|
Hi:
How can i can connect to an oracle Server in visual studio 2005?
thanks
|
|
|
|
|
Use the appropriate connection string for your Oracle server?
Your question is vague - are you having a specific problem connecting? are you getting an exception when you connect?
|
|
|
|
|
How can i store a text file at clients machine in asp.net
Amit
|
|
|
|
|
try this..................
Public Function DownLoadMyFile(ByVal sPath As String, ByVal sName As String)
Try
'If chkInOut.Checked = False Then
Dim pstrFilePath As String
pstrFilePath = sPath
If IO.File.Exists(pstrFilePath) Then
Dim myFileInfo As IO.FileInfo
Dim StartPos As Long = 0, FileSize As Long, EndPos As Long
myFileInfo = New IO.FileInfo(pstrFilePath)
FileSize = myFileInfo.Length
EndPos = FileSize
HttpContext.Current.Response.Clear()
HttpContext.Current.Response.ClearHeaders()
HttpContext.Current.Response.ClearContent()
Dim Range As String = HttpContext.Current.Request.Headers("Range")
If Not ((Range Is Nothing) Or (Range = "")) Then
Dim StartEnd As Array = Range.Substring(Range.LastIndexOf("=") + 1).Split("-")
If Not StartEnd(0) = "" Then
StartPos = CType(StartEnd(0), Long)
End If
If StartEnd.GetUpperBound(0) >= 1 And Not StartEnd(1) = "" Then
EndPos = CType(StartEnd(1), Long)
Else
EndPos = FileSize - StartPos
End If
If EndPos > FileSize Then
EndPos = FileSize - StartPos
End If
HttpContext.Current.Response.StatusCode = 206
HttpContext.Current.Response.StatusDescription = "Partial Content"
HttpContext.Current.Response.AppendHeader("Content-Range", "bytes " & StartPos & "-" & EndPos & "/" & FileSize)
End If
HttpContext.Current.Response.AppendHeader("Content-disposition", "attachment; filename=" & sName)
HttpContext.Current.Response.WriteFile(Server.HtmlEncode(pstrFilePath), StartPos, EndPos)
HttpContext.Current.Response.End()
End If
Catch ex As OleDb.OleDbException
Throw
Catch ex As Exception
Throw
End Try
End Function
VMSSanthosh
|
|
|
|
|
For clarification, your code doesn't have direct access to the clients machine. You have to send the file in something that the client would have to OK the download of and pick the spot to save it.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
hi
my friend has installed sql server2000 with windows authentication. now he is finding problem in doing connectivity with it.what to be do.Is he has have to reinstalled it or is there some other method to do the connectivity.well do reply soon.
the error is something like "Illegal sql server authentication". thanks in advance.
nauty
|
|
|
|
|
nauty wrote: now he is finding problem in doing connectivity with it
Can you explain detail about the problem or the description of the message box?
Let do this case but you need to run on windows xp pro or win2k pro:
1. Log on as administrator mode.
2. Install sql server 2000.
3. Install MSDE 2000. MSDE could obtain from Microsoft download center.[^]
4. Open your sql server 2000 via Enterprise manager shortcut command in Microsoft sql server program folder.
5. Check the connection string.[^]
|
|
|
|
|
Roath Kanel wrote: 3. Install MSDE 2000. MSDE could obtain from Microsoft download center.[^]
WHAT???? Why? SQL Server is already installed!
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
I used to install sql server 2000 on windows xp pro. Whether sql server is running but i could not access to database. I also could not find server registration. But after i install MSDE from office xp pro CDROM. Then i could be able to access to database.
|
|
|
|
|
Hmmm... I had no problem at all. Limited number of connections due to XP's licensing limits, but it works fine, without using MSDE.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Dave, I will e-mail to you with attachment which show you about the problem since the time that i used to install sql 2000 before. I also wonder about the problem too but never post the question to the forum because i could run sql after i install msde. The attachment will include the screenshot to explain about each step.
|
|
|
|
|
Hi,
I am having date format problem with asp & mssql. Please help!
consider a table below
id dt
-- ---
1 2006-02-01 00:00:00.000
In the webform create 1 textbox & 1 button
User type a date in the textbox (format "dd/MM/yyyy hh:mm:ss tt" for example 28/02/2006)
In the button click event, write the update command to update the date with the textbox value in the 1st record.
Now the record should look like as below
id dt
-- ---
1 2006-02-28 00:00:00.000
The updated date can be displayed in a label or by using response.write as below
response.write(format(ds.tables("dt").rows(0).item(1),"dd/MM/yyyy hh:mm:ss tt"))
Please give me the code to implement these functions. I think the details given by me are sufficent and you understand my problem. I already posted regarding this problem but i can't able to rectify the problem. Please reply as soon as possible with the working solution.
Thanks in advance
|
|
|
|
|
dansoft wrote: write the update command to update the date with the textbox value in the 1st record.
And the code you've written for this is??? It's kind of impossible to tell you what you're doing wrong if you don't show us what you're doing to perform this update!
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Dave Kreskowiak wrote: show us what you're doing to perform this update!
User type a date in the textbox (format "dd/MM/yyyy hh:mm:ss tt" for example 28/02/2006)
I want the update command to update the date in the 1st record.
str="update test set dt='" & txtDt.text & "'" & "where id=1"
I don't know how to format that date in text box while updating. Because the user enter date in "dd/MM/yyyy hh:mm:ss tt" format. Please give me the code for implement this kind of update.
Now the record should look like as below
id dt
-- ---
1 2006-02-28 00:00:00.000
Thanks
|
|
|
|
|
First, why are you having the user type all that junk in when you're only using the date?
Next, don't use string concatentation to build SQL queries. You open yourself up to SQL Injection attacks and it just makes your job that much harder when you're trying to debug problems.
Use SqlParameters to do this. It'll format the date for you if you parse the textbox string into a DateTime object first.
Learn to pass parameters correctly before you get into the habit of doing it the wrong way. SQL Injection Attacks and How to Prevent Them[^]
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
I found the following code solved my problem.
<br />
Dim format As New System.Globalization.CultureInfo("en-GB", True)<br />
Dim dt As DateTime = DateTime.Parse(myDate.Text, format)<br />
dim str as String= "update myTable set dt='" & dt & "'" where id=1<br />
Dim cmd As New SqlCommand(str, con)<br />
con.Open()<br />
cmd.ExecuteNonQuery()<br />
con.Close()<br />
This code will update the date in format "dd/MM/yyyy HH:mm:ss tt"
|
|
|
|
|
Yeah, it does.
But what if I typed this into your textbox:
01/01/1999' DROP TABLE test --
What do you think would happen?
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Dave Kreskowiak wrote: 01/01/1999' DROP TABLE test --
It will display error.
See one more problem. The datagrid is displaying all the records in page load. After the search command it is loading that search result. But the problem is when i clik the next page it will display all the records. cause i use that query in the pageindexchanged event. can you guide me to solve this problem?
Thanks
|
|
|
|
|
dansoft wrote: It will display error.
Don't be so sure. You're right, this time. This little attack works much better when you concatenate the WHERE of an SQL statement:
"SELECT * FROM table WHERE field = '" & text & "'"
This will generate an SQL statement that looks like this:
SELECT * FROM table WHERE field = '01/01/1999' DROP TABLE table --
Which WILL NOT generate an error. I guarantaa you'll start scratching your head wondering where your table went.
As for paging, you can find a bunch of articles on it by looking through these[^].
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Dave Kreskowiak wrote: SELECT * FROM table WHERE field = '01/01/1999' DROP TABLE table --
this will not happen because i'll convert the textbox value to datetime format and using the try catch method. So it will display error message. I checked..
Thanks
|
|
|
|
|
You're not getting it...
Well, you're putting the conversion in NOW. You're previous posts just used the value entered in a TextBox. The "conversion" saves you in this particular case. But try converting a username or password into something else to "verify" it's not SQL "unfriendly".
You just DO NOT concatenate strings together to build SQL statements in real-world code. You have to do so much more to validate that the entered data can do no harm, it's silly. Even after it's been "verified", you still must treat any user input as hostile to your database and write your code accordingly.
Write write your SQL code so the database (without any external help at all) can practically run itself just using stored procedures, views, and triggers. Then you wrap your C# code around that.
If you attempt to get junk like this into a retail product, you'll lose your job immediately.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
Thanks for your advise.
Can i use sqlcommand parameters to avoid these kind of attacks? I'm not very advanced in either mssql or asp.net
If possible please send me some sample files that meet the retail product...
Thanks again.
|
|
|
|
|
Hi all,
I was trying to insert a image into my table but it showing a binary data and i was unable to retrive the same image. it is giving some junck characters or some times it is giving binary numbers.
sowjanyakumar
|
|
|
|
|
.Net Programer and developer wrote: it is giving some junck characters or some times it is giving binary numbers.
What is "IT"? An image is just a bunch of data that, when looked at in raw form is a string of junk characters. So what you're seeing is normal, depending on what you're looking at this "junk" with.
RageInTheMachine9532
"...a pungent, ghastly, stinky piece of cheese!" -- The Roaming Gnome
|
|
|
|
|
I have written a program that access an sql server 2000 database installed on a windows 2003 server machine. Sql server is setup with integrated security and i don't want to change this. if i install my app in a computer that is a member of the domain and logins windows with the credentials of a windows server user account works good. Is there anyway from a computer that is on the same network that logins using a local windows account and does not have access to network resources access sql server? the result i want to have is :asking username and password for a windows 2003 server user account within my app and authenticate the user against windows server when the user wants to access the db.
Thanks in advance
From Greece:
Dimitris Iliopoulos
dimilio@yahoo.com
|
|
|
|