Viewing 15 posts - 10,156 through 10,170 (of 15,381 total)
Not only is Dwain 1000000% correct about not using dynamic sql for this, your dynamic sql is wide open to sql injection. You are directly executing a string passed in.
November 5, 2012 at 8:30 am
Eek!!! Your code is wide open to sql injection attack. You need to read up on that immediately. Your code is a textbook example of exactly how NOT use user...
November 5, 2012 at 8:25 am
Duplicate post. Please direct replies here. http://www.sqlservercentral.com/Forums/Topic1381001-391-1.aspx
November 5, 2012 at 8:02 am
Jeff Moden (11/3/2012)
Sean Lange (11/2/2012)
CELKO (11/2/2012)
If my birthday is in December (1983-12-12) and I just did the datediff function using CURRENT_TIMESTAMP and that birthdate...It would return that my age...
November 5, 2012 at 7:23 am
The decision to use a cte or a subquery boils down to preference. This type of query has been presented both ways time and time again with tons and tons...
November 5, 2012 at 7:18 am
Krasavita (11/2/2012)
Hello,If I do backup in read only database,can I restore it, is is going to cost anything?
Thank you
When you restore a database it retains all the characteristics is had...
November 2, 2012 at 2:14 pm
CELKO (11/2/2012)
If my birthday is in December (1983-12-12) and I just did the datediff function using CURRENT_TIMESTAMP and that birthdate...It would return that my age is 29 when really...
November 2, 2012 at 1:58 pm
harri.reddy (11/2/2012)
hii would like to store values like mg/1,
mg/15ml
etc.
will nvarchar(50) will work,when i am using ssis package ,its gives me error
What error? Remember we can't see your screen, read your...
November 2, 2012 at 1:45 pm
Was thinking about this during a meeting and one challenge with capnhectors code is that it could get unwieldy pretty quickly.
If the list contained more values for manufacturer this could...
November 2, 2012 at 1:38 pm
I would probably go with capnhector's code. It will probably be better for performance. 😀
November 2, 2012 at 12:26 pm
There are a few ways this could be done. Here is one example. Notice how I posted ddl and sample data to make setting up your problem easy.
;with cte as...
November 2, 2012 at 12:10 pm
Luis Cazares (11/2/2012)
Sean Lange (11/2/2012)
November 2, 2012 at 10:27 am
nmcgowan (11/2/2012)
The code is a Luis Cazares suggested.
The problem with the code Luis posted is there is a USE inside dynamic sql followed by an update. The use does not...
November 2, 2012 at 10:25 am
That seems like a horrible way to name your columns but in order to do that you will have to use dynamic sql. Make you sure you wrap your column...
November 2, 2012 at 10:04 am
bala2 (11/2/2012)
We a have 2 tables.I need to update ds_size and create_dt columns values on DAT_DES table by comparing the Data_Des and DAT_STAGE tables coulumns.
update DAT_DES set
DAT_DES.ds_size = (select ds_size...
November 2, 2012 at 9:19 am
Viewing 15 posts - 10,156 through 10,170 (of 15,381 total)