite a long time now.
Switch to VB.NET and you'll find the tool and support communities considerably larger than for VB6.
System.ItDidntWorkException: Something didn't work as expected.
C# - How to debug code[ ^].
Seriously, go read these articles.
Dave Kreskowiak
|
|
|
|
|
if anyone can help create an organization chart in visual basic 6.0, I have 1 table and for relation there is parent
|
|
|
|
|
connectionstring is not a member of sqliteconnection
|
|
|
|
|
Great. Thanks for the "heads up".
Now, did you have an actual question or a problem description, with a relevant code snippet or what?
System.ItDidntWorkException: Something didn't work as expected.
C# - How to debug code[ ^].
Seriously, go read these articles.
Dave Kreskowiak
|
|
|
|
|
It should be; ConnectionString is part of the IDbConnection which the SQLiteConnection implements. Perhaps it would be easier to see what went wrong if you show us some code.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
how to rectify class not support error in vb6 at win 7
|
|
|
|
|
Start with something from this century, this millenium.
Quote: Mainstream Support for Microsoft Visual Basic 6.0 ended on March 31, 2005. Extended support ended in March 2008.
|
|
|
|
|
Start by providing a clear and complete description of the problem. Include the complete error message, and the relevant parts of your code. Remember to indicate which line of code the error relates to.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
i m using this code to print crystal report with out priview ,Some Time Load Report Faild Error Show ,when i close and reopen application again report will printed,how can i resolve this error please guide me,my code is
<pre> Dim crtableLogoninfo As New TableLogOnInfo
Dim crConnectionInfo As New ConnectionInfo
Dim CrTables As Tables
Dim TableCounter
Dim crReportDocument As New ReportDocument
Dim crParameterDiscreteValue As ParameterDiscreteValue
Dim crParameterFieldDefinitions As ParameterFieldDefinitions
Dim crParameterFieldLocation As ParameterFieldDefinition
Dim crParameterValues As ParameterValues
Dim billno As New InfoGeneration
Dim sname As ConfigurationSettings
crReportDocument.Load(Application.StartupPath & "\Reports\rptsinv.rpt")
With crConnectionInfo
.ServerName = sname.AppSettings("servername")
.DatabaseName = sname.AppSettings("dbname")
.UserID = sname.AppSettings("username")
.Password = sname.AppSettings("password")
End With
CrTables = crReportDocument.Database.Tables
For Each CrTable In CrTables
crtableLogoninfo = CrTable.LogOnInfo
crtableLogoninfo.ConnectionInfo = crConnectionInfo
CrTable.ApplyLogOnInfo(crtableLogoninfo)
Next
crParameterFieldDefinitions = crReportDocument.DataDefinition.ParameterFields
crParameterFieldLocation = crParameterFieldDefinitions.Item("s_id")
crParameterValues = crParameterFieldLocation.CurrentValues
crParameterDiscreteValue = New CrystalDecisions.Shared.ParameterDiscreteValue
crParameterDiscreteValue.Value = txts_id.Text
crParameterValues.Add(crParameterDiscreteValue)
crParameterFieldLocation.ApplyCurrentValues(crParameterValues)
crReportDocument.PrintToPrinter(txtcopies.Text, False, 0, 0)
|
|
|
|
|
I need to be able to search through the data I have displayed in a datagrid view/textbox using the surname of a customer ( I have used Textfiles NOT SQL)
|
|
|
|