SQL Security :: HTML Styles Getting Added With Actual Database Value
Apr 30, 2015
In addition to the column values, we are getting the below tag added throughout the table. It happens specifically to the columns with data type nvarchar and varchar and length >=100. We have 5 numbers of database but it happens only in one specific database. We doubt it to be sql injection but not sure how it happens. The impact is very severe on our clients. how to find the root cause. In that html tag have the url:...
Wilhite</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div
Blunt</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div>
Duran</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div>
Neiwert</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div>
Gerard</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div>
Hrnandez</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div class
Hernandez</title><style>.alwi{clip:rect(483px,auto,auto,427px);}</style><div class
Is it possible to edit the pages generated by the web reporting services interface?
If I wanted to change the color of all the pages, or the folder ICON, or perhaps inside a given folder to display something differently?
Is any of that editable, or is the entire reporting services "site" predefined and it just generates folders and directory views as it needs them (meaning if I had two folders I couldn't have one have black background when opened and the other have orange, etc..)
I have a view in SQLServer 2005. It took 30 sec. to finish. Then I deleted 4500 records from one table that is used in view. It took 90 sec. to finish now. I did a comparison on Actual Execution Plan between before I deleted data and after I deleted data, they are almost same, only different is Actual Number Rows become less after deleted data. So, I wonder why data become less but time become more. When I look closely on the Actual Execution Plan, the ridiculous thing is, there are only Estimated Operation Cost on each step, no Actual Operation Cost. I guess there are something wrong with optimizer because reuse same Execution Plan, but how can I tell which step wrong without Actual Operation Cost.
I am amazed that we cannot use our own styles?. There is only a predefined set of styles in HTMViewer.css to which we cannot add our own style names and use it for a textbox?
except for dots and dashes, it seems like the fancier border styles on a text box (like "Groove") all act like the "Solid" border style. Am I missing an add in?
To date I have found no way of defining styles that can be shared either between objects or between reports.
I am looking for the concept of the rdl making a reference to an external css (or equivalent) file. This would allow for me to define a font or image external to the rdl and shared among all my reports. Currently if I want to change my header image, I need to edit 50 rdl files across the reporting suite.
What work arounds are available for this? Is this a coming feature enhancement? If so when? Does the reporting team publish a list of future enhancments?
I know crystal and few other reporting packages have the concept of css or style external to the report.
1) As per my project requirement, if the changes in SSAS cube are approved, they should be committed back to the actual SQL Server 2012 tables. Is that possible, if yes how?
2) For rolling back to original data I truncate the relevant writeback table and process the cube.
Dear All, i dont know the exact reson why, but i'm guessing the reason for each table had a new guid column is because of transactional replication with update subscribers. actually i dont need this. can i change this to transactional replication? or i need to drop the column in each table? please guide me
Arnav Even you learn 1%, Learn it with 100% confidence.
I have 2 sql server 2000 database that participate in log shipping.Server A is the source database, which log ships to a database onServer B. The database on Server B is in a warm stand by/read onlymode. Is there a way that I can add users to the database on ServerB, without having to add the users to the database in server A? I amtrying to use the database on Server B as a reporting only databaseand add more users to have permissions to run reports.Please let me know if anyone has any suggestions. Thank you.
I have a web form that is an interface for a database. The code was working fine until a field needed to be added. So I added the new field, updated the data adapter and data set, and when i enter the data into the field, all of the old fields are getting updated, but the new ones aren't. I am at wits end as to why. Can someone please help!!! I am using VS Studio 2000 ASP.NET and C#. The code is below. The bold items are the new fields.using System;using System.Collections;using System.ComponentModel;using System.Data;using System.Drawing;using System.Web;using System.Web.SessionState;using System.Web.UI;using System.Web.UI.WebControls;using System.Web.UI.HtmlControls;namespace TrafficDept{/// <summary>/// Summary description for AddOwner./// </summary>public class AddOwner : System.Web.UI.Page{protected System.Web.UI.WebControls.Button Button1;protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator3;protected System.Data.SqlClient.SqlConnection sqlConnection1;protected System.Web.UI.WebControls.TextBox TextBox1;protected System.Web.UI.WebControls.TextBox TextBox2;protected System.Data.SqlClient.SqlDataAdapter daAddOwner;protected System.Web.UI.WebControls.TextBox tbOtherOwnerLName;protected System.Web.UI.WebControls.Panel namePanel;protected System.Web.UI.WebControls.TextBox tbOtherOwnerMI;protected System.Web.UI.WebControls.TextBox tbOtherOwnerFName;protected System.Web.UI.WebControls.TextBox tbSecondOwnerLName;protected System.Web.UI.WebControls.TextBox tbSecondOwnerMI;protected System.Web.UI.WebControls.TextBox tbSecondOwnerFName;protected System.Web.UI.WebControls.Button Button4;protected SiteCubed.EditWorksProfessional tbNote;protected System.Web.UI.WebControls.Panel notePanel;protected System.Web.UI.WebControls.DropDownList ddlStatus;protected PeterBlum.PetersDatePackage.DateTextBox tbRegDate;protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator2;protected System.Web.UI.WebControls.TextBox tbOwner;protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator1;protected System.Web.UI.WebControls.TextBox tbOwnerMI;protected System.Web.UI.WebControls.TextBox tbOwnerLName;protected System.Web.UI.WebControls.RequiredFieldValidator RequiredFieldValidator4;protected System.Web.UI.WebControls.TextBox tbBusinessName;protected System.Web.UI.WebControls.TextBox tbAddress;protected System.Web.UI.WebControls.TextBox tbRegNo;protected System.Web.UI.WebControls.TextBox tbPreviousOwner;protected System.Web.UI.WebControls.TextBox tbPOwnerAddress;protected System.Web.UI.WebControls.TextBox tbPORegNo;protected PeterBlum.PetersDatePackage.DateTextBox tbTransferDate;protected System.Web.UI.WebControls.DropDownList ddlMeans;protected System.Web.UI.WebControls.Button Button3;protected System.Web.UI.WebControls.Button Button2;protected System.Data.SqlClient.SqlCommand sqlSelectCommand1;protected System.Data.SqlClient.SqlCommand sqlInsertCommand1;protected System.Data.SqlClient.SqlCommand sqlUpdateCommand1;protected System.Data.SqlClient.SqlCommand sqlDeleteCommand1;protected TrafficDept.dsAddOwner dsAddOwner1; private void Page_Load(object sender, System.EventArgs e){// Put user code to initialize the page here}#region Web Form Designer generated codeprivate void Button2_Click(object sender, System.EventArgs e){Response.Redirect("AddOthers.aspx");}private void Button1_Click(object sender, System.EventArgs e){daAddOwner.Fill(dsAddOwner1);dsAddOwner.OwnershipRow drOwner = dsAddOwner1.Ownership.NewOwnershipRow();drOwner.Plates_ID = int.Parse(Session["PlatesID"].ToString());drOwner.Status = ddlStatus.SelectedItem.Text;drOwner.Current_Legal_Owner = tbOwner.Text;drOwner.Owner_CurrentLegalOwnerMI = tbOwnerMI.Text.ToString();drOwner.Owner_CurrentLegalOwnerLName = tbOwnerLName.Text;drOwner.Owner_CurrentBusinessName = tbBusinessName.Text;if (!tbRegDate.xIsEmpty)drOwner.Date_of_Registration = DateTime.Parse(tbRegDate.Text.ToString());drOwner.Address_of_Current_Owner = tbAddress.Text;drOwner.Reg_No_for_Current_Owner = tbRegNo.Text;drOwner.Previous_Owner = tbPreviousOwner.Text;drOwner.Previous_Owner_Address = tbPOwnerAddress.Text;drOwner.Reg_No_for_Previous_Owner = tbPORegNo.Text;if (!tbTransferDate.xIsEmpty)drOwner.Date_of_Transfer = DateTime.Parse(tbTransferDate.Text.ToString());drOwner.By_Means_of = ddlMeans.SelectedItem.Text;drOwner.Owner_SecondaryLegalOwnerFName = tbSecondOwnerFName.Text;drOwner.Owner_SecondaryLegalOwnerMI = tbSecondOwnerMI.Text;drOwner.Owner_SecondaryLegalOwnerLName = tbSecondOwnerLName.Text;drOwner.Owner_OtherLegalOwnerFName = tbOtherOwnerFName.Text;drOwner.Owner_OtherLegalOwnerMI = tbOtherOwnerMI.Text;drOwner.Owner_OtherLegalOwnerLName = tbOtherOwnerLName.Text;drOwner.Owner_Notes = tbNote.Text;dsAddOwner1.Ownership.Rows.Add(drOwner);daAddOwner.Update(dsAddOwner1);Response.Redirect("AddOthersTP.aspx");}private void Button3_Click(object sender, System.EventArgs e){//daAddOwner.Fill(dsAddOwner1);//dsAddOwner.OwnershipRow drAddOwner = dsAddOwner1.Ownership.NewOwnershipRow();namePanel.Visible = true; }private void Button4_Click(object sender, System.EventArgs e){notePanel.Visible = true;}}}
When I execute this, it works ok but only one the first character of the request.form["d"] is stored to the db.I checked the sproc with another routine and it adds full data, and I've verified that value of request.form["d"] is longer than one chaacter by printing it to the page. Anyone got any ideas why only the first char is getting added to the db?? SqlConnection SqlConnection1 = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString1"].ConnectionString); SqlCommand SqlCommand1 = new SqlCommand("addRoute", SqlConnection1); SqlCommand1.CommandType = CommandType.StoredProcedure; SqlParameter SqlParameter1 = SqlCommand1.Parameters.Add("@ReturnValue", SqlDbType.Int); SqlParameter1.Direction = ParameterDirection.ReturnValue; SqlCommand1.Parameters.Add("@xmlData", Request.Form["d"]); SqlConnection1.Open(); SqlCommand1.ExecuteNonQuery(); Response.Write(SqlCommand1.Parameters["@ReturnValue"].Value); //Response.Write(Request.Form["d"]);
I am retrieving a field from SQL and displaying that data on a web page. The data contains a mixture of text and html codes, like this "<b>test</b>". But rather than displaying the word test in bold, it is displaying the entire sting as text. How do I get it to treat the HTML as HTML?
Good Morning, I'm not quite sure this is the right place to post this, but i'll try anyway. I have a website where I allow people to create their own layouts in HTML, and in the HTML I have them placeing markers (eg. |1| ) where they would like to place something from a database. All the HTML is stored in a SQL Server DB, and when I pull it out, it's fine, except it won't allow me to Replace any of the markers with values from the DB. Here's and example line of HTML that's held in the DB:<table width='50%' border='1'><tr><td>|0|</td><td>|1|</td></tr> and when I do a strHtml.Replace("|0|", dReader["somefield"].ToString()) or even just a strHtml.Replace("|0|", "Test") it never changes it. Anyone have any ideas? Thanks, Deepthought
I am trying to display a price from a table I created in MySQL to a web page. I have created a php form to open and select the home. The data base is simple with a table called homes fields home - size and 4 price fields one being mobile which I am showing here. How to get the information to show up on my index.php page.
php for opening database and file. data2.php <?php require('mysqli_connect.php'); $q = "SELECT * FROM homes WHERE home='solera'"; $result = @mysqli_query ($dbcon, $q); echo '$result.$row['mobile']';
i want to return a Log of my stored procedure to my asp app, how do i do that i have problems with that i tried Dim log As String = cmd.Parameters("@Log").ToString but that gave "An SqlParameter with ParameterName '@Log' is not contained by this SqlParameterCollection."my code below SQL 1 ALTER PROCEDURE dbo.RevertDB 2 ( 3 @Log varchar(MAX) = NULL OUTPUT 4 ) 5 6 /* Reverts Database to original "Clean" State */ 7 AS 8 SET NOCOUNT OFF 9 DECLARE @RowsInDB AS int 10 SET @Log = 'RevertDB Started at ' + CAST(GETDATE() AS varchar(50)) + '<br />' 11 12 /* *** Disable Constraints *** 13 ALTER TABLE Booking NOCHECK CONSTRAINT ALL 14 ALTER TABLE InventoryPC NOCHECK CONSTRAINT ALL 15 ALTER TABLE PC NOCHECK CONSTRAINT ALL 16 ALTER TABLE Platform NOCHECK CONSTRAINT ALL*/ 17 18 /* *** Start Deletes *** */ 19 DELETE FROM Booking 20 SET @Log = @Log + 'Clear Table Booking - Done' + '<br />' 21 SET @RowsInDB = (SELECT COUNT(BookingID) FROM Booking) 22 SET @Log = @Log + '-- Rows Affected: ' + CAST(@@ROWCOUNT AS varchar(10)) + ', Rows in Table: ' + CAST(@RowsInDB AS varchar(10)) + '<br />' 23 24 DELETE FROM InventoryPC 25 SET @Log = @Log + 'Clear Table InventoryPC - Done' + '' 26 SET @RowsInDB = (SELECT COUNT(InventoryID) FROM InventoryPC) 27 SET @Log = @Log + '-- Rows Affected: ' + CAST(@@ROWCOUNT AS varchar(10)) + ', Rows in Table: ' + CAST(@RowsInDB AS varchar(10)) + '<br />' 28 29 DELETE FROM PC 30 SET @Log = @Log + 'Clear Table PC - Done' + '<br />' 31 SET @RowsInDB = (SELECT COUNT(PCID) FROM PC) 32 SET @Log = @Log + '-- Rows Affected: ' + CAST(@@ROWCOUNT AS varchar(10)) + ', Rows in Table: ' + CAST(@RowsInDB AS varchar(10)) + '<br />' 33 34 DELETE FROM Platform 35 SET @Log = @Log + 'CLear Table Platform - Done' + '' 36 SET @RowsInDB = (SELECT COUNT(PlatformID) FROM Platform) 37 SET @Log = @Log + '-- Rows Affected: ' + CAST(@@ROWCOUNT AS varchar) + ', Rows in Table: ' + CAST(@RowsInDB AS varchar(10)) + '<br />' 38 39 /* *** Enable Constraints *** 40 ALTER TABLE Booking WITH CHECK CHECK CONSTRAINT ALL 41 ALTER TABLE InventoryPC WITH CHECK CHECK CONSTRAINT ALL 42 ALTER TABLE PC WITH CHECK CHECK CONSTRAINT ALL 43 ALTER TABLE Platform WITH CHECK CHECK CONSTRAINT ALL*/ 44 45 SET @Log = @Log + '*** End Truncates ***' + '<br />' 46 /* *** End Truncates *** */ 47 48 /* *** Start Insert Platform *** */ 49 SET @Log = @Log + 'Start Insert Platform' + '<br />' 50 51 EXEC dbo.InsertPlatfrom 'Windows XP SP2 Professional Edition', 'Some description for Windows XP SP2 Professional Edition over here …' 52 EXEC dbo.InsertPlatfrom 'Windows Vista Ultimate', 'See everything you''re working on more clearly with Windows Aero, and quickly switch between windows or tasks using Windows Flip 3D and Live Thumbnails. You can easily find what you need—when you need it―with Instant Search and live icon previews that display the actual contents of your files. And while you''re at it, give your personal productivity a boost with instant access to the information you care about using Windows Sidebar and Gadgets. Put these easy-to-use and customizable mini-applications on your desktop and reveal the information you''re looking for at a glance. Website: http://www.microsoft.com/windows/products/windowsvista/seeit/default.mspx' 53 EXEC dbo.InsertPlatfrom 'Apple Mac OS X Tiger', 'Some description for Apple Mac OS X Tiger over here …' 54 EXEC dbo.InsertPlatfrom 'Apple Mac OS X Leopard', 'Desktop: The new look of Leopard showcases your favorite desktop image and puts new file Stacks at your fingertips for a stunning, clutter-free workspace. Finder: Browse your files like you browse your music with Cover Flow. Time Machine: See how your system looked on any given day and restore files with a click. Website: http://www.apple.com/macosx/leopard/features/' 55 EXEC dbo.InsertPlatfrom 'Red Hat Linux', 'Some description for Red Hat Linux over here …' 56 57 SET @Log = @Log + 'Rows In Platform: ' + CAST((SELECT COUNT(PlatformID) FROM Platform) AS varchar(10)) + '<br />' 58 /* *** Start Insert PC *** */ 59 SET @Log = @Log + 'Start Insert PC' + '<br />' 60 61 DECLARE @WinXP int, @WinVista int, @OSXTiger int, @OSXLeopard int, @RedHat int 62 SET @WinXP = (SELECT PlatformID FROM Platform WHERE Title = 'Windows XP SP2 Professional Edition') 63 SET @WinVista = (SELECT PlatformID FROM Platform WHERE Title = 'Windows Vista Ultimate') 64 SET @OSXTiger = (SELECT PlatformID FROM Platform WHERE Title = 'Apple Mac OS X Tiger') 65 SET @OSXLeopard = (SELECT PlatformID FROM Platform WHERE Title = 'Apple Mac OS X Leopard') 66 SET @RedHat = (SELECT PlatformID FROM Platform WHERE Title = 'Red Hat Linux') 67 68 EXEC dbo.InsertPC 'Fusion PC One', 'Description here ...', 'Intel Core2 Duo E6600 2.4 GHz 1066MHz', '1GB Dual Channel DDR2 667 SDRAM', '120GB SATA2 NCQ HDD', 'NVIDIA GeForce 8600 256MB GDDR3', '22" 3000:1 Wide Screen LCD', @WinXP 69 EXEC dbo.InsertPC 'Fusion PC Two', 'Description here ...', 'Intel Core2 Duo E6850 3 GHz 1333MHz', '2GB Dual Channel DDR2 800 SDRAM', '240GB SATA2 NCQ HDD', 'NVIDIA GeForce 8800 Ultra 256MB GDDR3 SLI', '24" 3000:1 Wide Screen LCD', @WinVista 70 EXEC dbo.InsertPC 'Fusion PC Three', 'Description here ...', 'AMD Athlon 64 X2 Dual Core 6000+ 3 GHz', '2GB Dual Channel DDR2 667 SDRAM', '240GB SATA2 NCQ HDD', 'ATI Radeon Cross Fire 2900 256MB GDDR3', '24" 3000:1 Wide Screen LCD', @WinVista 71 EXEC dbo.InsertPC 'Fusion X1', 'Description here ...', 'Intel Core2 Extreme Q6850 3 GHz 1333MHz', '6GB Dual Channel DDR2 800 SDRAM', '500GB SATA2 NCQ HDD', 'NVIDIA GeForce 8800 Ultra 256MB GDDR3 SLI', '30" 3000:1 Wide Screen LCD', @OSXLeopard 72 EXEC dbo.InsertPC 'Fusion X2', 'Description here ...', 'AMD Athlon 64 FX 74 3 GHz', '6GB Dual Channel DDR2 800 SDRAM', '500GB SATA2 NCQ HDD', 'NVIDIA GeForce 8900 Ultra SLI 256MB GDDR3', '30" 3000:1 Wide Screen LCD', @WinVista 73 EXEC dbo.InsertPC 'Fusion Tiger 1', 'Description here ...', 'Intel Core2 Duo E6600 2.4 GHz 1066MHz', '2GB Dual Channel DDR2 800 SDRAM', '120GB SATA2 NCQ HDD', 'NVIDIA GeForce 8600 256MB GDDR3 SLI', '22" 3000:1 Wide Screen LCD', @OSXTiger 74 EXEC dbo.InsertPC 'Fusion Linux 1', 'Description here ...', 'AMD Athlon 64 X2 6000+ 3 GHz', '1GB Dual Channel DDR2 800 SDRAM', '120GB SATA2 NCQ HDD', 'NVIDIA GeForce 8600 256MB GDDR3', '22" 3000:1 Wide Screen LCD', @RedHat 75 76 SET @Log = @Log + 'Rows In PC: ' + CAST((SELECT COUNT(PCID) FROM PC) AS varchar(10)) + '<br />' 77 78 /* *** Start Insert Inventory *** */ 79 SET @Log = @Log + 'Start Insert Inventory' + '<br />' 80 81 DECLARE @F1 int, @F2 int, @F3 int, @FX1 int, @FX2 int, @FT1 int, @FR1 int 82 SET @F1 = (SELECT PCID FROM PC WHERE Title = 'Fusion PC One') 83 SET @F2 = (SELECT PCID FROM PC WHERE Title = 'Fusion PC Two') 84 SET @F3 = (SELECT PCID FROM PC WHERE Title = 'Fusion PC Three') 85 SET @FX1 = (SELECT PCID FROM PC WHERE Title = 'Fusion X1') 86 SET @FX2 = (SELECT PCID FROM PC WHERE Title = 'Fusion X2') 87 SET @FT1 = (SELECT PCID FROM PC WHERE Title = 'Fusion Tiger 1') 88 SET @FR1 = (SELECT PCID FROM PC WHERE Title = 'Fusion Linux 1') 89 90 EXEC dbo.InsertInventory 10, @F1, 2.5, 'iCluster Fusion One' 91 EXEC dbo.InsertInventory 10, @F2, 2.5, 'iCluster Fusion Two' 92 EXEC dbo.InsertInventory 10, @F3, 2.5, 'iCluster Fusion Three' 93 EXEC dbo.InsertInventory 6, @FX1, 6, 'iCluster Fusion X1' 94 EXEC dbo.InsertInventory 6, @FX2, 6, 'iCluster Fusion X2' 95 EXEC dbo.InsertInventory 10, @FT1, 3, 'iCluster Fusion Tiger One' 96 EXEC dbo.InsertInventory 30, @FR1, 2, 'iCluster Fusion Linux One' 97 98 SET @Log = @Log + 'Rows In Inventory: ' + CAST((SELECT COUNT(InventoryID) FROM InventoryPC) AS varchar(10)) 99 100 RETURN @Log
Hi guys, Here is the html string that I want to transfer it to another variable so, I can post it to my sql server database <span style=""font: 12px arial; color : #000000; text-decoration : none;""><br>MODEL- USB01000C01CL VENDOR- ACTIONTEC ELECTRONICS<br> <br>FEATURES- VoSKY Chatterbox for Skype<br> Plug-and-Play Speakerphone for Skype!<br> VoSKY Chatterbox from Actiontec is the go-anywhere speakerphone <br> solution for Skype! No software or special drivers required. Simply <br> plug your VoSKY Chatterbox into any computer and you are ready to <br> start talking! <br> Make Skype Calls on a Speakerphone Plug Chatterbox into your <br> computer, and make or receive a Skype call as you normally would. <br> Then talk to your Skype contacts, hands-free and without wearing <br> headsets! <br> You do not need to download any additional drivers or software. Just<br> take Chatterbox, plug it into any computer, and you are ready to <br> go! <br> Chatterbox offers superb sound quality with the latest technology in<br> full duplex audio, DSP-enhanced sound quality, and echo <br> cancellation. <br>* Verified by and certified for Skype <br>* Replaces your headset/microphone <br>* Small, lightweight device goes anywhere you go <br>* Full duplex speakerphone with adjustable volume and mute control <br>* DSP-enhanced sound quality <br> <br> -- SPECIFICATIONs ------------------------------------<br>CONNECTORs - (1) USB 2.0/1.1 port<br> (1) 2.5mm Headset Jack<br>INDICATORS - LEDs for Ready, Microphone Mute<br>FUNCTION KEYS- Volume Up, Volume Down, Microphone Mute <br>SPEAKER - 1w peak, 40 mm, 4 ohm, 120 Hz to 6 KHz, 120 dB <br>MICROPHONE - Voice pick-up range up to 4 meters <br>APPROVALS - FCC, CE<br>REQUIREMENTS - PC running Windows 2000/XP with one available USB port. <br>DIMENSIONS - 7.7cm x 5.8cm x 2.1cm WT. 50 grams<br> <br><br>MANUFACTURER WARRANTY: 1 YEAR</span>
however If I just do; dim myvariable as string = htmlvalueatabove after importing the myvariable value to the sqlserver my asp.net detailview control only able to show only first 17 letters . Up until "fo" I am sorry if I am not able to provide you clear question. I am so frastrated at the moment, after 6 coffie and 2 minutes bathroom break I can't write anymore. I will shutup and wait for one you and respond.
I want to put HTML code in my ASP form and then input in to a database in SQL SERVER 7.0, but due to some syntax problems i can't be able to do it. Please tell me how i'm gonna input a typical HTML code in Database field. Thanx.
I've got a simple gridview and detailsview set up so the details view shows the selected item in gridview. But one of the fields contains HTML code and it's being displayed instead of rendered. There must be some easy way to use a panel or some other control and tell it dynamically what HTML to render, right? I saw one other post where someone suggested using a third party html editor like fckeditor but that just seems ugly and I really don't care to spend the time installing and configuring someone else's control for such a simple thing. Maybe I can assign the field to a variable and then response.write it? But then I can't change it dynamically based on my gridview selection... Any ideas?
May I know how to connect a database writing a source code at html page, is it by using javascript?Because I need to use it for <ul> and <li> tag html to display the text from database. Can you please provide me same example by using this tag. Appreciate if anyone can help me to solve this, thanks
I am running SQL Server 2008 Enterprise edition and I was asked for a way to export the database schema (Tables and Columns and their connections to each other) to HTML. I tried googling this, but all I found was paid tools that offer this and I was wondering if there is anything integrated in the SQL server or a free tool that provides this functionality?
Dear all I create this html file on the fly in my asp.net application abd what i would like to do is to store it inside my sql2005 database. What would be the best way?The html file itself is not really big. Probably not more then 600 - 800 characters most. I was thinking the text type fields of the database and then when retreiving it dump it inside in a file and save the file with html extention. Are there any better sugestions? Thank you for your time
Hi All, I am not sure whether this is the right place to post this question. But I am unable to figure out what is the best solution to retrieve and display an image in a html file(stored in varbinary(max) column). I have a list of images in the file and I am supposed to display them. Can anybody please let me know what is the best way to do this? Thanks a lot!!
The dB dates are store in db as 20140303 when I bring this to my application to pick a date, the apps shows the date as 20140303 how can I change this to show in the format 03/03/2014 in my application?
Hello, I am tring to add a string my database. Info is added, but it is the name of the string, not the data contained within. What am I doing wrong? The text "Company" and "currentUserID" is showing up in my database, but I need the info contained within the string. All help is appreciated!
Imports System.Data Imports System.Data.Common Imports System.Data.SqlClientPartial Class _DefaultInherits System.Web.UI.Page
Protected Sub CreateUserWizard1_CreatedUser(ByVal sender As Object, ByVal e As System.EventArgs) Handles CreateUserWizard1.CreatedUser 'Database ConnectionDim con As New SqlConnection("Data Source = .SQLExpress;integrated security=true;attachdbfilename=|DataDirectory|ASPNETDB.mdf;user instance=true") 'First Command DataDim Company As String = ((CType(CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("Company"), TextBox)).Text) Dim insertSQL1 As StringDim currentUserID As String = ((CType(CreateUserWizard1.CreateUserStep.ContentTemplateContainer.FindControl("UserName"), TextBox)).Text) insertSQL1 = "INSERT INTO Company (CompanyName, UserID) VALUES ('Company', 'currentUserID')"Dim cmd1 As New SqlCommand(insertSQL1, con) '2nd Command Data Dim selectSQL As String selectSQL = "SELECT companyKey FROM Company WHERE UserID = 'currentUserID'"Dim cmd2 As New SqlCommand(selectSQL, con) Dim reader As SqlDataReader '3rd Command Data Dim insertSQL2 As String insertSQL2 = "INSERT INTO Company_Membership (CompanyKey, UserID) VALUES ('CompanyKey', 'currentUserID')"Dim cmd3 As New SqlCommand(insertSQL2, con) 'First CommandDim added As Integer = 0 Try con.Open() added = cmd1.ExecuteNonQuery() lblResults.Text = added.ToString() & " records inserted."Catch err As Exception lblResults.Text = "Error inserting record." lblResults.Text &= err.Message Finally con.Close() End Try '2nd Command Try con.Open() reader = cmd2.ExecuteReader()Do While reader.Read() Dim CompanyKey = reader("CompanyKey").ToString() Loop reader.Close()Catch err As Exception lbl1Results.Text = "Error selecting record." lbl1Results.Text &= err.Message Finally con.Close() End Try '3rd Command Try con.Open() added = cmd3.ExecuteNonQuery() lbl2Results.Text = added.ToString() & " records inserted."Catch err As Exception lbl2Results.Text = "Error inserting record." lbl2Results.Text &= err.Message Finally con.Close()End Try
I am setting up SQL audit on sql servers in my environment based on requirement. I want to create database specifications ASAP database created. I tried DDL trigger but Audit doesn't support triggers. So I created audit specifications on model database. the only problem with this is every specification created on new database with same name.database specification name includes newly created database name or other methods to create database specifications on newly created databases.
In SSMS, I connect Object Explorer to a partially contained database using a contained user login with password. This user has a database role of dbdatareader. When I try to expand the Tables in the database, I get the error:
The SELECT permission was denied on the object 'extended_properties', database 'mssqlsystemresource', schema 'sys'. (Microsoft SQL Server, Error: 229)
Is there a way to set permissions for the contained user so that this could be done?
