•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the ASP.NET section within the Web Development category of DaniWeb, a massive community of 426,020 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 1,672 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our ASP.NET advertiser: Lunarpages ASP Web Hosting
Views: 2734 | Replies: 2
 |
•
•
Join Date: Mar 2005
Posts: 3
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
hi guys i've posted this on both the SQL and ASP.Net forums cause i ain't sure which one i should use so sorry about clogging up the message board.
Basicly i'm a newbie with ASP.net and i was looking for somw help with this query
i got a site and as part of the functionality i need to create a page where the user can create their own SQL statements to query a database (obc one thats connected to the web page). I got fairly basic knowledge when it comes to asp.net but i know how to access stored procedures and basic DB conectivity, but i've know idea how to do it when the user is meant to define the whole query from multiple tables (if possible) i know its asking a lot but any advice no matter how small would be appriciated...oh and while i remember its an Access DB im connecting to.
Basicly i'm a newbie with ASP.net and i was looking for somw help with this query
i got a site and as part of the functionality i need to create a page where the user can create their own SQL statements to query a database (obc one thats connected to the web page). I got fairly basic knowledge when it comes to asp.net but i know how to access stored procedures and basic DB conectivity, but i've know idea how to do it when the user is meant to define the whole query from multiple tables (if possible) i know its asking a lot but any advice no matter how small would be appriciated...oh and while i remember its an Access DB im connecting to.
•
•
Join Date: Dec 2004
Posts: 1,590
Reputation:
Rep Power: 7
Solved Threads: 35
That's a very bad idea. A user could craft any statement they like? They could wipe out the entire database.
Your question is a bit too general to give a meaningful answer. Give them a textarea, and pass in what they type as the value of the CommandText property.
Your question is a bit too general to give a meaningful answer. Give them a textarea, and pass in what they type as the value of the CommandText property.
•
•
Join Date: Feb 2003
Location: Canada
Posts: 786
Reputation:
Rep Power: 9
Solved Threads: 25
Master Poster
tgreer
Is 100% correct. What you are asking is dangerous and breaks the rules of n-tier application development.
But as tgreer mentioned, please provide more information, because what you are asking is not very clear, in the sense of why would you ever give such control to an end user?
Is 100% correct. What you are asking is dangerous and breaks the rules of n-tier application development.
But as tgreer mentioned, please provide more information, because what you are asking is not very clear, in the sense of why would you ever give such control to an end user?
•
•
•
•
Originally Posted by tgreer
That's a very bad idea. A user could craft any statement they like? They could wipe out the entire database.
Your question is a bit too general to give a meaningful answer. Give them a textarea, and pass in what they type as the value of the CommandText property.
Assistant Manager, Regional Pharmacy Information Systems
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
TLC Services Website (Under Construction)
Updated : ASP.Net Login Code
|
•
•
•
•
•
•
•
•
DaniWeb ASP.NET Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
- sql statement (Visual Basic 4 / 5 / 6)
- How can I create a user defined function (MS SQL)
- error in user defined string class (C++)
- using(STL)function object (bind2nd) with a user defined function object (C++)
- run sql statement in asp (ASP)
- ColdFusion 5 Web Application Construction Kit (ColdFusion)
Other Threads in the ASP.NET Forum
- Previous Thread: richtextbox in asp.net
- Next Thread: Help: How To Call A Domain Name From Another Domain Name In Asp.net
