My co-worker is being unsafe with his code and is allowing a user to upload an SQL file to be run on the server. He strips out any key words in the file such as "EXEC", "DROP", "UPDATE", "INSERT", "TRUNC" I want to show him the error of his ways by exploiting his EXEC ( @sql ) My first attempt will be with 'EXEXECEC (N''SELECT ''You D...
here is my current queries: 1 SELECT FilteredInvoice.accountidname, FilteredInvoice.createdon, FilteredInvoice.createdon AS sort_date, FilteredInvoice.duedate, FilteredInvoice.invoicenumber, FilteredInvoice.statecodename, FilteredInvoice.totalamount_base, CONVERT(datetime, NULL) A...
I started with this but is it the best way to perform the task? select reverse( substring(reverse(some_field), charindex('-', reverse(some_field)) + 1, len(some_field) - charindex('-', reverse(some_field)))) from SomeTable How does SQL Server treat the multiple calls to reverse(some_field)? Besides a ...
hi, I have to apply group on several columns in a report. I have to keep some of the columns in a rectangle. and I have to apply gruop on rectangle on regular columns too. Please tell me in what way I can do this. Please respond. Its urgent!!!! ...
Is the data transferred between two SQL Servers protected (encrypted) by default? If not, is there a way to accomplish this? I have two SQL Server 2005 databases running on separate servers, separate machines, separate networks. How can I ensure that data transmitted from one server to another is secure? I have tried researching the su...
I'm trying to export some information from SQL Server. The SQL runs fine in the SQL Management Studio, but when I try to export it gives me the following errors. I've had issues similar to this before and adding the SET ANSI_WARNINGS OFF line fixed it. That line is not working this time. EDIT: I've tried with the SQL SELECT * FROM Ta...
Is it possible to mimic the way SQL Server installation works? With SQL Server you could have multiple "named instances" installed on the same machine. I believe it is one single executable but they do something in the registry to make it multiple instance. Anyone knows how SQL Server achieves this? We have a window service develop with...
Declare @str DateTime, @End DateTime, @CatID Int Set @str = '24 Sep 2010 8:30 AM' Set @end = '24 Sep 2010 1:30 PM' Set @CatID = '3' Select b.ID, b.BookingID, Name, r.ResID, r.ResName , DATEADD(day, 0, DATEDIFF(day, 0, StrDate)) + DATEADD(day, 0 - DATEDIFF(day, 0, StrTime), StrTime) as StrDate , DATEADD(day, 0, DATEDIFF(day, 0, EndDat...
Request: Please show me a working example of how to retrieve(in an array?) returned rows from a Stored Procedure on a MSSQL server using Zend Framework. Explanation: I can't find anything in the ZF docs about how to execute SP on MSSQL servers. I'm aware that it is possible via plain PHP. However, since my project uses ZF, I'd like not ...
I came across the following in an MSDN Article: clientoption1 and clientoption2. Set options on this client connection. This is a bitmask that includes information about options usually controlled by SET statements such as SET NOCOUNT and SET XACTABORT. Where can I find more information on them? For e.g. in my deadlock ...
I have a SQL query and it fails at times. That means that query runs fine most of the times. Once the query fails if I execute is again with some delay, it is successful in the same execution. Please note there are no changes in the tables being used in the query in between the success and failure scenarios. They are exactly same. As m...
Hi guys, Can anyone know why all the buttons are disabled ? I am trying to create a Job on SQL Server 2008 R2 Express. Thanks. ...
hi i need to find data between 2 date's and time's. i use one field for date , and one field for time. is it be better to use only one field for date & time ? i see that it came in dd/mm/yyyy hh:mm:ss format that can contain date and time. this question is for acceess and for sql-server thank's in advance ...
I have an xml column and I want to persist a node count in it in an adjacent column. For example, in an xml given below, I have 3 nodes a and so I want to output it. The problem that I have, however, is that I can't manage to create a generic schema-bound function that would take @xml and @nodeName so as to return the count of a speci...
Possible Duplicate: Testing for inequality in T-SQL Hi, does there any different to use the '!=' vs '<>' vs 'Not'? which one will have the worst performance or it exist just because of the backward compatibility syntax? ...
Hi, i have made a runtime query inside a sp and am exceuting the query within the sp using exec(), but when creating the sp i am getting the error The default schema does not exist. The SP is: CREATE PROCEDURE MySP @tableName varchar(100) AS BEGIN SET NOCOUNT ON; declare @selectQuery varchar(MAX) set @selectQuery = 'se...
Hello, I have 3 instance of database named X. Each of them is on the other server. Now... Let's look on the some table named Orders. In X_1 and X_2 size of this table is about 500MB with 1 000 000 records. In X_3 size of this table is about 1,5 GB with 1 000 000 records. Why? What is wrong. I have made shrink on each database. I'm ...
My two questions are: Can I use clustered indexes to speed up bulk inserts in big tables? Can I then still efficiently use foreign key relationships if my IDENTITY column is not the clustered index anymore? To elaborate, I have a database with a couple of very big (between 100-1000 mln rows) tables containing company data. Typically ...
I am maintaining some queries defined in the table adapters designer in Visual Studio used in some reports in a Windows Forms application (.NET 2.0). When I run the application and execute a particular query I get an error: Arithmetic overflow error converting expression to data type smallmoney. I was surprised, since the query should pr...
I am really not good at sql, The problem is the following: I have a metadata table like this META: id(pk) prop1 prop2 1 'pr1' 'pr2' 2 'pr1' 'pr2' At the same time, I have many child tables which look something like this: TABLE1: metaID(fk-pk) indx(pk) active ... 1 1 1 ... ...