Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 11 to 20 of 22
  1. #11
    WDF Staff smoseley's Avatar
    Join Date
    Mar 2003
    Location
    Boston, MA
    Posts
    9,729
    Member #
    819
    Liked
    205 times
    D/L for what? MSDE?

  2.  

  3. #12
    WDF Staff smoseley's Avatar
    Join Date
    Mar 2003
    Location
    Boston, MA
    Posts
    9,729
    Member #
    819
    Liked
    205 times
    Here's a link for MSDE 2000 Developer's Edition for .NET:

    http://www.microsoft.com/downloads/d...DisplayLang=en

  4. #13
    WDF Staff smoseley's Avatar
    Join Date
    Mar 2003
    Location
    Boston, MA
    Posts
    9,729
    Member #
    819
    Liked
    205 times
    If you're going to me setting this up with DTS, have you learned it yet? Be sure you make your data append to existing

  5. #14
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    That's all I'm going to do. I just need to find whatever download it is (and I have no idea what the hell I'm looking for) that will allow me to allow him to download his own SQL Server data. That's it.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  6. #15
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    Forgive me for bumping an old thread, but the question I have does relate to it and I've only just found the time to play with this:

    I'm going to be creating a couple of stored procedures for one of my clients today. The question I have is: what's the difference between calling the stored procedure via ADO and calling it via ASP/VBScript? Are there any performance advantages to either?
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  7. #16
    WDF Staff smoseley's Avatar
    Join Date
    Mar 2003
    Location
    Boston, MA
    Posts
    9,729
    Member #
    819
    Liked
    205 times
    You cam use ADO in ASP / VBScript..
    Code:
    <%
    Dim oConn
    Set oConn = Server.CreateObject("ADODB.Connection")
    
    Dim oCmd
    Set oCmd = Server.CreateObject("ADODB.Command")
    
    oCmd.ActiveConnection = oConn
    oCmd.CommandType = adCmdStoredProc
    oCmd.CommandText = "my_stored_proc_name"
    oCmd.Parameters.Refresh()
    oCmd.Parameters.Item("@parameter_1").Value = "value1"
    oCmd.Parameters.Item("@parameter_2").Value = "value2"
    oCmd.Parameters.Item("@parameter_3").Value = "value3"
    oCmd.Execute()
    
    oConn.Close()
    
    Set oConn = Nothing
    Set oCmd = Nothing
    %>
    That should execute the sproc in ASP using an ADO connection and command object (ADODB = ADO Database Class)

    Some people use ODBC connections in ASP, but ODBC is an antiquated driver... you should always be connecting with ADO

  8. #17
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    I normally connect with ADO for my recordset objects anyway though. So is there still a performance advantage using the Command object?

    And another note, provided for those who like me are new to stored procedures:

    For SQL Server 2000 users, there is a property called SCOPE_IDENTITY that will retrieve the last identity value the username that is accessing the database generated. With the @@IDENTITY property, it is possible (although very unlikely) that if two different users access the database simultaneously, insert something into the database, and retrieve the @@identity property, each will get the other's identity value. With SCOPE_IDENTITY(), this does not occur. I'm not sure if it can be used outside of a stored procedure (haven't tried that yet) but it does definitely work inside of a stored procedure.
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  9. #18
    WDF Staff smoseley's Avatar
    Join Date
    Mar 2003
    Location
    Boston, MA
    Posts
    9,729
    Member #
    819
    Liked
    205 times
    Advantages to the command object are twofold:

    1) Makes an object model of the stored procedure, which makes it easier to interact with.
    2) Doesn't allow SQL injections

    As for SCOPE_IDENTITY, I'm not aware of it. I wouldn't use it though, for 3 reasons:

    1) It won't make a difference, because web applications only log on as one user (e.g. user "sa")
    2) I believe @@IDENTITY is thread specific, which means that it will find the thread associated with the insert and retrieve the last value inserted by that thread.
    3) @@IDENTITY is the generally accepted proper way of retrieving the last inserted in SQL Server.

    Here's how I use it:

    Code:
    CREATE PROCEDURE data_insert (
        @name varchar(32) INPUT, 
        @id int OUTPUT
    ) AS
        INSERT INTO data (name)
        VALUES (@name);
        SELECT @id = @@identity;
    GO

  10. #19
    Unpaid WDF Intern TheGAME1264's Avatar
    Join Date
    Dec 2002
    Location
    Not from USA
    Posts
    14,485
    Member #
    425
    Liked
    2783 times
    Yeah, I thought of that afterward (the web applications generally only logging on as one user), but even with that in mind there may be bizarre and extreme cases whereby more than single-"user" access is necessary (e.g. some paranoid people want to set it up using SQL Server 2K so that X user can view data, Y user can add data, and Z user has full access to data. Stupid, yes, since anyone with half a clue can set up a web application to do this, but it is theoretically possible.) I'm not sure on the thread-specific issue though. Anyway, I'm going to leave it on the one mini-application-thing I've developed with it, and keep you posted as to its behaviour.

    As far as the command object is concerned, the not allowing SQL injections is a very good thing. I was not aware that it was capable of preventing this. Kickass!
    If I've helped you out in any way, please pay it forward. My wife and I are walking for Autism Speaks. Please donate, and thanks.

    If someone helped you out, be sure to "Like" their post and/or help them in kind. The "Like" link is on the bottom right of each post, beside the "Share" link.

    My stuff (well, some of it): My bowling alley site | Canadian Postal Code Info (beta)

  11. #20
    WDF Staff smoseley's Avatar
    Join Date
    Mar 2003
    Location
    Boston, MA
    Posts
    9,729
    Member #
    819
    Liked
    205 times
    It prevents it because it inserts string data exactly as it's typed into the table. So, if someone enters a SQL statement as their "name", for instance, it will insert that SQL statement into the "name" column in the table (assuming the fieldlength is long enough to support it).

    Another nice thing about command objects is that they prevent the need for replacing single-ticks (') with double-ticks ('') prior to insert, because the value is not concatenated into a statement... it is inputted into the PROCEDURE directly, as a value that then gets added to the table. See the benefit?


Page 2 of 3 FirstFirst 1 2 3 LastLast

Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 10:00 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com