I'm working updating some legacy code that does not properly handle user input. The code does do a minimal amount of sanitization, but does not cover all known threats. Our newer code uses parameterized queries. As I understand it, the queries are precompiled, and the input is treated simply as data which cannot be executed. In that cas...
I have a situation where I want to insert a row if it doesn't exist, and to not insert it if it already does. I tried creating sql queries that prevented this from happening (see here), but I was told a solution is to create constraints and catch the exception when they're violated. I have constraints in place already. My question is - ...
Hey. Do you know if there is a simple database framework that is free to use in iPhone development? I've tried to get my head around Apple's framework SQLite3-framework, but it is just too complicated. Why can't it just be like PHP and databases … So basically, what I want is a framework that is simple to use and can handle databases....
I currently have an INFORMIX-SQL app I wish to re-write in OpenEdge/4GL(non-GUI) client with the Personal engine and would like to know the methods and details for dealing with record arrays where I need to display, update and add multiple transaction rows within Progress' forms. I also have several question regarding functionality, e.g....
What's the standard relational database idiom for setting permissions for items? Answers should be general; however, they should be able to be applied to example below. Anything flies: adding columns, adding another table—whatever as long as it works well. Application / Example Assume the Twitter database is extremely simple: we have ...
Sure, I can write a function for it in Python or something...but how can I do it in MYSQL? WHERE title = "heart of darkness" more or less 3 characters... ...
Hey :) I'm currently setting up a new users data model. Are the ids from facebook, twitter and openid all numerical? What is the length? This is what i have so far: Thanks for any collection. Oliver ...
I have some django models for my extended users profile. Problem is that this code does not create tables when syncdb is used (simply nothing happens. No validation errors). Why is that happening? (Also those models give import error elsewhere) : #!/usr/bin/env python # encoding: utf-8 from django.db import models from django.contrib.au...
Hello, I've got a MySQL table with about ~10m rows. I created a parallel schema in SQLite3, and I'd like to copy the table somehow. Using Python seems like an acceptable solution, but this way -- # ... mysqlcursor.execute('SELECT * FROM tbl') rows = mysqlcursor.fetchall() # or mysqlcursor.fetchone() for row in rows: # ... insert r...
Has anyone done this? ...
I recently made a small app for a friend and then made it a public app, in doing so I forgot that it connects to my MS SQL DB and checks for values. Someone used Red Gate .Net Reflector to get my password and destroy it all. I've contacted their ISP and they are looking into it, apparently this person has a static ip with them. So this ...
I currently have a data solution in RDBMS. The load on the server will grow by 10x, and I do not believe it will scale. I believe what I need is a data store that can provide fault tolerant, scalable and that can retrieve data extremely fast. The Stats Records: 200 million Total Data Size (not including indexes): 381 GB ...
I'm making a website to track which software is used internally in my company. Is there a downloadable database which contains as much software product as possible, along its description. If I can get all sourceforge.net and code.google.com projects as database for instance - it could be really nice. The only option I saw so far is to ...
Hello! Does somebodoy know query language DataLog ? Where I can find something about it ?I can'h find any tutorial on net :/ ...
My two main requirements for the site are related to degrees of separation and graph matching (given two graphs, return some kind of similarity score). My first thought was to use MySql to do it, which would probably work out okay for storing how I want to manage 'friends' (similar to Twitter), but I'm thinking if I want to show users r...
Hello All, I have a specific case here in which I would like some security advice. Basically my question is "If I control what is in a database (no user submitted data), is there a security concern to returning the results of a database query in HTML (via AJAX)"? Here's the process that is happening: daily build generates an XML doc...
Hello. I've tried in 1 hour now, trying to find out how I could extract something from the database, in a INNER JOIN with a simple SQL syntax. It works, nearly and my question is how can i select more than only one row from the table. My SQL syntax: SELECT topics.topic_id, topics.topic_subject, COUNT(posts.post_topic) AS comments FRO...
I'm currently using mysql w/ PHP because that's what I learned and haven't ever had to use anything else. In my current project, I have a database w/ 10 million rows and about 10 columns and have found it to be very slow when I do complex calls, both in a local (windows) environment as well as production (linux) environment. Both servers...
I'm using EffiProz to work with database in a small app. The thing is, whenever the app run, it produce a text file with all executed commands inside. How to stop it from producing text files? ...
I want to use the SQLite clause LIMIT and OFFSET, so that I can fetch my records in pages. But, though I can find the LIMIT clause in the SQLiteQueryBuilder.query() which would effectively limit the number of record in my result. Couldn't find the OFFSET clause anywhere so that I can continue fetching from the point I left. Also, can so...