In the 70-461 objectives it says: Ensure code non regression by keeping consistent signature for procedure, views and function (interfaces); security implications...I think I understand what this means in general. They want us to be able to create a view that will still be able to call the original data even if the table is modified. In other words, the view table shouldn't easily be broken. ie, type a code that does NOT ensure non regression, then change the code so that it does ensure non regression.Â
I am search for coding criteria I need create a stored procedure with execute as and along with encryption. How can I use the same ? My main motive is to create proc with execute as a user also at the same time I need to encrypt the same from other users seeing the code.
The below query is getting errors:
Create procedure testproc with execute as 'user' and with encryption as truncate table some table
Hi, I would like to know that how can I encrypt a stored procedure, so that it can not be decrypt by me or not by any one ? I have tried using the SQL encrypt,but there is a decrypt command which decrypt the same. I do not want any one to decrypt without a password or encrypt the stored procedure so that it can never be decrypted. Thanking you, Regards..Jay
Hey all, I've got a question and after doing some research I've found only a vague reference but no clear answer.
I have a java app that will be passing parameters to my stored procedure. I'll grab the requested info from the tables but instead of sending it back to the java app that sent the request, I need to send it to a "different" java app (the second java app will not be running at the time).
Can someone point me to a good source for executing java applications from a stored procedure?
I'm trying to use a servlet to process a form, then send that data toan SQL server stored procedure. I'm using the WebLogic 8 App. server.I am able to retrieve database information, so I know my applicationserver can talk to the database.I've determined the failure occurs when the the following statement isexecuted: cstmt.execute(); (due to the failure of println statementsplaced afterwards). I get the following error after trying to executethe stored procedure call:[Microsoft][ODBC SQL Server Driver][SQL Server]Could not find storedprocedure 'insertTheForm'The username and password i'm using to connect is a Windows user withadmin rights. It is also associated with the Odbc connection--and ofcourse is a database user..with full rights. I have executablepermissions on the stored procedure set up as well. I did a microsoftrecommended registry fix as well (for a previouserror:http://support.microsoft.com/defaul...;en-us;Q238971).Am I missing something? I posted my servlet code below.Thanks for any help!DineshformHandlingServlet.class-------------------------package showme;/** formHandlingServlet.java** Created on July 6, 2003, 7:01 PM*/import javax.servlet.*;import javax.servlet.http.*;import java.io.*;import java.sql.*;import java.text.DateFormat;/**** @author Administrator*/public class formHandlingServlet extends HttpServlet {private static final String email1 = "email";private static final String password1 = "password1";private static final String password2 = "password2";private static final String displayname = "displayname";Connection dbConn = null;// create a persistent conneciton to the SQL serverpublic void init() throws ServletException{String jdbcDriver = "sun.jdbc.odbc.JdbcOdbcDriver";String dbURL = "jdbc:odbc:Con2";String usernameDbConn = "dinesh";String passwordDbConn = "werty6969";try{Class.forName(jdbcDriver).newInstance();dbConn = DriverManager.getConnection(dbURL, usernameDbConn,passwordDbConn);}catch (ClassNotFoundException e){throw new UnavailableException("jdbc driver not found:" + dbURL);}catch (SQLException e){throw new UnavailableException("error: " + e);}catch (Exception e){throw new UnavailableException("error: " +e);}}public void doPost(HttpServletRequest request, HttpServletResponseresponse) throws ServletException, IOException{response.setContentType("text/plain");PrintWriter out = response.getWriter();//extract parameter information from register.jspString email1 = request.getParameter("email1");String password1 = request.getParameter("password1");String password2 = request.getParameter("password2");String displayname = request.getParameter("displayname");try{//make a callable statement for a stored procedure.//It has four parametersCallableStatement cstmt = dbConn.prepareCall("{call insertTheForm(?, ?, ?, ?)}");//set the values of the stored procedure's input parametersout.println("calling stored procedure . . .");cstmt.setString(1, email1);cstmt.setString(2, password1);cstmt.setString(3, password2);cstmt.setString(4, displayname);//now that the input parameters are set, we can proceed to execute theinsertTheForm stored procedurecstmt.execute();out.println("stored procedure executed");}catch (SQLException e){throw new UnavailableException("error: " + e);}}}
I created stored function with encryption. after i created i dont able to view the source code from system tables or any tool. i have get back the original source code
note: i want to stored function not for stored procedure.
How to pass value for the “in� clause in the SQL server stored procedure? Let us consider the following code.
declare @Country varchar(200) set @CountryIds='1,11' select CountryName from COUNTRY where CountryId in (@CountryIds) GO
In the above code, the lists of country ids are needed to feed from the front end. In the above example, we need to select countries for 1 and 11. So, how to pass this from front end and what will be the data type of the parameter. I am using front end as .Net. Please help in this regard. The stored procedure what I wrote was.
CREATE PROCEDURE [cmp].[Events_By_Country] @CountryIds varchar(200) AS select CountryName from COUNTRY where CountryId in (@CountryIds) GO
We have to encrypt one of the SQL Server column data at the database level, we don’t want to modify the application programs, because we use ERP application and we don’t want to reapply our customization very few months, so we are looking for an option  to encrypt and decrypt the column level data value using trigger/procedure/function,  I used instead of trigger on that table to encrypt and decrypt the values but it is not working, we want only one user(Application Service account) have an ability to encrypt and decrypt the data, not for any other id.. I read somewhere we cannot automatically encrypt/decrypt the column value using trigger, is that true...
I have created two user defined functions for encryption and decryption using passphrase mechanism. When I call encryption function, each time I am getting the different values for the same input. While I searching a particular value, it takes long time to retrieve due to calling decryption function for each row.
best way to encrypt and decrypt using user defined functions.Below is the query which is taking long time.
SELECT ID FROM table WITH (NOLOCK) Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â WHERE dbo.DecodeFunction(column) = 'value'
When I try to use symetric or asymetric encryption, I am not able to put "OPEN SYMETRIC KEY" code in a function. So, I am using PassPhrase mechanism.
How Can I Generating wrapper code for SQL Server Stored Procedure ??
If You will Go To The Following link you will see an example for Generating wrapper code for Oracle Database .. And Also the author say there is built in tool for Generating wrapper code for SQL Server http://www.codeproject.com/vb/net/OracleSPWrapper.asp my question .. where is this tools ???
All: I have created a stored procedure on SQL server that does an Insert else Update to a table. The SP starts be doing "IF NOT EXISTS" check at the top to determine if it should be an insert or an update. When i run the stored procedure directly on SQL server (Query Analyzer) it works fine. It updates when I pass in an existing ID#, and does an insert when I pass in a NULL to the ID#. When i run the exact same logic from my aspx.vb code it keeps inserting the data everytime! I have debugged the code several times and all the parameters are getting passed in as they should be? Can anyone help, or have any ideas what could be happening? Here is the basic shell of my SP: CREATE PROCEDURE [dbo].[spHeader_InsertUpdate] @FID int = null OUTPUT,@FLD1 varchar(50),@FLD2 smalldatetime,@FLD3 smalldatetime,@FLD4 smalldatetime AS Declare @rtncode int IF NOT EXISTS(select * from HeaderTable where FormID=@FID) Begin begin transaction --Insert record Insert into HeaderTable (FLD1, FLD2, FLD3, FLD4) Values (@FLD1, @FLD2, @FLD3,@FLD4) SET @FID = SCOPE_IDENTITY(); --Check for error if @@error <> 0 begin rollback transaction select @rtncode = 0 return @rtncode end else begin commit transaction select @rtncode = 1 return @rtncode end endELSE Begin begin transaction --Update record Update HeaderTable SET FLD2=@FLD2, FLD3=@FLD3, FLD4=@FLD4 where FormID=@FID; --Check for error if @@error <> 0 begin rollback transaction select @rtncode = 0 return @rtncode end else begin commit transaction select @rtncode = 2 return @rtncode end End---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
All -- Please help. I am using managed code in SQL Server 2005 and have a question about stored procedure name qualification. With a VS.NET 2005 Pro Database project, when I use >Build, >DeploySolution, it works great but my stored procedures are named with qualification using my domainusername.ProcName convention, something like this... XYZ_TECHKamoskiM.GetData ...when I want them to be named with the dbo.ProcName convention, something like this... dbo.GetData ...and I cannot see where this can be changed. Do you happen to know? Please advise. (BTW, I have tried going to this setting >Project, >Properties, >Database, >AssemblyOwner, and putting in the value "dbo" but that does not do what I want.) (BTW, as a workaround, I have simply scripted the procedures, so that I can drop them and then add them back with the right names-- but, that is a bit tedious and wasted effort, IMHO.) Thank you. -- Mark Kamoski
I have a stored procedure with several insert into statements. On occasion one of the insert into queries doesn't return any data. What is the best way to test for no records then, skip that query?
Hi, I created the stored procedure with encryption and now I want to see the same procedure but I am not able to see the text of procedure with SP_HELPTEXT command. Please help so that I could see my stored procedure with sp_helptext command. Thanks.
My command was: sp_helptext dm_sp_Outstanding_Events
Error message:
The text for object 'dm_sp_Outstanding_Events' is encrypted.
Hi, I would like to create a stored procedure, which accept RunAsUser, MasterKeyPassword and also ASymmetricKeyPassword. In this stored procedure, it call OPEN MASTER KEY and etc. I put these code in stored procedure so that my support staff can call it when doing maintenance by passing the parameter. I don't expect them to remember OPEN MASTER KEY and etc syntax.
However, I hit error "Invalid Syntax" when I run my code as below. Any ideas?
Thank you
-- ================================================ -- Template generated from Template Explorer using: -- Create Procedure (New Menu).SQL -- -- Use the Specify Values for Template Parameters -- command (Ctrl-Shift-M) to fill in the parameter -- values below. -- -- This block of comments will not be included in -- the definition of the procedure. -- ================================================ SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO -- ============================================= -- Author: <Author,,Name> -- Create date: <Create Date,,> -- Description: <Description,,> -- ============================================= CREATE PROCEDURE GrantMe -- Add the parameters for the stored procedure here @RunAsUser varchar(20), @MasterKey varchar(30), @ASKey varchar(30) AS BEGIN -- SET NOCOUNT ON added to prevent extra result sets from -- interfering with SELECT statements. SET NOCOUNT ON;
EXEC AS USER=@RunAsUser;
OPEN MASTER KEY DECRYPTION BY PASSWORD=@MasterKey;
OPEN SYMMETRIC KEY HRMS DECRYPTION BY ASYMMETRIC KEY FlexHRMS WITH PASSWORD=@AsKey ; END GO
Any better way to query SQL 2012 to display the code of a stored proc to a single line. I'm trying to write a script to insert the contents of the procs between my devestprod environments. So people can query a single table for any proc that is different between environments. At the moment I am using the syscomments view and the text column but the problem here is if you get a lengthy proc it cuts it up into multiple rows.
I can get around it by converting the text to a varchar(max) and outer joining the query, but as you can see by my code below I have to try and guess what the maximum number of rows I'm going to get back for my largest proc. If someone adds a new one that returns 8 rows I'm going to miss it with this query.
Hello, I'm using ASP.Net to update a table which include a lot of fields may be around 30 fields, I used stored procedure to update these fields. Unfortunatily I had to use a FormView to handle some TextBoxes and RadioButtonLists which are about 30 web controls. I 've built and tested my stored procedure, and it worked successfully thru the SQL Builder.The problem I faced that I have to define the variable in the stored procedure and define it again the code behind againALTER PROCEDURE dbo.UpdateItems ( @eName nvarchar, @ePRN nvarchar, @cID nvarchar, @eCC nvarchar,@sDate nvarchar,@eLOC nvarchar, @eTEL nvarchar, @ePhone nvarchar, @eMobile nvarchar, @q1 bit, @inMDDmn nvarchar, @inMDDyr nvarchar, @inMDDRetIns nvarchar, @outMDDmn nvarchar, @outMDDyr nvarchar, @outMDDRetIns nvarchar, @insNo nvarchar,@q2 bit, @qper2 nvarchar, @qplc2 nvarchar, @q3 bit, @qper3 nvarchar, @qplc3 nvarchar, @q4 bit, @qper4 nvarchar, @pic1 nvarchar, @pic2 nvarchar, @pic3 nvarchar, @esigdt nvarchar, @CCHName nvarchar, @CCHTitle nvarchar, @CCHsigdt nvarchar, @username nvarchar, @levent nvarchar, @eventdate nvarchar, @eventtime nvarchar ) AS UPDATE iTrnsSET eName = @eName, cID = @cID, eCC = @eCC, sDate = @sDate, eLOC = @eLOC, eTel = @eTEL, ePhone = @ePhone, eMobile = @eMobile, q1 = @q1, inMDDmn = @inMDDmn, inMDDyr = @inMDDyr, inMDDRetIns = @inMDDRetIns, outMDDmn = @outMDDmn, outMDDyr = @outMDDyr, outMDDRetIns = @outMDDRetIns, insNo = @insNo, q2 = @q2, qper2 = @qper2, qplc2 = @qplc2, q3 = @q3, qper3 = @qper3, qplc3 = @qplc3, q4 = @q4, qper4 = @qper4, pic1 = @pic1, pic2 = @pic2, pic3 = @pic3, esigdt = @esigdt, CCHName = @CCHName, CCHTitle = @CCHTitle, CCHsigdt = @CCHsigdt, username = @username, levent = @levent, eventdate = @eventdate, eventtime = @eventtime WHERE (ePRN = @ePRN) and the code behind which i have to write will be something like thiscmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@eName", ((TextBox)FormView1.FindControl("TextBox1")).Text);cmd.Parameters.AddWithValue("@ePRN", ((TextBox)FormView1.FindControl("TextBox2")).Text); cmd.Parameters.AddWithValue("@cID", ((TextBox)FormView1.FindControl("TextBox3")).Text);cmd.Parameters.AddWithValue("@eCC", ((TextBox)FormView1.FindControl("TextBox4")).Text); ((TextBox)FormView1.FindControl("TextBox7")).Text = ((TextBox)FormView1.FindControl("TextBox7")).Text + ((TextBox)FormView1.FindControl("TextBox6")).Text + ((TextBox)FormView1.FindControl("TextBox5")).Text;cmd.Parameters.AddWithValue("@sDate", ((TextBox)FormView1.FindControl("TextBox7")).Text); cmd.Parameters.AddWithValue("@eLOC", ((TextBox)FormView1.FindControl("TextBox8")).Text);cmd.Parameters.AddWithValue("@eTel", ((TextBox)FormView1.FindControl("TextBox9")).Text); cmd.Parameters.AddWithValue("@ePhone", ((TextBox)FormView1.FindControl("TextBox10")).Text); cmd.Parameters.AddWithValue("@eMobile", ((TextBox)FormView1.FindControl("TextBox11")).Text); So is there any way to do it better than this way ?? Thank you
I could identify the last or all stored procedure, which was performed on a database, +/- something similar to what the profile of sql server identifies as below ?
I am having table on which i want to fire a query on.
table structure is as follows :
Table1Â
Table1ID   bigint PK City  nvarchar(10) FirstName  nvarchar(10) LastName  nvarchar(10) MiddleName  nvarchar(10) State  nvarchar(10) FirstName  nvarchar(10) LastName  nvarchar(10) LLDCode    nvarchar(20) MMDCode   nvarchar(20) LastModified   datetime CreatedDateTime    datetime LastUpdatedDateTime    datetime SSN#  nvarchar(20)
I have to write a parameterised stored procedure where multiple values will be pass as input to SP.
E:g: Â 1) SSN# if no record found by SSN# then 2) Find by LLDCode OR MMDCode
This logic can be implemented using UNION to join output of 2 queries and selecting by LastUpdatedDateTime this query will return the Table1ID.
Now we will fire the query on table2 where this Table1ID as FK in Table2 and we will return the filed SSXML from Table2.How to do this ?
As in some of the databases stored procedures can be written in java. Java stored procedures run into inbuilt JVM of database.Does SQL server provides any support for writing stored procedures in java.Is there any inbuilt JVM in SQL server.