15,884,237 members
Sign in
Sign in
Email
Password
Forgot your password?
Sign in with
home
articles
Browse Topics
>
Latest Articles
Top Articles
Posting/Update Guidelines
Article Help Forum
Submit an article or tip
Import GitHub Project
Import your Blog
quick answers
Q&A
Ask a Question
View Unanswered Questions
View All Questions
View C# questions
View C++ questions
View Javascript questions
View Visual Basic questions
View Python questions
discussions
forums
CodeProject.AI Server
All Message Boards...
Application Lifecycle
>
Running a Business
Sales / Marketing
Collaboration / Beta Testing
Work Issues
Design and Architecture
Artificial Intelligence
ASP.NET
JavaScript
Internet of Things
C / C++ / MFC
>
ATL / WTL / STL
Managed C++/CLI
C#
Free Tools
Objective-C and Swift
Database
Hardware & Devices
>
System Admin
Hosting and Servers
Java
Linux Programming
Python
.NET (Core and Framework)
Android
iOS
Mobile
WPF
Visual Basic
Web Development
Site Bugs / Suggestions
Spam and Abuse Watch
features
features
Competitions
News
The Insider Newsletter
The Daily Build Newsletter
Newsletter archive
Surveys
CodeProject Stuff
community
lounge
Who's Who
Most Valuable Professionals
The Lounge
The CodeProject Blog
Where I Am: Member Photos
The Insider News
The Weird & The Wonderful
help
?
What is 'CodeProject'?
General FAQ
Ask a Question
Bugs and Suggestions
Article Help Forum
About Us
Search within:
Articles
Quick Answers
Messages
Comments by Max Methot (Top 5 by date)
Max Methot
16-Sep-15 8:13am
View
Are you running your grant command as the root user (mysql -u root -p) ?
This -> (using password: NO) is telling me you are trying to give root access to a user without being root or wihout proper permission.
Max Methot
31-Jul-15 10:56am
View
Indeed, but it is still a "workaround".
Max Methot
31-Jul-15 10:04am
View
I am not a PHP pro, but I think mixing PHP and Java isn't as trivial as it may sound. A quick Google search brought some results about a PHP to Java "bridge", but that sounds kind of messy to me. If you really have to use a JAVA backend, I would definitely go with a JAVA+JSP web application rather than using a PHP frontend.
Max Methot
28-Jul-15 11:48am
View
Please provide your code. We cannot guess what your code looks like.
Max Methot
12-Sep-13 10:18am
View
About the SQL injection, as I said you could go with stored procedures. You use them somthing like this:
public static MyObject Get(string connectionString, InspectionMissionExt ime)
{
//Create the connection object that points to the right MS Access database
OleDbConnection connection = new OleDbConnection(connectionString);
//Open the connection
connection.Open();
//Instatiate the stored procedure by it's name
string storedProcedure = "MyProcedure";
//Create the command that will execute the stored procedure for the given connection
OleDbCommand command = new OleDbCommand(storedProcedure, connection);
//Make sure it is a Stored procedure type of command
command.CommandType = CommandType.StoredProcedure;
//Set the command parameters
command.Parameters.AddWithValue("@insp_mission_number ", ime.insp_mission_number);
command.Parameters.AddWithValue("@insp_branch_id", ime.insp_branch_id);
command.Parameters.AddWithValue("@inspector_id", ime.inspector_id);
command.Parameters.AddWithValue("@ministry_id", ime.ministry_id);
//Create the reader that will read the results of the command
OleDbDataReader reader = command.ExecuteReader();
//Instantiate the object that will be filled with the query results
MyObject myObject = new MyObject;
//If the query gives us results...
if (reader.Read())
{
myObject.Property1 = reader.GetString(0);
myObject.Property2 = reader.GetInt32(1);
myObject.Property3 = reader.GetString(2);
myObject.Property4 = reader.GetDouble(3);
.
.
.
}
return myObject;
}
Your stored procedure in MS Access might be created like:
CREATE PROCEDURE MyStoredProcedureName
(@insp_mission_number VARCHAR,
@insp_branch_id INT,
@inspector_id INT,
@ministry_id INT)
AS
SELECT im.*,
i.first_name + i.surname AS inspector_name,
b.name AS branch_name,
m.name AS ministry_name
FROM (((insp_mission AS im left join inspector as i on im.inspector_id = i.id)
LEFT JOIN branch as b on im.insp_branch_id = b.id)
LEFT JOIN ministry m on im.ministry_id = m.id)
WHERE im.insp_mission_number like '%' + @insp_mission_number + '%'
AND im.insp_branch_id = @insp_branch_id
AND im.inspector_id = @inspector_id
AND im.ministry_id = @ministry_id
By doing it that way, you are safe for SQL injections since you'll be using typed parameters and a remote stored procedure instead of a clear text query in the C# code. It is a good practice to do so.
Once you return your object or value in the C#, you'll be able to do whatever treatment you need to do on it.
Also, it will most likely fix your problem with including the parameters in the SQL query.
I hope it'll help you and I hope I didn't mix up things more than necessary for you!