Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««123»»

Rendering PDFs Natively in SQL Expand / Collapse
Author
Message
Posted Wednesday, May 8, 2013 10:22 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Monday, March 10, 2014 7:03 PM
Points: 9, Visits: 203
Awesome delivery. Great problem and solution. Would like to see a solution generating PDFs with barcodes.

To the nay sayers with compaints about processing and security I say, get over it! If the software can do it, let it be done.

If you can't keep your database secure, don't keep a secure database.

If you can't process some extra CPU cycles, then get another CPU! The cycles have to go somewhere right? Shall we ask about the overhead of running it through SQLCLR? Run it through a SQL Express instance CLR assembly somewhere else?

Excellent article, topic and discussion. Thanks.
Post #1450679
Posted Wednesday, May 8, 2013 11:47 AM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Tuesday, June 3, 2014 12:21 PM
Points: 53, Visits: 251
For me the reserve isn't that you shouldn't do it. I simply think that there is probably at least on server dedicated to processing these and similar requests and that's where I'd put the code too.
Post #1450722
Posted Wednesday, May 8, 2013 4:49 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: General Forum Members
Last Login: Today @ 2:20 PM
Points: 37,099, Visits: 31,651
Ted Cooper-351490 (5/8/2013)
Awesome delivery. Great problem and solution. Would like to see a solution generating PDFs with barcodes.

To the nay sayers with compaints about processing and security I say, get over it! If the software can do it, let it be done.

If you can't keep your database secure, don't keep a secure database.

If you can't process some extra CPU cycles, then get another CPU! The cycles have to go somewhere right? Shall we ask about the overhead of running it through SQLCLR? Run it through a SQL Express instance CLR assembly somewhere else?

Excellent article, topic and discussion. Thanks.


BWAAA_HAAA!!!! The only thing I don't like about this article (I don't really care for SQLCLR because of the abuse that has been heaped upon it but will tolerate good stuff. I'd have to test the stuff in the article, of course!) is that the script turns xp_CmdShell and Ole Automation Procedures off instead of checking to see if they were on to begin with. Not all of us suffer the delusion that having these things turned off provides any more than a 3ms hurdle that a potential attacker is already prepared to jump. Doesn't anyone realize that only those with "SA" can run these things (well, unless someone was dumb enough to grant privs to individuals through proxies)?


--Jeff Moden
"RBAR is pronounced "ree-bar" and is a "Modenism" for "Row-By-Agonizing-Row".

First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."

(play on words) "Just because you CAN do something in T-SQL, doesn't mean you SHOULDN'T." --22 Aug 2013

Helpful Links:
How to post code problems
How to post performance problems
Post #1450835
Posted Wednesday, May 8, 2013 5:47 PM
Valued Member

Valued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued MemberValued Member

Group: General Forum Members
Last Login: Yesterday @ 2:44 PM
Points: 55, Visits: 430
Jeff,

Thanks for chiming in. I'm a big fan of yours and have learned a lot from you.

FYI, the attached script does in fact check the status of xp_CmdShell and Ole Automation, and returns them to their original settings.

(Between trying to simplify some things for the article and some later edits to the code, the code excerpts in the article are not identical to the attached script.)

If you (or anyone else) finds any problems or errors, please let me know.
Post #1450846
Posted Wednesday, May 8, 2013 9:07 PM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: General Forum Members
Last Login: Today @ 2:20 PM
Points: 37,099, Visits: 31,651
David Rueter (5/8/2013)
Jeff,

Thanks for chiming in. I'm a big fan of yours and have learned a lot from you.

FYI, the attached script does in fact check the status of xp_CmdShell and Ole Automation, and returns them to their original settings.

(Between trying to simplify some things for the article and some later edits to the code, the code excerpts in the article are not identical to the attached script.)

If you (or anyone else) finds any problems or errors, please let me know.


Hoo-boy. I've got to get my eyes checked. Apparently I looked at only the dynamic code and not the "IF" qualifiers nor the capture of the original settings. My most sincere apologies. You're absolutely correct.

The good part about me missing that and being made aware of my mistake is now there's nothing in the article that I take grand exception to. Well done!


--Jeff Moden
"RBAR is pronounced "ree-bar" and is a "Modenism" for "Row-By-Agonizing-Row".

First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column."

(play on words) "Just because you CAN do something in T-SQL, doesn't mean you SHOULDN'T." --22 Aug 2013

Helpful Links:
How to post code problems
How to post performance problems
Post #1450868
Posted Wednesday, May 8, 2013 11:03 PM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Monday, August 25, 2014 3:46 PM
Points: 22, Visits: 45
I stand corrected. Please accept my apologies for my phrasing which now appears to me as ungracious. I truly wish your company great success!

The point I really wish to make is that this architecture has only one scaling solution...scale up.

Other options allow both scaling up and out. Other individuals have brought out other benefits for continuing to do the work outside of SQL Server, so I won't expand here.

Again, please continue to post...you did a great job communicating the problem and the solution.

I post daily at www.sswug.org and have found you need to have thick skin. I highly value comments from others. Not everyone is going to agree with you. In fact, your own opinion is likely to change over time and as you have different experiences.

Cheers,

Ben
Post #1450882
Posted Thursday, May 9, 2013 3:35 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Tuesday, May 14, 2013 12:33 AM
Points: 1, Visits: 10
I fail to see how this solution prevents tampering with the coupons. Surely if the only access that users have is to the web server this is no safer than building the PDF there?
Post #1450962
Posted Thursday, May 9, 2013 4:02 AM
SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Today @ 2:47 AM
Points: 982, Visits: 1,103
Very good article mate.
Thanks.
Post #1450977
Posted Thursday, May 9, 2013 5:36 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Thursday, May 9, 2013 5:35 AM
Points: 3, Visits: 0
Wonderful.

Share a website with you ,

( http://www.ccmalls.net/ )

Believe you will love it.

We accept any form of payment.
Post #1451044
Posted Thursday, May 9, 2013 6:00 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Monday, September 15, 2014 7:23 AM
Points: 5,074, Visits: 11,852
ccmalls26 (5/9/2013)
Wonderful.

Share a website with you ,

( http://www.ccmalls.net/ )

Believe you will love it.

We accept any form of payment.


Reported as spam.



Help us to help you. For better, quicker and more-focused answers to your questions, consider following the advice in this link.

When you ask a question (and please do ask a question: "My T-SQL does not work" just doesn't cut it), please provide enough information for us to understand its context.
Post #1451059
« Prev Topic | Next Topic »

Add to briefcase ««123»»

Permissions Expand / Collapse