|
I found a really great tool where I can browse for an .mdf-file and select it and then see the tables with all the data. It's called "SysInfoTools SQL File Viewer v18.0" and it's only a few megabytes large. After I have installed it, I can see a file called "Script Instruction.txt" in the installation folder with the following contents:
"**********************************************************************
Information about script
**********************************************************************
Mainsqlscript.bat is our main script File, which contains path information of all the tables, views, stored procedure, triggers, functions,etc.
Script file with database name “Databasename”.sql File contains script for creation of Database.
Tables Folder Contain Script of all the tables.
StoreProcedure Folder Contain script file for every Procedure.
Triggers Folder Contain script file for every Trigger.
Views Folder Contain script file for every view.
Functions Folder Contain script file for every function.
altertablecommandPrimarykeys contain script file for every primarykey.
Altertablecommandforeignkeys contain script file for every foreign key.
**********************************************************************
How to run Script
**********************************************************************
1. Open Command prompt. Cmd.exe with run as Administrator.
2. Move to Batch file path using command cd "Path of batch file"
3. Type Command
mainsqlscript.bat <username> <password> <server name=""> <database name="">
NOTE: If the given Database name already exist in sql server instance then old database will be deleted and new database with the given name is created.
Server Name and Database Name are compulsary parameters for running script."
Does anybody understand what they mean by the above, does it mean that I can run it from a standard .bat-file (the ones that were invented by Microsoft in the 80's) and not have to see the GUI show up?
|
|
|
|
|
Ok, here is the code in my class
static public DataTable query_search(string sqlite_query, SQLiteParameter[] parameters)
{
SQLiteConnection sqlite_conn = new SQLiteConnection("Data Source=test.db;Version=3;Compress=True;Synchronous=Full;");
sqlite_conn.Open();
SQLiteCommand sqlite_cmd;
sqlite_cmd = sqlite_conn.CreateCommand();
sqlite_cmd.CommandText = sqlite_query;
SQLiteDataReader sqlite_datareader;
sqlite_cmd.Parameters.AddRange(parameters);
sqlite_datareader = sqlite_cmd.ExecuteReader();
DataTable returnTable = new DataTable();
returnTable.Load(sqlite_datareader);
writedebug(returnTable.Rows.Count.ToString());
sqlite_conn.Close();
sqlite_datareader.Close();
return returnTable;
}
writedebug writes 0 rows
My call
private void button1_Click(object sender, EventArgs e)
{
if (search.Text.Trim() != "")
{
SQLiteParameter[] param = {
new SQLiteParameter("%@search%", "paul")
};
customerList.Rows.Clear();
DataTable searchinfo = database.query_search("SELECT id, firstname, lastname FROM customers WHERE firstname LIKE '@search' OR lastname LIKE '@search'", param);
MessageBox.Show(searchinfo.Rows.Count.ToString());
foreach (DataRow row in searchinfo.Rows)
{
customerList.Rows.Add(row[0].ToString(), row[1].ToString() + " " + row[2].ToString());
}
}
}
if I replace @search in the query with "%paul%" (in the database) writedebug turns 2 and it adds the rows to the form table
I can query and put the search.Text directly into the string like SELECT id, firstname, lastname FROM customers WHERE firstname LIKE '" + search.Text + "' OR lastname LIKE '" + search.Text + '" but I needed sanitized queries (even though im the only one using this software), adding a % will make it return all rows
I've used SQLiteParameter for INSERT INTO with another function successfully. please help
thanks
|
|
|
|
|
You cannot use "%@search% as the parameter name, as it is not a valid name. Try something like:
string psearch = "%" + search + "%";
SQLiteParameter[] param = {
new SQLiteParameter("search", psearch)
};
Then use "@search" in the SELECT clause as the parameter reference.
NB the actual syntax of the command may not be exact.
|
|
|
|
|
tried and failed.
wait, using it without ' in the query string works. yes, thank you
though I can still input % as a wildcard and get all rows. I thought this supposed to sanitize/escape input. guess I can live with it though, unless you have a better idea
|
|
|
|
|
Yes, because parameter names must be entered 'as is', not quoted.
|
|
|
|
|
do you know why the % char isnt being escaped?
|
|
|
|
|
Not sure what you mean, I thought is was the wildcard character for the LIKE phrase.
|
|
|
|
|
yes, but if it's put into the textbox, it's queried as LIKE %%% which matches everything
|
|
|
|
|
I'm sorry, you have lost me. What has a TextBox got to do with SQL statements?
|
|
|
|
|
it's a search query for a database, text input box
|
|
|
|
|
Yes, but that has nothing to do with creating a valid SQL statement. The textbox is provided by the user, so your code should verify that it contains valid data. You then take the validated text and store into one of the SQL Parameters which get passed in to he execution module. Do not assume that the user knows what he or she is doing and just accept whatever they type. Many times it will be wrong, mist-typed, not understanding what is required, etc.
|
|
|
|
|
I thought SQLLiteParameter sanitizes or at least escapes special characters
|
|
|
|
|
Sorry, I don't know, you would need to check the documentation.
|
|
|
|
|
|
i have Two Database in two different servers i want to join two tables from this two Databases
i have no relation between them but just a column wich contain information about the other database
Ex : Database1.dbo.informationCity contain a column named Specification and have this information:
14042020111925_GMS3439_09_04_2020-04_48.xml_6456.zip
i want to extract from this column just this number 3439 because with this number i can rely the other database
Ex : Database2.dbo.city contain a column named cityID : 3439
any body have an idea how to do that ?
i tried this Sql request but it did not work
<pre lang="SQL">SELECT
*
FROM [mo].[dbo].[Database1]
INNER JOIN [Database2].[dbo].[city ] ON substring([Specification], CHARINDEX('GMS', [Specification ]) + 3,4) =
[Database2].[dbo].[city ].[cityID]
|
|
|
|
|
Your join seems to be confused about the table names. According to your question, your tables are:
Database1.dbo.informationCity Database2.dbo.city
But according to your query, the tables are:
mo.dbo.Database1 (Completely different name)Database2.dbo.[city ] (Extra space at the end of the name)
There's also nothing in there that would suggest the databases are on different servers. If they are, you'd need to create a linked server on the server where this query will run pointing to the other server, and use the four part name of the table you're trying to query - [Linked Server Name].[Database Name].[Schema Name].[Table Name] .
Create Linked Servers - SQL Server | Microsoft Docs[^]
If it still doesn't work once you've fixed that, you'll need to provide the full details of the error(s) you're getting.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
thank you sir for your Help , i fixed it and it works
now is that possible to get automaticaly my results to an Excel file => simply export my result to excel directly
|
|
|
|
|
Yes. For example, from SQL Server Management Studio:
Start the SQL Server Import and Export Wizard - Integration Services (SSIS) | Microsoft Docs[^]
From .NET code, you could use a library such as ClosedXML[^] to create an Excel sheet containing the query results. (Previously, I would have recommended EPPlus, but that's no longer free for commercial use.)
Or you could write the results out to a CSV file, which Excel will be able to open. I like to use the CsvHelper[^] for reading and writing CSV files, but other libraries are available (eg: fastCSV[^]).
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
sorry but i am a beginner , i do not know how to start exactly
i have just my sql request which is correct and works well
|
|
|
|
|
i'm used to MySQL, this is...different. A table with just one row
Using "DB Browser for SQLLite"...structure
CREATE TABLE "appinfo" (
"version" TEXT NOT NULL,
"passworded" INTEGER NOT NULL,
"username" TEXT NOT NULL
);
I added a row. "1", 1, "Admin" with DB Browser
when I query it "SELECT * FROM addinfo;" with DB browser I get NULL for each field (blank on my c# app)
what am I missing here?
thanks
|
|
|
|
|
Uranium-235 wrote: what am I missing here? The correct spelling of "appinfo".
|
|
|
|
|
no, that wasn't a copy & paste, it was a misspelling here, when I actually do it from my c# app it returns the column names (found a function to easily present col names and row data, so the columns are correct), and one row of empty data, just like in DB Browser
I just tried SELECT * FROM "main"."appinfo";
it returned <blank>, 0, <blank>
the middle number is supposed to be a 1
modified 12-Apr-20 14:39pm.
|
|
|
|
|
I'm having trouble parsing your query! I would presume that "Main" is your database and is included in your connection string.
If so then your query string should be "Select * from appinfo" and it should return the 1 record you have inserted.
If you want an empty datatable then "Select * from Appinfo where 1=1"
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
no this is from DB Browser, not even the app
|
|
|
|
|
Nevermind. I inserted it into the database with a query in DB Browser instead of using the browser and it seemed to work :shrug:
thanks for putting up with me
|
|
|
|