Input Box Not Updating

Feb 25, 2008

I have two textboxes on the page...shipdate and duedate.  When the page loads, shipdate has today's date loaded and duedate has a date that's 28 days later than today.  When I change the dates and submit it's not updating in the database instead I'm getting the two dates in pageload.  What am I doing wrong?Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

 

ShipDateTxt.Text = Today()

DueDateTxt.Text = DateAdd(DateInterval.Day, 28, Today())

End SubProtected Sub LoanRequest_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles LoanRequest.Click

Dim conn As New Data.SqlClient.SqlConnection(ConfigurationManager.ConnectionStrings("TrainUserConnectionString").ConnectionString)Dim cmd As New Data.SqlClient.SqlCommandWith cmd

.Connection = conn

.CommandType = Data.CommandType.StoredProcedure

.CommandText = "UpdateloanerInfo".Parameters.AddWithValue("@requestorid", Integer.Parse(Request.QueryString("requestorid")))

.Parameters.AddWithValue("@shipdate", ShipDateTxt.Text).Parameters.AddWithValue("@duedate", DueDateTxt.Text)

End With

Here's updateloanerinfo stored procedure:

@requestorid int,
@shipdate datetime,
@duedate datetime

AS update LibraryRequest

set
[shipdate] = @shipdate,
[duedate] = @duedate

Where  requestorid=@requestorid

View 3 Replies


ADVERTISEMENT

Updating A Column With Input Parameter?

May 19, 2014

Is it possible to assign to a column a value passed as a parameter?

When I run the proc I get the following error :

Msg 245, Level 16, State 1, Procedure Transfer, Line 17

Conversion failed when converting the varchar value '@ID' to data type int.

----####################################################
USE [tbldata]
GO
/****** Object: StoredProcedure [dbo].[Transfer] Script Date: 05/19/2014 11:26:38 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[Transfer](@ID int)

[code].....

View 1 Replies View Related

Updating A Table By Both Inserting And Updating In The Data Flow

Sep 21, 2006

I am very new to SQL Server 2005. I have created a package to load data from a flat delimited file to a database table. The initial load has worked. However, in the future, I will have flat files used to update the table. Some of the records will need to be inserted and some will need to update existing rows. I am trying to do this from SSIS. However, I am very lost as to how to do this.

Any suggestions?

View 7 Replies View Related

BCP Input

Jan 4, 2006

Using MSDE and OSQL
I begin with:

C:OSQL -D VID -i C:accepted.sql -o C:Resultsaccepted.txt -n -w500 -Usa

That gives me data such as this:

363 Cynthia KY 36
542 Charlene NC 3
594 Amanda NJ 9
592 Robert NJ 54

Then this command to create a table

CREATE TABLE accepted
(
Customer_idnvarchar(50)NULL,
Cust_Namenvarchar(50)NULL,
Cust_Statenvarchar(50)NULL,
Cust_Countnvarchar(50)NULL
)
GO

I've created this BCP format file:

8.0
4
1 SQLCHAR 0 50 "/t" 1 Customer_id SQL_Latin1_General_CP1_CI_AS
2 SQLCHAR 0 50 "/t" 2 Cust_Name SQL_Latin1_General_CP1_CI_AS
3 SQLCHAR 0 50 "/t" 3 Cust_State SQL_Latin1_General_CP1_CI_AS
4 SQLCHAR 0 50 "/r/n"4 Cust_Count SQL_Latin1_General_CP1_CI_AS


Table is created. I can SELECT * FROM accepted and see my column names.

Then I try to BCP into the table using:

C:>BCP sales..east in C:Resultsaccepted.txt -t -f C:cpformataccepted.fmt -Usa -Ppwd

I get this error:

Starting copy...
SQLState = 22001, NativeError = 0
Error = [Microsoft][ODBC SQL Server Driver]String data, right truncation
SQLState = 22001, NativeError = 0
Error = [Microsoft][ODBC SQL Server Driver]String data, right truncation

and so on......

In the .fmt file I've tried "", " ", " " and everthing I could think of as a delimiter. Still no luck. I've tried almost every switch available to both OSQL and BCP.
The data I am trying to BCP is a SQL result so I don't think any special delimiters are placed. I've tried not using the .fmt file and using the prompts but still no luck. Data is CAST in the query and doesn't excede 45 characters.
Hope I've explained my problem well enough.

-Deana

View 11 Replies View Related

Input Chinese

Oct 5, 2006

Hi,I need to input Chinese character into the table of the database.  I did try to install/run both Chinese/English version of Visual Studio into Chinese/English version of Server 2003 but it still didn't work.Please help !stephen   

View 3 Replies View Related

How Can I Input A Sql Value To A Textbox ?

Feb 4, 2008

I use txtbox.Text = cmd.ExecuteReader() but it doesn't work.  How can I fix it ? 

View 4 Replies View Related

Can DTS Take Input Params?

Oct 13, 1999

Can I pass a parameter to a DTS package?


Here is what I am trying to do: Every month we need to import a fixed format text file into one of our tables. The format and location of the file is same every month except for the name. I want to create a DTS package to import it and call this DTS package first thing in a stored procedure(after which I do some processing with this imported data). I want to create the filename in my stored procedure and then call this DTS package to import it.

I am usig DTS as the interface is so much easier and want to avoid bcp :-)

Is it possible?

Thanks in advance,
Nishi

View 1 Replies View Related

Input Masks???

Aug 29, 2000

I am just learning SQL Server and I am stuck with a few things. I was wondering if you can define input masks for columns in the database in SQL Server. I have used this feature many times in Access and on the front end in Oracle Forms. Is there such a thing in SQL Server?? Is it just called something different.....? I will be trying to format telephone numbers and dates. Thank you for you time.

Nadine Sinclair

View 1 Replies View Related

User Input

Aug 14, 2002

Hi all,
Can anyone tell me about how to prompt a user to type when running a sql statement through query analyzer.
thanks
Jay

View 1 Replies View Related

Condition In Input

Apr 18, 2008

create function quantprice

( @itemnmbr varchar(50), @startdate datetime, @enddate datetime)

RETURNS TABLE
AS
RETURN

(Select distinct t.itemnmbr,t.totalprice as totalcost

from
(
select distinct

vs.itemnmbr, sum(vs.totalsumprce) as totalprice


from vwquantityprice vs


Where vs.itemnmbr = @itemnmbr and (vs.docdate between @startdate and @enddate)


group by vs.itemnmbr

) as t



)

select * from quantityprice('06-5840','4/1/2007','4/1/2008')

well, guys, i have this function and obviously i will get one row from this in output...with that particular itemnumber but i want multi-itemnmbrs some times in output...some times 2..soemtimes 3...

example,
select * from quantityprice('06-5840,ab-4581,0a-1458,45-0945','4/1/2007','4/1/2008')

can you tell me what condition it will come to get this output..

like in where itemnmbr in('06-5840,ab-4581,0a-1458,45-0945')
and in starting input v ariable @itemnmbr..

create function quantprice

( @itemnmbr varchar(50)..

don't know what condition it will come and where i have to put condition in where clause or in input variable..

any help would be appreciated..thanks a lot!! guys plz reply.

View 17 Replies View Related

User Input

Apr 23, 2008

I have created a query that has a "When" and an "And" function.

I know need to make the query run on user input, i want it to ask for the date, then name to run the query

View 2 Replies View Related

User Input With Sql...

Nov 1, 2006

Afternoon...
I have a database for a pretend dvd hire company and need to create a query that uses user input as part of the query.

Ie, select * from dvd where actor = 'Tom Cruise';

The 'Tom Cruise' part of the query needs to be user input every time the query is ran... Can you help?

Many thanks in advance!?

View 14 Replies View Related

Input On Training

May 8, 2007

Hi there,
I'll be going through a training couse for SQL Server next month. The class I'm signed up for is M2780: Maintaining a Microsoft® SQL Server™ 2005. My company uses SQL Server 2000 now and unless I give good reasons to upgrade to 2005, we won't be upgrading. I have very little DBA experience, but since I was told SQL Server is my responsibility, I figured it would make sense to go through some type of training for it. My questions are: Is there enough the same between the two that it makes sense for me to take this class? Are there good business reasons I can give for upgrading? If we don't upgrade is it worth taking a class for 2000 vs 2005?

Thanks for any input.

Marcie

View 2 Replies View Related

Passing Input

Oct 31, 2007

Need help.

I’m trying to pass inputs from one stored proc to another but I’m having problems in passing them.

First proc (input_passing) should pass the following inputs – FirstName, LastNmae and RecordID to the second proc (input_receive) – then the second proc will diplay the outcome – YES/NO if there is a match.
------------------------------------------------------------------------------------------
First proc (input_passing)
-------------------------------------------------------------------------------------------------------
DECLARE
@RecordIDVARCHAR(11),
@FirstNameVARCHAR(60),
@LastNameVARCHAR(60)


--DECLARE tbInputs CURSOR FOR
SELECT
RecordID,
FirstName,
LastName

FROM
tbInputs

OPEN tbInputs

FETCH NEXT FROM tbInputs
INTO @RecordID, @FirstName, @LastName

WHILE @@FETCH_STATUS = 0
BEGIN
--GET RECORD
SET @RecordID = RecordID from dbo.tbInputs)

END

FETCH NEXT FROM tbInputs
INTO @RecordID, @FirstName, @LastName

END

CLOSE tbInputs
DEALLOCATE tbInputs
exec input_receive
----------------------------------------------------------------------------------------------------------------- Second proc. (input_receive)

CREATE PROCEDURE input_receive
@RecordIDVARCHAR(11) = NULL,
@FirstNameVARCHAR(50) = NULL,
@LastNameVARCHAR(50) = NULL,
@RecordMatchBIT OUTPUT,
@MatchedOnVARCHAR(400) OUTPUT
AS

-- Declarations
DECLARE @CountINT
DECLARE@FoundBIT
DECLARE @AlertIDDECIMAL(18,0)
DECLARE@AlertCreateDateDATETIME
-- END Declarations

-- ******* Initializations **********
SET @Count = 0
SET @Found = 0
-- DEFAULT to No File Match
SET RecordMatch = 0
SET @MatchedOn = 'NO FOUND'
-- ******* END Initializations **********

-- First check to see if the RecordID Matches
IF( @RecordID IS NOT NULL AND @RecordID <> '' )
BEGIN
IF( CAST( REPLACE(@RecordID, '-', '') AS DECIMAL(18,0)) > 0 )
BEGIN
SELECT @Count = COUNT(*)
FROM tbAlert
WHERE REPLACE(RecordID, '-', '') = REPLACE(@RecordID, '-', '')

IF( @Count > 0 )
BEGIN
SET @RecordMatch = 1
SET @MatchedOn = 'FOUND : RecordID'
RETURN
END
END
END



Josephine

View 1 Replies View Related

No Available Input Columns

Sep 21, 2006

Hi ,

Im trying to build a package that will copy data from excel to SQL

in a program

unfortunately , when I open the package xml file and I drill into the

oledb destination I see that I have no available input columns

what could be the problem ?



thanks ahead

Eran

p.s

the script:

Dim p As Package = New Package()

Dim e As Executable = p.Executables.Add("DTS.Pipeline.1")

Dim thMainPipe As TaskHost = CType(e, TaskHost)

thMainPipe.Properties("Name").SetValue(thMainPipe, "Data Flow")

Dim dataFlowTask As MainPipe = CType(thMainPipe.InnerObject, MainPipe)





' Create excel connection MANAGER

Dim excelCon As ConnectionManager = p.Connections.Add("EXCEL")

excelCon.Name = "ExcelSourceConn"

excelCon.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=e: ry ry ry.XLS;Extended Properties=""Excel 8.0;HDR=YES"""

' Create sqldev connection Manager

Dim sqlCon As ConnectionManager = p.Connections.Add("OLEDB")

sqlCon.Name = "sqldevConn"

sqlCon.ConnectionString = "Provider=SQLOLEDB.1;Integrated Security=SSPI;Persist Security Info=False;User ID=sa;Initial Catalog=InsFocus_Admin_Eran;Data Source=SQLDEVSQLDEV"

''create source component

Dim excelSource As IDTSComponentMetaData90 = dataFlowTask.ComponentMetaDataCollection.New()

excelSource.Name = "ExcelSource"

excelSource.ComponentClassID = "DTSAdapter.ExcelSource.1"

Dim excelInstance As CManagedComponentWrapper = excelSource.Instantiate()

excelInstance.ProvideComponentProperties()

excelSource.RuntimeConnectionCollection(0).ConnectionManager = DtsConvert.ToConnectionManager90(p.Connections(0))

excelInstance.SetComponentProperty("AccessMode", 0)

excelInstance.SetComponentProperty("OpenRowset", "business_codes$")



excelCon.AcquireConnection(Nothing)

'excelInstance.ReinitializeMetaData()

excelInstance.ReleaseConnections()

Dim sqldev As IDTSComponentMetaData90 = dataFlowTask.ComponentMetaDataCollection.New()

sqldev.Name = "sqldev"

sqldev.ComponentClassID = "DTSAdapter.OLEDBDestination.1"



Dim sqldevInstance As CManagedComponentWrapper = sqldev.Instantiate()

sqldevInstance.ProvideComponentProperties()

sqldev.RuntimeConnectionCollection(0).ConnectionManager = DtsConvert.ToConnectionManager90(p.Connections(1))

sqldevInstance.SetComponentProperty("AccessMode", 0)

sqldevInstance.SetComponentProperty("OpenRowset", "business_codes")

sqldevInstance.AcquireConnections(Nothing)

sqldevInstance.ReinitializeMetaData()

sqldevInstance.ReleaseConnections()

Dim path As IDTSPath90 = dataFlowTask.PathCollection.New()

path.AttachPathAndPropagateNotifications(excelSource.OutputCollection(0), sqldev.InputCollection(0))

MsgBox(excelSource.OutputCollection.Count)

'For Each input As IDTSInput90 In sqldev.InputCollection

' Dim vInput As IDTSVirtualInput90 = input.GetVirtualInput

' For Each vColumn As IDTSVirtualInputColumn90 In vInput.VirtualInputColumnCollection

' ' Call the SetUsageType method of the design time instance of the component.

' sqldevInstance.SetUsageType(input.ID, vInput, vColumn.LineageID, DTSUsageType.UT_READONLY)

' Next

'Next



Dim app As Application = New Application()

app.SaveToXml("c:myXMLPackage.dtsx", p, Nothing)

View 2 Replies View Related

Getting The Value Of A Column From Input

Jul 11, 2007

I am trying to get the value of a column in the Input0_ProcessInputRow function and I have the column name.



There has to be an object in the pipeline that will allow me to do this right?



Something like "ComponentMetaData.InputCollection(0).InputColumnCollection([COLUMN NAME])"



Can someone recommend how I would do this. I have tried a few things, but can't seem to get to the Value or ToString of the column I want in this row.



Thanks

View 3 Replies View Related

Can't Get At First Row Of Input Buffer...why?!

Aug 8, 2007

Hi

A script component receives some input. But I just can't get at the first row??

Basically, if i use the NextRow method in the in the Do statement, then it advances the row collection to the second row before it gets into the code inside the loop?? BUT, if I use the EndOfRowset property to define my loop then I get an error:

[PipelineBuffer has encountered an invalid row index value]

I'm guessing this means...I have to call NextRow before i access the data in the collection? But thats retarted because then I miss the first row?? what? What am I missing??

This is the code which works but I miss the first row:

Public Overrides Sub Input0_ProcessInputRow(ByVal Row As Input0Buffer)
Dim strConcept As String

Do While Row.NextRow()


strConcept = Row.concept

updateDb(strConcept)

Loop
End Sub

This is the code which throws the invalid row index error:

Public Overrides Sub Input0_ProcessInputRow(ByVal Row As Input0Buffer)
Dim strConcept As String

Do While Not Row.EndOfRowSet()


strConcept = Row.concept

updateDb(strConcept)

Row.NextRow()

Loop
End Sub

I've put some try catches in there an the error happens on the line which calls Row.concept....?

Can anyone help, it must be something I'm messing up

thanks!!

andy

View 17 Replies View Related

Lookup On Input

Sep 19, 2007

I need to validate my input rows. The row is valid if there exist some other input rows in the same table (I am importing data from excel and access). I'll give an example to make everything clear:

Input table boys has following columns:First_Name ,Surname and Date_of_birth.

Output table is Twin_Triple_More_Brothers. I would like to insert into this table only boys that surnames are equal and difference in date of birth is less then one day.

I was thinking about lookup component, but I cannot use it in that way (or I just do not know how).

Maybe someone has an idea how to do this?
Thanks for help.

View 6 Replies View Related

Sorted Input

Mar 17, 2006

If a component requires a sorted input it would seem reasonable that you can check the IsSorted property of the attached input, but this will always return false. I have tried this when connecting the output of the Sort transform to my component, and then check the IsSorted property for this input. It is always false. How can this be, and also how can I see if the path is indeed sorted?

If using a virtual input column in my UI, I get a SortKeyPosition on the columns, but when overriding SetUSageType in the component class I always get zero for the key. Why is the sort information not quite there for me?

View 8 Replies View Related

How To Specify Input Parameters?

Oct 16, 2006

I'm very new to SQL Server so please forgive me if this question is ridiculously simple. I have to upgrade the report engine from one that was used in a legacy VB6 app to a C#.net app. In doing so, I'm looking at assorted reports that came out of the old app. Here is the SQL code for one of them:

SELECT (LTRIM(STR(From_To,10,0)) + '-' + LTRIM(STR(From_To + 49,10,0))) AS Bonus_Earned, COUNT (Empl_ID) AS Men, round(SUM (SumDollars),2) AS Group_Earn, round((SUM (SumDollars) / COUNT (Empl_ID)),2) AS Calc0 FROM (SELECT CONVERT (int, round (SumDollars / 50, 2)) * 50 AS From_To, SumDollars, Empl_ID FROM (SELECT round(SUM (Actual_Hours_Dollars.Incentivedollars * Contract_History.Bonus_Pct / 100), 2) AS SumDollars, employees.Empl_ID FROM ((Employees INNER JOIN Actual_hours_dollars ON Employees.Empl_ID = Actual_Hours_Dollars.Empl_ID_R) INNER JOIN Contracts ON Actual_Hours_Dollars.Contract_ID = Contracts.Contract_No) INNER JOIN Contract_History ON Contracts.Contract_Idx = Contract_History.Contract_Idx_R where employees.empl_idx = (SELECT max(empl_idx) FROM Employees AS OuterEmployees WHERE OuterEmployees.empl_id = employees.empl_id AND outeremployees.Datex = (SELECT max(datex) FROM Employees AS InnerEmployees WHERE InnerEmployees.empl_id = employees.empl_id AND Inneremployees.disabled = 0 AND Inneremployees.Datex < '~EndDate~')) AND Contracts.Datex = (SELECT max(datex) FROM Contracts AS InnerContracts WHERE InnerContracts.contract_no = Contracts.contract_no AND InnerContracts.disabled = 0 and InnerContracts.deleted = 0 AND InnerContracts.Datex < '~EndDate~') AND Actual_hours_dollars.Datex >= '~StartDate~' AND Actual_Hours_Dollars.Datex < '~EndDate~' AND dateadd(month, Contract_History.Monthx - 1, dateadd(year, Contract_History.Yearx - 1900, '01 Jan 1900')) >= '~StartDate~' AND dateadd(month, Contract_History.Monthx - 1, dateadd(year, Contract_History.Yearx - 1900, '01 Jan 1900')) < '~EndDate~' and Actual_Hours_Dollars.IncentiveHours <> 0 GROUP BY employees.empl_ID) AS InnerRS1 GROUP BY ROUND (SumDollars * 2, -2) /2, SumDollars, Empl_ID) AS InnerRS2 GROUP BY From_To

I'm only including it for completeness. The key thing I'd like to draw your attention to are two variables that are clearly input parameters: ~StartDate~ and ~EndDate~.

My question is this: If I want to copy this code into SQL Query Analyzer and run it to see what kind of results I get back, what's the simplest way to define these two input parameters? I'm hoping you could just show me the syntax to define them above the SELECT statement.

Robert Werner
Vancouver, BC

View 4 Replies View Related

Have A Bet .... Curious On Input :)

Sep 15, 2006

So I have a person who is adamant in tell me that SQL Server does not run on windows XP.

Now, I have already done all the research on this (i.e. sql server 2000 product page / requirements) and know the answer, but they insist on asking the question, so here it is .....



'Will SQL Server run on Windows XP'

A simple YES or NO will suffice; however, if you want to explain the answer (if it requires one ;) ), please feel free.

View 5 Replies View Related

User Input

May 14, 2007

Is it possible to allow user input via a Reporting Services Report? What I mean is could a report be created that would allow someone using the report to enter a number that would be written to the SQL database?

View 1 Replies View Related

Data Input Problem

May 28, 2007

In Visual Web Developer I
have created a data input form based on the documentation I found in the .NET
Framework Class Library (SqlDataSource.InsertCommand Property).  Originally my form contained 4 textboxes
(FirstName, LastName, Phone, Email) and worked fine.  All this data is nvarchar string data. 


When I added a checkbox I
get an error that “String
was not recognized as a valid Booleanâ€? 
when the checkbox is checked. 
When the checkbox is unchecked the data is input without a problem.  This is a bit data field in the table. 






Here is my VB code, Insert
Parameters for my SqlDataSource1, and button code: 


<script
runat="server">


    Private Sub InsertData(ByVal
Source As Object,
ByVal e As
EventArgs)


        SqlDataSource1.Insert()


    End Sub    


</script>




<InsertParameters>


                <asp:formParameter Name="FirstName" Type="String" FormField="txtFirstName"/>


                <asp:formParameter Name="LastName" Type="String" FormField="txtLastName"/>


                <asp:formParameter Name="Phone" Type="String" FormField="txtPhone"/>


                <asp:formParameter Name="Email" Type="String" FormField="txtEmail"/>


                <asp:formParameter Name="FreeInfo" Type="Boolean" FormField="checkbox1"/>


</InsertParameters>






<asp:Button id="Button1" runat="server" text="Submit" OnClick="insertdata"/>



I suspect that the problem
is with the VB code which will only accept string input data, but don’t know
how to fix it.  Any thoughts on how to
fix this problem?  Thanks in advance for
any help provided.

View 4 Replies View Related

Sorting According To Input Parameter

Jun 1, 2007

Hi, I need to do the following task, which is described by pseudo-code
SELECT * FROM Customers
SORT BY @SortExpression
How can I do something like it (sorting according to input parameter)
Thanks for any idea

View 4 Replies View Related

Input In Sql-server Database

Jun 20, 2007

hy, i wrote an input function to put some data in my database with click of button
it doesnt work and i cant find the mistake =/
anyone of you can help?
now theres one thing that isnt right, and that is that the datasiz of messagetext is set to max, and here i put it in to 50, cause dont know how to put it to max cause you can only put in ant integer
, also in the insert into, i did not put all of the columns cause the data i input is only for certain columns, ( don't think thats a problem)
Greetz
Roy1
2 Private mocon As clsAdocon
3 Dim naam As String
4 Dim type As String
5 Dim folder As String
6 Dim sUDL = ConfigurationManager.ConnectionStrings("masterConnectionString").ConnectionString
7
8 Protected Sub btnopslaan_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnopslaan.Click
9
10 folder = "Out"
11 Select Case True
12 Case rdbMail.Checked
13 type = "Mail"
14 Case rdbFax.Checked
15 type = "Fax"
16 Case rdbSms.Checked
17 type = "Sms"
18 End Select
19
20 If type = "Mail" Then
21 Dim strSql As String
22 strSql = "INSERT INTO Message(ToName, ToEmail, Subject, MessageText, TypeBericht, Folder) VALUES(@ToName,@ToEmail,@Subject,@MessageText,@TypeBericht,@Folder);"
23
24 Try
25 'connectie met database
26 Dim objCn As New SqlConnection(sUDL)
27 Dim objCmd As SqlCommand = objCn.CreateCommand()
28 objCmd.CommandText = strSql
29
30 objCmd.Parameters.Add("@ToName", SqlDbType.NVarChar, 50).Value = naam
31 objCmd.Parameters.Add("@ToEmail", SqlDbType.NVarChar, 50).Value = txtAan.Text
32 objCmd.Parameters.Add("@Subject", SqlDbType.NVarChar, 50).Value = txtOnderwerp.Text
33 objCmd.Parameters.Add("@MessageText", SqlDbType.NVarChar, 50).Value = txtbericht.Text
34 objCmd.Parameters.Add("@Folder", SqlDbType.NChar, 10).Value = folder
35 objCmd.Parameters.Add("@TypeBericht", SqlDbType.NChar, 10).Value = type
36
37 objCn.Open()
38 objCmd.ExecuteNonQuery()
39 objCn.Close()
40 Catch ex As Exception
41
42 End Try
43 End If
44
45 End Sub
 

View 4 Replies View Related

User Input - SQL Paramaters

Dec 18, 2007

 Hi, Just wondering if I could make sure that "hackers" don't tamper with my querystring - which is a parameter for a SQL query. i.e...  Dim ListOfValues as string = request.querystring("listOfValues")

'Output would be this: 324234,5445,554654,45632,SQL command :  Delete From table where product_id IN (@ListOfValues)

cmd.paramaters.addwithvalue("@ListOfValues", ListOfValues ) 



How can I validate it so that hackers can't add any characters other than 'numbers' and ' , ' to the sql parameter? I have tried to tryparse the 'ListOfValues ' as an integer - by replacing "," with "" but an integer overflow occured. Any questions or ideas? Thanks   

View 6 Replies View Related

Like Operator And Textbox Input

Feb 18, 2008

Hi guys, having a bit of trouble with this. Right now my SELECT statement goes a bit like this (I'm using SqlDataSource): "SELECT [Something],[ProductName] FROM [Products] WHERE ProductName LIKE '%SearchBoxInput.text'AND ProductOnSale='true'" at the moment this just takes out my GridView used to display product data completely - which stands to sense because I'm telling it to select something based on user input. I have my textbox and button on the page, but I'm not entirely sure what I need on the button_click event. Also, if I want to start with a GridView full of values that I narrow down via the search instead of starting with nothing, how would I do this? any help would be most appreciated! Using C# btw mander 

View 3 Replies View Related

Check Db Input For Duplicates

Jun 4, 2008

I was just thinking about a situation...
 Let's say hypothetically, I have a textbox, that i would like someone to input their email address to be added to a mailing list. I would like to first check to see if that email address exists in the database, rather than run a sql statement to check, and then run the update command, is it better to run an IFEXIST() type thing in sql and do the code there?

View 4 Replies View Related

Conditional Input Params To SP

Feb 2, 2004

I've got a pretty straightforward search/results suite with several possible search parameters on the search page. I've been using an inline SQL server query with logic on the results page as shown below. How do I convert this kind of conditional logic to a stored procedure?

Dim strWhere
strWhere = " WHERE dbo.""User"".UID IS NOT NULL "

If Not request.querystring("EmployerID") = "" Then
strWhere = strWhere & " AND dbo.""User"".EmployerID = '" & replace(request.querystring("EmployerID"),"'","''") & "'"
End If

If Not request.querystring("AccountNumber") = "" Then
strWhere = strWhere & " AND dbo.""User"".AccountNumber = '" & replace(request.querystring("AccountNumber"),"'","''") & "'"
End If

If Not request.querystring("LastName") = "" Then
strWhere = strWhere & " AND dbo.""User"".LastName = '" & replace(request.querystring("LastName"),"'","''") & "'"
End If

If Not request.querystring("FirstName") = "" Then
strWhere = strWhere & " AND dbo.""User"".FirstName = '" & replace(request.querystring("FirstName"),"'","''") & "'"
End If

DBConn = New OleDbConnection(ConfigurationSettings.AppSettings("ConnStr"))
DBCommand = New OleDbDataAdapter _
("SELECT dbo.""User"".*, Convert(varchar(16), dbo.""User"".DateEntered, 101) AS Created, dbo.Employer.CompanyName, dbo.AccessLevel.AccessLevel AS AccessLevelName FROM dbo.""User"" INNER Join dbo.Employer ON dbo.""User"".EmployerID = dbo.Employer.EmployerID INNER JOIN dbo.AccessLevel ON dbo.""User"".AccessLevel = dbo.AccessLevel.AccessLevelID " & strWhere & " ORDER BY " & strSortField,DBConn)

Thanks in advance?

View 3 Replies View Related

User Input In SQL Query

Nov 24, 2004

Hi,

I am new to ASP.NET so pordon me if my questions seems to be stupid.

I was given an assign to develop a ASP that would return results from a SQL server.

The problem is that part of my query to the SQL server comes from the webform


select a.invnum, a.invdate, a.duedate, a.invamt,a.payamt from vpshead a inner join vendors
b on (a.vendnum = b.vendnum) where (a.vendnum = " & user.text & " ) and (b.vendpass = "
& Pass.text & " ) and (a.payflag <> 'V') and ( (a.invamt <> 0) or (a.payamt <> 0) )and (a.chkno = '') order by a.invdate"



As your can tell I am using the user.text and Pass.text in my query which will come from the web form.

I know this is wrong but how else can I do it?

Thanks

View 3 Replies View Related

User Input Conversion

Feb 19, 2005

To: All,

well here's a problem that I encountered, i got a textbox that is used to store the Date of Birth of a user. So when user keys in something, it is store as a string. However i wish to convert it into a datetime so that i can store it into my database. Anybody know of a way to help? i've tried countless methods but doesn't seem to work. Please give me a hand guys.... Thanks

From: iaciz

View 2 Replies View Related

Sql Input Filter Syntax

Jun 6, 2006

This is probably a simple question but i am trying to create a simple function thatfilters sql input. Is the following syntax correct? 
Public Shared Function SafeSql(ByVal firstName As String, ByVal lastName As String) As String                        firstName.Replace("'", "''")            lastName.Replace("'", "''")           
        End Function
many thanks
martin

View 7 Replies View Related

Determining What To Input As Server

Jun 9, 2006

I'm trying to connect to a sql database, but I don't know what myserver is in the following code.Dim strConn As String = "server=myserver;database=Northwind"I can't get the code to link up with my Northwind database.I'm running everything locally if that helps.Thanks!Jon

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved