If an application makes a connection under a given user, performs the following:
- calls a stored procedure which performs an insert,
- the insert causes a trigger to be fired
- the trigger causes a sql statement to execute against a different
database
Questions:
* Does the user who called the procedure, also need permissions to this 2nd database ?
* What security context does this trigger get executed ?
I have a stored procedure that is being called by my .Net application. The user account that makes the connection has execute permission to the procedure. However, the procedure does an insert which causes a trigger to fire. This trigger does a sql statement against a table in a different database, which the user who is calling the procedure, does not have permissions to access. Im getting an exception when I call the procedure, and it basically says there was a permission error with the user accessing this other database.
The sql listed above does execute the stored procedure called [dbo].[sproom] successfully and returns all the data all the rows from the stored procedure multiple times. However can you tell me the following:
1. How can I have the stored procedure return distinct rows? 2. I want the stored procedure to return selected columns. I tried using the OUTPUT parameter for some of the columns, but I got the error message, "Procedure or function spHomeroom has too many arguments specified.".
A solution might be to change the stored procedure, but I would prefer not to since this is a generic stored procedure that I believe a lot of t-sqls and stored procedures will use.
The first query returns me the results from multiple databases, thesecond does the same thing except it puts the result into a #temptable? Could someone please show me an example of this using the firstquery? The first query uses the @exec_context and I am having achallenge trying to figure out how to make the call from within adifferent context and still insert into a #temp table.DECLARE @exec_context varchar(30)declare @sql nvarchar(4000)DECLARE @DBNAME nvarchar(50)DECLARE companies_cursor CURSOR FORSELECT DBNAMEFROM DBINFOWHERE DBNAME NOT IN ('master', 'tempdb', 'msdb', 'model')ORDER BY DBNAMEOPEN companies_cursorFETCH NEXT FROM companies_cursor INTO @DBNAMEWHILE @@FETCH_STATUS = 0BEGINset @exec_context = @DBNAME + '.dbo.sp_executesql 'set @sql = N'select top 10 * from products'exec @exec_context @sqlFETCH NEXT FROM companies_cursor INTO @DBNAMEENDCLOSE companies_cursorDEALLOCATE companies_cursor-------------------------------------------------------------------------------------CREATE TABLE #Test (field list here)declare @sql nvarchar(4000)DECLARE @DBNAME nvarchar(50)DECLARE companies_cursor CURSOR FORSELECT NAMEFROM sysdatabasesWHERE OBJECT_ID(Name+'.dbo.products') IS NOT NULLORDER BY NAMEOPEN companies_cursorFETCH NEXT FROM companies_cursor INTO @DBNAMEWHILE @@FETCH_STATUS = 0BEGINset @sql = N'select top 10 * from '+@DBNAME+'.dbo.products'INSERT INTO #Testexec (@sql)FETCH NEXT FROM companies_cursor INTO @DBNAMEENDCLOSE companies_cursorDEALLOCATE companies_cursorSELECT * from #TestDROP TABLE #Test
I'm currently creating a database that will only allow data operations through stored procedures, ie users will not be able to directly modify tables. I'd like to use an Insert trigger which will run in response to a stored procedure that inserts records. The trigger will check business logic and additionally modify records in a couple of other tables. Given that I've disallowed direct access to the tables, will it run or will the security set-up prohibit that?Thanks in advance for any answers.
I am writing a trigger to audit changes to certain columns. In the trigger I would like to record to the "Audit" table as much information about the current execution context as possible (current user, login, nt user, inputbuffer, etc.). I couldn`t find the way to find out what is the currently executed* stored procedure. @@PROCID returns object id for the trigger itself. Any help would be highly appreciated as this is an urgent production environment issue.
I have a c# stored procedure that is being called from a trigger. When I execute it from management studio, it works just fine. But, when I update a record in the table that has the trigger that calls the sp, I get the error "transaction context in use by another session error". I've tried a few of the "fixes" that I found through searching, but so far nothing seems to work. What I've tried so far is...
Removing the transaction from my code making sure my code is only using 1 connection setting XACT_ABORT ON
Every time I call Encrypt by key I get a different result, although I am encrypting the same clear text,using the same authenticator and using the same key. I tried calling it twice inside one stored procedure and I got two different results.
Declare @Temp varbinary(8000); Declare @Temp2 varbinary(8000); set @Temp = EncryptByKey(Key_GUID('MyKey'),@cleartext,1,@Authenticator); set @Temp2= EncryptByKey(Key_GUID('MyKey'),@cleartext,1,@Authenticator); Select @Temp,@Temp2;
when executing this stored procedure, the value of @Temp is differnent from the result of @Temp2, and the same thing happens without using an authenticator.
Is there something going behind in the encryption mechanism of SQL server?
I need some help calling a DLL or EXE from a SQL Trigger. I have the trigger set up, except I have no clue how to call a DLL or EXE or if it is even possible. Here is what I have for the Trigger so far:
-- ================================================ SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO -- ============================================= CREATE TRIGGER CallProgIfParentID ON Toc FOR INSERT AS IF ((select ins.[ParentID] FROM inserted ins) = '57660') -- I want to be able to programmatically change '57660' from an ASPX page EXEC -- This is where the call function goes GO
Another question I have is can a trigger be created programmatically using ASPX pages written in VB.NET in VS2003?
I have a VB program to sit somethere. I like to call that program with passing two parameters from a trigger on the SQL Server. The parameters are the contents of the table which the trigger is created on.
"Could not impersonate the client during assembly file operation."
The CLR function is invoked from Service Broker internal activation stored procedure.
"SELECT user_name()" returns dbo just before CREATE ASSEMBLY execution.
SqlContext.WindowsIdentity.Name is "NT AUTHORITYSYSTEM" as the Data Engine runs with the LocalSystem account.
How do I create a the necessary security context for "CREATE ASSEMBLY" to succeed ?
Service Broker Queue activation with EXECUTE AS = "SELF", "OWNER", domain account or dbo, all result in the above error. The Service Broker assembly having the internal activation stored procedure is registered "unsafe".
I have created a trigger to call a program that is written by our program. The program is basically read the record in the table and write to a text file, then delete the record from the table.
The trigger is a after insert trigger. After we added the trigger, we insert a record to the table. The result is that the record still and did not get deleted. Also, the text file didn't get created either. It seems that it take a long time for the record to be written to the table.
But if we just run the program (a exe file), it can write a text file in the folder and delete the record. the trigger is basically:
USE [Zinter] GO /****** Object: Trigger [dbo].[ZinterProcess] Script Date: 04/29/2014 18:34:56 ******/ SET ANSI_NULLS ON GO SET QUOTED_IDENTIFIER ON GO
Hi, I have an integration solution that backs into two databases. Database A is custom and Database B is integrated from a COTS product. The manufacturer of B supplies a formal interface as stored procedures (and I intend to honor that contract by limiting my access to B through those stored procs). Now, I have a search that is going to involve a subselect in the form of the following pseudocode:
select a,b from dbA.user.TableX where exists (select a from dbB.user.TableY)
I am trying to avoid creating 2 temporary cursors in the integration application and doing things in-memory (b/c of performance concerns).
So, my q is: How can I make this happen within database A?
I have a stored procedure 'ChangeUser' in which there is a call to another stored procedure 'LogChange'. The transaction is started in 'ChangeUser'. and the last statement in the transaction is 'EXEC LogChange @p1, @p2'. My questions is if it would be correct to check in 'LogChange' the following about this transaction: 'IF @@trancount >0 BEGIN Rollback tran' END Else BEGIN Commit END. Any help on this would be appreciated.
/****** Object: Stored Procedure dbo.ostat_CDS_rpt47_2006 Script Date: 4/30/2008 2:25:41 PM ******/ if exists (select * from dbo.sysobjects where id = object_id(N'[dbo].[ostat_CDS_rpt47_2006]') and OBJECTPROPERTY(id, N'IsProcedure') = 1) drop procedure [dbo].[ostat_CDS_rpt47_2006] GO
set @tb1= 'margin..ncds0421' set @tb2='Report.dbo.ob_apr08'
set @sql= ' insert into '+@tb2+' select yyyy,mm,dd,HH,sitecode,TrunkOut,SwitchCode,prefixCode,0 isCallback, cast(callcost as decimal (10,5)) cost,count(*) attempt, sum(case when connectflg=1 then 1 else 0 end) connected,sum(talktime) Talktime from '+@tb1+' where yyyy='+ltrim(str(@pYear))+' and mm='+ltrim(Str(@pMonth)) +' and dd between '+ltrim(Str(@pDay1))+' and '+ltrim(Str(@pDay2))+' and talktime >0 and trunkin is null group by yyyy,mm,dd,HH,sitecode,TrunkOut,SwitchCode,prefixCode,cast(callcost as decimal (10,5)) order by yyyy,mm,dd,HH,sitecode,TrunkOut,SwitchCode,prefixCode,cast(callcost as decimal (10,5)) ' --print (@sql) exec (@sql)
PROBLEM: The SQL insert trigger code below is returning incorrect results. In some cases the results returned are from entirely different fields than those specified as the source field in the SET statement. For instance the value returne for the Price_BeforeAdj field does not = 20000000? It returns a NULL. See code below.
OFFENDING CODE:
ALTER TRIGGER [dbo].[xcti_WIPAdjustments_I] Â Â ONÂ [dbo].[budxcWIPAdjustments] AFTER INSERT AS BEGIN Â SET NOCOUNT ON; Â Â UPDATE budxcWIPAdjustments
I have a stored procedure that creates a normalized table from an existing denorm table. So I just need a simple way to call this SP from an aspx page. It would be good though to know how many records were effected, but this is not a requirement.
I have a stored procedure I created in SQL server 2005. Now I need to call the stored procedure in C#. Can someone help me out here? What is the C# code I need to call this stored procedure? I have never done this before and need some help. CREATE PROCEDURE [dbo].[MarketCreate] ( @MarketCode nvarchar(20), @MarketName nvarchar(100), @LastUpdateDate nvarchar(2),) ASINSERT INTO Market( MarketCode MarketName LastUpdateDate)VALUES( @MarketCode @MarketName @LastUpdateDate )
dear all i am using VS 2005 and sqlserver 2005.... i created one procedure [dbo].[Rptdailyactivity_jul](@cond Varchar(8000), @Type varchar(100),@groupname4fsumm varchar(100) ,@Fromdate4fsumm datetime, @todate4fsumm datetime) i want to call this procedure from VS how??? i tried based on the following code... usig the following code i can able to manipulate tables...but how i can able to call procedure based on this code??and how i will pass parameters??? ************ Dim Conomandb As New System.Data.SqlClient.SqlConnection("Data Source=HJIOertsv;Initial Catalog=tr;Integrated Security=True") If Conomandb.State = 1 Then Conomandb.Close() Conomandb.Open() Dim Comomandb1 As New System.Data.SqlClient.SqlCommand(strSQL, Conomandb) Dim rsOman1 As System.Data.SqlClient.SqlDataReader = Comomandb1.ExecuteReader() If rsOman1.Read() Then fghghfghf End If Comomandb1.Cancel() Comomandb1.Dispose() rsOman1.Close() ''*********************
I have created a stored procedure only with an insert statement in sql server 2005. How can i call this stored procedure through code in ASP.NET page using vb. i want to pass one parameter that comes from a text box in asp.net page. my emailid is: g12garg@yahoo.co.in pls reply. Thank you Gaurav
Does anyone give me syntax for adding a bcp script within a stored procedure..I had done it once 3 yrs back does'nt seem to work now, and I do not know where I am going wrong?? Thanks
I have a SQL2000(sp2) database (ServerA) and a SQL7(sp2) database(ServerB) From the SQL2000 database I want to call a remote stored procedure on ServerB and store the result set in a table on ServerB.
E,g
insert TableA exec ServerB...sp_GetStuff
If I try this by making serverB a remote server, I get the following error message Server: Msg 18456, Level 14, State 1, Line 1 Login failed for user 'sa'. If I make ServerB a Linked server, I get the error Server: Msg 8501, Level 16, State 1, Line 1 MSDTC on server '' is unavailable. Server: Msg 7391, Level 16, State 1, Line 1 The operation could not be performed because the OLE DB provider 'SQLOLEDB' was unable to begin a distributed transaction.
Now the MSDTC on ServerB won't start - It returns error 3221229574 to which the solution seems to be to reinstall MSDTC which looks like a very messy job with registry hacks and also the threat of reformatting the hard drive So I don't want to do this if possible
I really don't want a distibuted transaction anyway so I tried to stop the transaction being promoted using SET REMOTE_PROC_TRANSACTIONS OFF
Even though this may be not right place with this issue I would like to try! I facing with the problem “Object Variable or With Block variable not set” while I am trying to execute the stored procedure from Ms. Access form. I need some help very badly or maybe a good sample of code that works in this issue is very welcome.
I have two SQL SERVER server1 and server2. A server1's stored procedure should call server2's stored procedure. how can i do this.please explain me in detail.i am new to this concept.
i created a stored procedure and below is the code segment of it;
create Procedure test1 @price as varchar(50) output, @table as varchar(50) = '' AS
Declare @SQL_INS VarChar(1000)
SELECT @SQL_INS = 'select ['+@price+'] from ['+@table+']'
Exec (@SQL_INS)
Procedure gets 2 parameters, one of them is just INPUT parameter and the other one is both OUTPUT and INPUT. What i wanna do is to get the result set of this procedure to use in my application.
