|
daneshmand wrote:
how can i increase the security of a designed program via SQL server
Just a few things off the top of my head:
Uses specific logins.
Do not grant access to the public role.
Grant access only to the objects that the users/roles actually require.
daneshmand wrote:
what is the role of stored procedures ?
Stored procedures can be used to protect the tables from direct access. You can revoke access to the tables and grant access only to stored procedures. That way the only way to access a table is through the stored procedure. This layer of abstraction can protect you as you can set up additional checks in the stored procedure before allowing the operation to complete.
You may also want to read: SQL Injection Attacks and some tips on how to prevent them[^]
Does this help?
My: Blog | Photos
WDevs.com - Open Source Code Hosting, Blogs, FTP, Mail and More
|
|
|
|
|
i'm using SQL in building my Database but I want to know what is the best code to design my web withen SQL
A.M
|
|
|
|
|
|
i know that but what i meant is what is the best code which will be combatable with the SQL
|
|
|
|
|
ahmad mostafa wrote:
i know that
Okay - but your original post indicated that you wanted to write a web application in SQL.
ahmad mostafa wrote:
what is the best code which will be combatable with the SQL
I'm assuming .NET code since you still haven't said the technology that will be linking to the SQL Server.
SqlConnection someConnection = new SqlConnection("connectionString");
SqlCommand someCommand = new SqlCommand("SQL Command Text", someConnection);
SqlDataReader reader = someCommand.ExecuteReader();
while(reader.Read())
{
}
Does this help? If not, then you need to elaborate on your question.
My: Blog | Photos
WDevs.com - Open Source Code Hosting, Blogs, FTP, Mail and More
|
|
|
|
|
Hi
I am programming a system that must input and process verey large amount item, for exmple for each year we entered 4000 record in each table.I decide use SQL server for this system.
now,I have tow question :
1- How many record can entered in each table that designed by SQL Server. If the amount of record caused decrease speed.
2- In a feild with image type an image with how size can be stored?
|
|
|
|
|
daneshmand wrote:
How many record can entered in each table that designed by SQL Server
I don't know an upper limit but a system I'm working on is approaching a million new rows per day in just one of the tables - its been running for just under 2 years now.
daneshmand wrote:
If the amount of record caused decrease speed
Yes. But that is why you have indexes. 4000 rows per table per year is not going to cause too much of a problem anyway.
daneshmand wrote:
In a feild with image type an image with how size can be stored?
Do you mean "what size can be stored?".
If you read the SQL Server documentation[^] you will see that the maximum size is 2Gb.
Does this help?
My: Blog | Photos
WDevs.com - Open Source Code Hosting, Blogs, FTP, Mail and More
|
|
|
|
|
Hi, I have download and install SQL server 2000 service pack 4 from here[^]. The problem is, when i extract and install the desktop edition from the file SQL2000.MSDE-KB884525-SP4-x86-ENU.EXE there is an error display "The instance name is invalide". Then the installation wizard is disappear and the installation process is stop. I don't know why there is the problem. Can anyone give me some suggestion or idea relate to this issue????
A thousand mile of journey, begin with the first step.
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
Hi:
I think you may need to use the commandline option. By default the setup tries to create and install.
I remember seeing some commandline switch for /update and also an option for SAPWD to work with strong passwords etc.
Deepak Kumar Vasudevan
Personal Web: http://vdeepakkumar.netfirms.com/
I Blog At: http://deepak.blogdrive.com/
|
|
|
|
|
Vasudevan Deepak Kumar wrote:
I think you may need to use the commandline option.
Thank you very much for your comment. I also use the command line during the time that I install sql server 2k sp3a too. The command is: c:\sql2ksp3a\msde\setup.exe SAPWD=Admin DISABLENETWORKPROTOCOL=... I forget the command line but i already save it in a safe place. But I also use this method when I try to install sql server 2k sp4. But an error still occure, I will try to find the solution from the other source in order to install it.
A thousand mile of journey, begin with the first step.
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
I'm trying to add a fairly simple assembly to SQL server 2005; but keep getting a message:
6218 : Assembly 'EnableIrelandSystem' failed verification, run peverify on the assembly.
So - the only thing remotely controversial in th eassembly is a reference to System.Runtime.Interopservices (for <StructLayout()> ).
Any ideas?
'--8<------------------------
Ex Datis:
Duncan Jones
Merrion Computing Ltd
|
|
|
|
|
Hi there,
How can I make a relation between two or more databases in one server?
Thank you in advance.
|
|
|
|
|
In a table how to check only primary key fields are there or not
Please help me.
Thanks in Advance,
Pothirajan C
|
|
|
|
|
Pothirajan C wrote:
In a table how to check only primary key fields are there or not
I'm not sure what you mean.
Do you mean: How do I check if a table contains a primary key or not?
IF EXISTS(SELECT * FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS
WHERE TABLE_SCHEMA = 'dbo'
AND TABLE_NAME = 'Orders'
AND CONSTRAINT_TYPE = 'PRIMARY KEY')
BEGIN
-- The primary key exists
END
ELSE
BEGIN
-- The primary key does not exist
END
My: Blog | Photos
WDevs.com - Open Source Code Hosting, Blogs, FTP, Mail and More
|
|
|
|
|
Hello firends!!!
I have question!
for example lets consider one table where i have three fields like Id , Name ,Country
I am using Sql server2000 and i want out put like
Id---FirstName---Country
10---John--------A
20---Mack
30---Rock
40---Silk--------B
-----Mann--------C
I just explain @ my output suppose if any above column there is duplicate values coming then that should be group by only one like 'A' or like '40'. Only one output should display once.
note : - To looks like grid i put that dotted line
Is that possible?
Please Help Me Out
Thanks In Advance
Shashank
|
|
|
|
|
hi everybody.
now ı can develop a database application but ı'm not sure that the application is multi user. to it be a multi user program what must I do? for example if two or five or ten people want to do something at the same time what can do? thanks a lot.
|
|
|
|
|
pirogramci wrote:
to it be a multi user program what must I do? for example if two or five or ten people want to do something at the same time what can do?
The database is just one layer of the application. What about the other layers? For instance, is it a web application or a windows forms application?
Most databases are designed to be multi user and you can have many connections open to them at the same time. MS Access and MSDE do impose limits however.
My: Blog | Photos
WDevs.com - Open Source Code Hosting, Blogs, FTP, Mail and More
|
|
|
|
|
This error occurs while trying delete a column in SQL Server 2000. First I tried using CONSTRAINT statement, for deleting Indexes. But it seems to be an auto-increment column.
My general problem are two identical tables. While doing RDA Synchronization, two Rows are added to one of them, making it impossible to copy one into the other.
|
|
|
|
|
this is a function that give me the the monthly installment by dividing the total amount on payment plan ,but with every thing ok i cant get it to work :
CREATE FUNCTION mia (installment int)
RETURNS real AS
BEGIN
declare @x real
select @x=sum(totalamount/paymentplan)
where istallmentid=@installmentid
return @x
END
any suggestion will be helpfull:>
|
|
|
|
|
|
yes thx,
i can see this now the correct function is,
CREATE FUNCTION getamountdue (@customerid int)
RETURNS float AS
BEGIN
declare @x float
select @x=sum(totalamount-amountpaid)
from (installments inner join orders on installments.installmentid=orders.installmentid)
inner join customers on orders.customerid=customers.customerid
where customers. customerid=@customerid
return @x
END
|
|
|
|
|
Hi,
I'm new to programming and need some advice...
I have a windows application that I want to be running on several networked computers and accessing the same db (ms access file). I'm worried that there may be times when two user will access the db file at the same time and give an connection open error (when using ExecuteNonQuery). I've played around a little bit and have noticed that using the DataAdapter to Fill and Update does not give any connection open errors (even if the connection is open by mistake or if another Fill is happening).
So what's the best plan?
If I have a situation of multiple users of a db, should I try and use the DataAdapter as much as possible to avoid db status=open errors (and needing try/catch statement)?
Thanks for any advice you can give,
Ron
|
|
|
|
|
Does your database not handle multiple users ? What are you using ? SQL Server handles multiple users, and even MSDE handles up to 5 ( from memory ).
Christian Graus - Microsoft MVP - C++
|
|
|
|
|
Hi Christian,
I'm using a MS Access 2000 database (I believe it's a Jet database?). SQL Server or MSDE might be too much for an end user with min. computer knowledge to install.
Ron
|
|
|
|
|
OK - Access is crap for this stuff. You basically have a problem, and the problem is that your technology is not up to the task.
You can easily deploy an app where the installer installs and sets up MSDE, I've done it myself with complete success.
Christian Graus - Microsoft MVP - C++
|
|
|
|