|
This should work:
ALTER PROCEDURE dbo.SP_SearchByUserNeed
(
@ColumnName varchar(20),
@Value varchar(100)
)
AS
BEGIN
DECLARE @RealColumnName sysname;
DECLARE @Statement nvarchar(max);
SELECT
@RealColumnName = name
FROM
sys.columns
WHERE
object_id = OBJECT_ID('Product')
And
name = @ColumnName
;
If @RealColumnName Is Null
BEGIN
RAISERROR('Unknown column: "%s"', 16, 1, @ColumnName);
Return;
END;
SET @Statement = N'SELECT * FROM Product WHERE ' + QuoteName(@RealColumnName) + N' Like @Value + ''%''';
EXEC sp_executesql @Statement, N'@Value varchar(100)', @Value;
END
This will validate that the column name passed in is a valid column in the Product table, and avoid SQL Injection[^] in the dynamic query.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Hi
I want to get all the proc names that were created or modified by a specific user or from a specific computer in the database.
Thank you
|
|
|
|
|
I would guess you are using Sql Server. AFAIK, there is no way to do so. The sys.procedures table does not show any field that matches what you request.
There is, see post below;
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
modified 15-Sep-15 14:09pm.
|
|
|
|
|
Closest I can think of is to list the SPs by "owner" ...don't think it's what you're after though. E.g.
exec sp_stored_procedures @sp_owner = 'dbo'
Or you could try using a log reader
|
|
|
|
|
SELECT *
FROM sys.fn_dblog(NULL,NULL) ..but only if there's a decent log, and if they did not log in using the sa-account.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
SQL does not! stores information about the person (user) modified any of its object, the only information stored is the last date it modified...
You may look into the trc files of the default trace (you may need to enable it), but it is good for a short time as it being overwritten periodically...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Dear all.
Manufacture Model No Length Width height
Manufacture 1 MD-01 200 300 100
Manufacture 1 MD-02 300 400 100
Manufacture 1 MD-03 400 300 150
Manufacture 2 MAD-01 200 450 100
Manufacture 2 MAD-02 250 400 100
Manufacture 3 MDI-01 300 300 100
Manufacture 4 MOv-01 350 300 100
I would like to create 2 combobox -
1) Manufacture 2 ) model No
Manufacture should display for above example Manufacture 1,Manufacture 2,Manufacture 3, Manufacture 4
when particular manufacture selected for example Manufacture 2 -> combox should display only MAD-01 & MAD 02.
Based on both selection text box must me loaded with length, width , height.
i tried sample code & try to assign the combox with database value. I found duplicate list of column. Like for combobox1 accumulate
Manufacture 1
Manufacture 1
Manufacture 1
Manufacture 2
Manufacture 2
Manufacture 3
Manufacture 4
Is there any example program available to do this. How can do this. can some one give example program for this
|
|
|
|
|
Also in the VB-forum; please don't crosspost.
Instead of removing the duplicates, I'd recommend to have a DISTINCT list of the names to load in the combo. Google for "SELECT DISTINCT" to get examples.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
was reading an article about memSQL ... seems to be good and new thing.. but wonder does it make any difference with other documented databases?
|
|
|
|
|
Didn't know the specific brand; TimesTen (from Oracle) works as advertised, I assume this one does the same.
Not very useful for documents - it is useful for high traffic data.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
memSQL is still a RDBM, but uses memory as storage, while document-base is noSQL...so not much to compare...
If you are interesting in hi-performance (real-time) data processing, you may check SQL's in-memory-tables...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Yes, its an ACID-compliant RDBMS.
|
|
|
|
|
Schatak wrote: seems to be good and new thing
Pretty sure when new things stop showing up in computing then people won't be doing computing any more.
So new doesn't mean much. The real question does it serve a real need significantly better than some older technology. Must be significant otherwise the learning time and the problems due to learning will not be an effective trade off.
And the vast majority of the time for any really "new" idiom the answer is no.
So based on that one shouldn't look for new technologies but rather look for solutions to real problems.
For example a real problem might be that an existing file based database using expertly created caching and expertly created database design fails to meet real performance needs.
This would be versus situations like the following
- My 'database' is slow, when no actual profiling has been done at all. (I don't even know what profiling is much less creating a simulation of actual production traffic.)
- My database is slow but I don't have any idea how databases work.
- I don't like SQL and consequently all my SQL ends up being written like it didn't exist.
- I don't even know what caching strategies are
- I read about this cool tool and I want to base the entire future of a company for the next 10 years on it just so I can play with it.
- As a developer I need to restore the database 20 times a day and it just takes too long so the database should be replaced even though there is no problem with performance in production.
|
|
|
|
|
Hi.
I have a local db with a number of tables. One is a table with filenames. This method is supposed to remove the file from the database table HiddenFile with the id sent to the method.
I have been trying to solve this for a long time without success.
The code is:
public bool DeleteFile(Int32 identity)
{
string connString = "Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=C:\\Code\\FileDB.mdf;Integrated Security=True;Connect Timeout=30";
SqlConnection dbConn = new SqlConnection(connString);
dbConn.Open();
using (SqlCommand com = new SqlCommand("DELETE FROM HiddenFile WHERE Id = @Identity)", dbConn))
{
com.Parameters.AddWithValue("@Identity", identity);
com.ExecuteNonQuery();
}
dbConn.Close();
return true;
}
When I run it, there is an error: "Incorrect syntax near ')'".
Can anybody see what the problem is?
modified 6-Sep-15 8:18am.
|
|
|
|
|
"DELETE FROM HiddenFile WHERE Id = @Identity)" <- you have here an unnecessary closing parenthesis...remove it...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
I am using netbeans5.5 so how to connect with server to netbeans
|
|
|
|
|
Netbeans is an IDE not a programming language. Please explain in proper detail, what you are trying to do, and what problem(s) you are having.
|
|
|
|
|
I am going to start a big construction project with MVC. I am confused about Db choice.
Although worked with SQL server from past 5 years. but now thinking to use MongoDB.
Is it a good move?
|
|
|
|
|
Depends on what you're planning to store in it, how you want to retrieve the information, what skillsets your build team have etc etc etc.
I'd need far more information about the project to even make an educated guess about which technologies would be appropriate for the it (the project). Oh, and I would charge money to do that.
I would suggest that the very need to ask if it is a good move would suggest that it is probably not a good move in these circumstances
|
|
|
|
|
Yeah, the project gonna be big for sure, data would be like more documents, images , videos . And performance of product is the key, they need fast retivals of docs, images and all. Things like that.
So i heard about MongoDB does the things pretty well, but not sure if it gonna be good for large projects or something.
What are your charges Paypal/CC?
|
|
|
|
|
Schatak wrote: big for sure, data would be like more documents, images , videos . And performance of product is the key, they need fast retivals of docs, images and all.
People often say that but it the same as saying "I want a fast car".
You need to quantify that with real numbers.
What is an "image"?
What is a "video"?
What is a "document"?
How exactly is it retrieved?
What exactly does fast mean?
What exactly is doing the retrieving?
For example are you backing up youtube?
Are you retrieving a cat scan for an surgery team in an operating room?
Are you retrieving a field image on an iphone in a farm in the middle of Idaho? Or the middle of the Sudan?
And drill down on the details too.
If they say "video" is it an hd capture from a hollywood film crew or is it really just a image capture (single frame every 5 seconds) from a security camera above a door?
If they say 10,000 users does that mean they have 10,000 right now? Does it mean there will be 10,000 logged in every second viewing a cat scan? Or does it mean their most optimistic sales goal is to have 10,000 total users in 10 years time and at most 2 users at a time will be looking at a photograph? And best I can say is if they claim 10,000 at the same time right now then question exactly how they came up with that number.
|
|
|
|
|
Schatak wrote: I am going to start a big construction project with MVC. I am confused about Db
choice. I would recommend postponing the choice.
Schatak wrote: Although worked with SQL server from past 5 years. but now thinking to use
MongoDB. They are not the same, and one would perform poor in the area where the other excells. SQL Server would be preferred for relational data, especially if you are on a Microsoft stack.
I cannot determine whether or not MongoDB supports SQL92. It would be nice to know, since;
- You could postpone the choice of which database-class to use by programming against the IDbConnection interface.
- Inject any database-driver in there
- And if you keep your SQL compatible with SQL92, then any database supporting the standard could be used.
SQL92 is not as rich as the Sql dialect of the server, but it does offer the advantage to swap out the database entirely, simply by changing the configuration.
..but in general, you take risks in small and simple projects; it would be very not fun if you had to make a lot of changes in a very large project after some months of work, and breaking it in the process.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: I cannot determine whether or not MongoDB supports SQL92
There's a reason it's called NoSQL.
NoSQL Explained[^] by Mongo themselves.
|
|
|
|
|
Yes, I opened multiple search results in multiple tabs, and the first contained claims to be SQL92 compatible; but they were ODBC-based commercial solutions.
Believe that it was wikipedia that stated there was no support for joins
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I would use what I know best.
|
|
|
|