|
Dear Friends,
I have a SQL Server 2000 database named test. The database has 2 files: 01 data file (test_Data.mdf) and 01 log file (test_Log.ldf). But the log file has been lost. Please help me on how to recover the database from the data file only.
Thank in advance.
|
|
|
|
|
I am doing some research and would like to know if any fellow DBAs out there or programmers support Best MS500 ERP at your organization.
Could you tell me :
1) Can you code it in a standard language such as VB or C?
2) How well do you like supporting it
3) Anything you can tell me in your experience supporting it which may be helpful. Good or Bad
|
|
|
|
|
I am a DBA doing some research and would like to know if any fellow DBAs/programmers out there or programmers support Syspro ERP at your organization.
Could you tell me
1) Can you code it in a standard language such as VB or C?
2) How well do you like supporting it
3) Anything you can tell me in your experience supporting it which may be helpful. Good or Bad
|
|
|
|
|
i've been developing a program for a customer for recipe editing. I am new to .NET dataaccess and am having a problem. I open the DBF file, export it to an xml file so i can edit it (cause i know how to do that). Then when i'm done i want to import it back into the database. I have this working except for it duplicates every record in the table. Any help would be greatly appreciated.
Thanks for your time,
Jamie Lindemann,
Lindemann Electric Services Inc.
|
|
|
|
|
Could use some more information.
Do you want to Update or Insert the information that you are sending back?
Do you have a check that would tell you if a file exists so that it does not get re-inserted?
How is the XML string constructed that you are sending back?
Could you post some of you procedure?
Thanks
Will
|
|
|
|
|
Hi,
I would like to update any information in the database. I don't have a check to see if the file is being re-inserted.
Thanks for your time,
Jamie Lindemann,
Lindemann Electric Services Inc.
|
|
|
|
|
I recently learned a web site ( http://www.Planet-Source-Code.com/vb/scripts/ShowCode.asp?txtCodeId=505&lngWId=5 ) contains a working solution which decrypts stored-procedures in a database.
Does anyone know how to protect their stored-procedure source-code against this? ( It is not possible to set any security options in the database because it is a user-controlled system -- only the stored-procedures have been protected using "with encryption" to stop prying eyes and fool-hardy users with thoughts of making-it-better.
Thanks for any help or insights on this one. I'm truly concerned.
The main things are the plain things, and the plain things are the main things.
|
|
|
|
|
For those who don't know, you can specify WITH ENCRYPTION as part of a CREATE PROCEDURE statement to hide the query text. However, SQL Server needs to be able to decrypt it to parse the text.
Firstly, the reason it works is that MS have used a simple form of encryption - using the XOR with a key in order to obscure the text. This can be strong if the key isn't known. However, this is easily broken if you can force it to reuse the same key to encrypt text you already know - you can then XOR the trojan ciphertext with the known plaintext to get the key, then XOR the key with the original ciphertext to get the original plaintext.
It appears that the key is a random string of data. SQL Server probably stores the seed for the random number generator so it doesn't have to store the same amount of key as it has procedure text. The decryption methods works because SQL Server uses the same key to encrypt an alteration to the procedure, i.e. when you use ALTER PROCEDURE.
This kind of encryption, known as a one-time-pad, is actually very strong, if it didn't use the same key it already had. It's called a one-time pad because you're only supposed to use the key one time.
Kalen Delaney, in Inside SQL Server 2000, mentions that before WITH ENCRYPTION was added (in version 6), developers set the text column of syscomments to NULL. This works (or, at least, worked) because SQL Server doesn't (or didn't) use the query text directly when compiling an execution plan, it uses a pre-parsed version. However, the structure of this parsed version changed between 4.2 and 6; the installer for version 6 tried to re-parse the original query to generate the new structure. WITH ENCRYPTION allows the text to be hidden but still be upgradable if required.
Trying this on SQL Server 2000 (i.e. UPDATE syscomments SET ctext = NULL WHERE id = object_id( @objname ) ) in the default configuration returns the message 'Ad hoc updates to system catalogs are not enabled. The system administrator must reconfigure SQL Server to allow this.' You can enable in Enterprise Manager: right-click the server, choose Properties, the Server Settings tab, and check 'Allow modifications to be made directly to the system catalogs'. Click OK.
Setting the ctext field to the empty string does work, if an execution plan has been cached. However, as soon as the cache is spilled, the server is restarted, or a dependency changes (perhaps an index's statistics change significantly) SQL Server can't rebuild it - it looks like it parses the query text every time. So this isn't an option either.
I'm going to send a message to security@microsoft.com about the reused one-time pad; hopefully they'll release a hotfix. You could raise a call with SQL Server or developer support.
|
|
|
|
|
Thank you very much for such a thoughtful response.
I will pursue giving the SQL Server team at Microsoft a support call and post my findings here.
|
|
|
|
|
Sorry, the correct link is: http://www.planet-source-code.com/URLSEO/vb/scripts/ShowCode!asp/txtCodeId!728/lngWid!5/anyname.htm
|
|
|
|
|
|
Here was the reponse to my inquiry at Bill's place ( slightly edited for brevity, clarity, and protection of innocent individuals
1. Protecting a stored procedure and making it totally non-decryptable is technically impossible.
2. The Encryption SQL-Server is offering is obfuscation through a feature called "encryption".
-- Possible solutions --
1. Use extended stored procedures in a DLL.
2. Protect your asset like other data products do: obfuscation ( like IBM, Oracle, and Microsoft offer ), or legal protection (copy write, patents, etc).
|
|
|
|
|
hi
do any body has any know how of 'iff function used with select statement' in sql server 2000. plz help me out of this problem i'll b gratefull
khattak
|
|
|
|
|
CASE WHEN condition THEN true-value ELSE false-value END
|
|
|
|
|
Hi, I have an oleDbAdapter which read data from visual fox tables into DataTable! But unfortunately the encoding is different (or something else), so I get strange characters (not all but a few). In general I must get this text in appropriate encoding so it looks laike a normal Latvian text!
Does anybody know some solutions?
thanx anyway
|
|
|
|
|
As all know we use paging when we want to a void return a larg set of records over network
so the question is
How i know in advance if the query will return many records or not?
so using paging or not.
I know i can put some logic in my application to prevent the user to run query which my return
many record like select all,.......
but i can't know in all cases
thanks in advance
|
|
|
|
|
What comes to my mind is doing 2 querys.
The first one with COUNT statement, so you'll know how many records will the query have.
The second, the query that'll return the records.
Paging ?
If your application is Web, ASP.NET DataGrid provides Paging functions. I've used them and they worked fine, but my query never returned more than 200 records.
Free your mind...
|
|
|
|
|
thanks guillermo
but i think that executing two query may add extra overload at the server
what do you see?
|
|
|
|
|
If the server performs the query on behalf of the client, it can check first to see how many records were returned in the query (using various means) and then decide if it should return the entire result set to the client. This also gives you central administration of such a threshold.
-----BEGIN GEEK CODE BLOCK-----
Version: 3.21
GCS/G/MU d- s: a- C++++ UL@ P++(+++) L+(--) E--- W+++ N++ o+ K? w++++ O- M(+) V? PS-- PE Y++ PGP++ t++@ 5 X+++ R+@ tv+ b(-)>b++ DI++++ D+ G e++>+++ h---* r+++ y+++
-----END GEEK CODE BLOCK-----
|
|
|
|
|
Yes there are 2 querys, but both you can make them both work on the same procedure, so it'll be so fast.
As both querys will reference the same table and use the same condition, when the second query executes, it'll be on the DB cache.
Free your mind...
|
|
|
|
|
|
I'm working on an ASP.NET prjoect for work that would allow for Labor tracking (ie % of time spent on a project in a given month) this system will probably be in place for a while and I'm worried that my table may end up getting to big. Fox eample it's basiclly tracking what percentage for what project so my table looks like...
EID - Eployee ID(Links to employee table)
ProjectID - ProjectID (Links to project table)
TimeOn - Percentage on that progect for the month
Month - The Month
Year - The Year
So we have about 100 employees currently and the could be working on any amount of project in a month but lets say 5 is the average so thats about 60 record per employee per year. So total company wide is 6000 per year. Is that too many? There will be times when every single record needs to be read if that makes a difference. Should I be storing each year in a seperate table? Thats seems not very dynamic cause I have to make sure there are tables for the next 10 years or whatever. But anyway please let me know what you think.
Thanks!
|
|
|
|
|
Assuming you are using SQL Server 2000 and EID and Project ID are "int" types and TimeOn, Month and Year are "tiny" types that is 11 bytes per record. Which is around 650 to 700 records per page or 5200 to 5600 records per extent (I cannot remember if it pads to 12 bytes to make each record an even length). Since a whole extent is read when getting data from the database your 6000 records per employee could be read in 2 extents, if EID and ProjectID make a composite primary key with EID the first part. Of course during normal database operations the database is likely to get fragmented but there are ways to reduce this if performance is absolutely critical.
So, in short, no I don't think that is too many records.
--Colin Mackay--
EuroCPian Spring 2004 Get Together[^]
|
|
|
|
|
i install MSDE in my computer but i tryed to add server from visul studio or add connection to database but i cant it prombet me some "server name cannot be found"
|
|
|
|
|
How to Set Data to TextBox when We fetch data in Dataset,
i want to Show Data from Dataset to TextBox
here is Current Code :
On Form Load
sCon.ConnectionString = sConString
sCon.Open()
Dim DaCustomer As OleDbDataAdapter
Dim DsCustomer As New DataSet()
Dim SQL As String
SQL = "Select * from customers"
DaCustomer = New OleDbDataAdapter(SQL, sCon)
DaCustomer.Fill(DsCustomer)
and my TextBox's Name is TextBox1
|
|
|
|