I'm trying to simply prove here that this simple function isn't good enough to prevent every sql injection in the world:[code]I know its not secure, because of googling and looking up other questions on url...[code]I then coppied a Chr(8) from the clipboard and replaced the Chr(8) in the textbox with the clipboard contents and still a no-go.It puts the whole string directly into the field w/o problems.I'm using MS SQL Server 2005, and VB .NET 2005.the Text1 field in the database is a Varchar(600) field (don't ask my why its not MAX, its pointless, i know)There are certain triggers on the table that would prevent a mass update such as this and throw some errors if the injection actually worked right.I know parametrized queries are the way to go here and I'm not looking for answers like "well i dunno why it doesn't work, but parametrized queries are the way to go".I'm looking for the ability to prove that our software is broken and that we need to rewrite it using better principles.how to better filter your text fields, the answer is DON'T! Use the parameters! they are much better, safer, and easier!
I have a form that has a combo box and a sub form which displays as a datasheet or aka. datagrid. I would like as i type text into the combo box that the datagrid scroll to the matching record.
Actually i had created a vb.net project with a several forms and now in my project i got a doubts one is the i want to filter the data which i had stored in the table which i had created in the sql database and linked with the form .Now i had retrived the table data in the datagrid view but i want to filter this data according to the Month wise
Consider the data as given below CUSTOMERNAME MONEY DATE RAJA 1000 5/22/2011
[Code]....
Now i need is i wanna filter the 5 month details only if the user selects the month from the combobox the combobox contains 12 number starting from 1 , 2, 3......12 .
If the user selects 5 it must filter the result and show only
I have a database that I would like to filter characters from anywhere in the field. Example the letter A is typed into textbox1 and in the grid every field that contains an A is show. Like dash, lap, trap, apple. Currently with the query I'm using it will just go from the beginning of the field. I get "Index was outside the bounds of the array". The code is as followed:
Dim filter1() As String filter1 = TextBox2.Text.Split(" ") Sheet1BindingSource.Filter = "Stationary_location like '" & filter1(0) & "' Stationary_location like '" & filter1(1) & "'" VB 2008 using access database.
I want to filter a text in all columns in a datagridview. So I use Like % in the filter text. However, I found that the text(strFilter in my code) may contain % sometimes. So it have a syntax error. How can I use filter with like clause when the filter text contains %?
Private Sub PassFilter(ByRef dataTable As DataTable, ByVal strFilter As String) Try Dim dataview As DataView = dataTable.DefaultView
I'm using EPPlus to create Excel reports. Now i'm trying to create a Pivot with a DateTime PageField, so that the user can filter the period he want to see by himself. But although i can filter this for year,month or days in the according data worksheet by default, i don't get it working in the Pivot.
Here is what i have:
Dim wsPivot = excel.Workbook.Worksheets.Add("Pivot") Dim wsData = excel.Workbook.Worksheets.Add("Data") Dim source = workSheet.GetDataSource
I have an access form that shows a data table. when the form is opened, I want to filter the data in the date column to show only the records that don't have a date entered into the field.
crypo.freeforums.org Advanced search Board index ‹ Socks Change font size E-mail friendPrint view User Control Panel (0 new messages) - View your posts Arcade Chat FAQ Members Logout [ crypo ]
in form i have 1 Print button (Button4) and 1 textbox (Filter.text), etc.now i want to print the all data like Filter.text this is my code
Private Sub Button4_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button4.Click If TableNamaDataGridView.RowCount < 1 Then Exit Sub Dim frm As New PrintForm Dim objRptDo As New CrystalReport2
[code]....
if i write "1231001" this program work ok(print only on record):
1 1231001
but i want to print all data with 5 first digit "12310", and will print:
I have a listview and a textbox under it. Whenever a user input's text, I want the listview to filter. The code I have works, but the listview doesn't load the filtered data. I think it's because the listview has 2 columns of data that it's loading. [Code]
My boss ask me to do a service that will scan a certain folder every minutes, and will auto delete non text file in the folder, so that the folder will contains only .txt file. Would like to ask is it possible to do it by VB or i need to do it in another way?
My boss ask me to do a service that will scan a certain folder every minutes, and will auto delete non text file in the folder, so that the folder will contains only .txt file.
i want to fill up the userID and password fields of the yahoo mail login page with the click of a button on the form but just cant get it right.[code]it just skips the yahooID field and fills out the password field. what is wrong or is there a better way of doing it?
I am trying to filter the results of a datagridviw using the bindingsource.filter method.
Dim filters(2) As String ... If Me.txtPartIDFilter.Text = "" Then
[code]....
The issue is in the last line. ID_Part is an Int64 data type filters(0) is a string so the system returns a "Can't perform 'Like' operation on System.Int64 and System.String" error message.As you can see I tried converting the data type, but that failed since it is encased in String.Format()- it's going to be a string no matter what, I suppose.It's almost 1:00 a.m. so I'm not firing on all cylinders.
i want to filter date and also time (shortime) for example if Datum.hour="8:15" andalso Datum.day of week "Saturday"or "Monday" now i can only filter date ... this is my filterline objbindingsource.Filter = "Datum > = '" & Dtp1.Value.Date & "'"
I am Working VB.NET 08 Windows Appl.I Have Combobox and DataGridView in the Form.In the Combobx Having Names list Called "SurName".In The DataGridView on of the Column is "SurName".So when change the data on the Combobx list the dataGridView is Filtering and displaying the values correctly.For this i wrote a code in Select IndexChanged or SelectionCommitedChange Event.
But now my task is when i Type the text in the Combobox the related data should be filter in the DataGridView.If i type any letter in the Combbox the datagridview rows starts filter.
For Ex: Names are like 'Mali', 'Malu','Maal','Mouli'.
If i type 'M' letter in the Combobox then 4 rows Filter in the DataGridView. If i Type 'Ma' then 3 rows , If i type 'Mal' then 2 rows, If i type 'Mali' then 1 row.
I have a database with a table that is a child to many other tables. I am using this child table as a datasource for a datagridview. I am using comboboxes to display specific fields in any parent tables, instead of the user seeing the foreign key. Everything is fine. However, I would like to filter the BindingSource based on text matches between any of the fields in the child table and the corresponding fields of the parent tables.
I have two text files with various columns, each column is separated by a tab (" "). What I'm trying to do is the following:-If the values in text file 2 column 1 does not contain any value in text file 1 column 1 then add that field to text file 2 and add a 1 to the second column, like so
String 1 If the value in text file 2 column 1 already appears in text file 1 columns 1 then just add +1 to the value, so if the above value is already in Text File 1 Column 1 and Text File 2 Column 1 then it would appear as.
String 2 And if it was to happen again then
String 3 and so on.I have the following coding so far.
Dim lines1 As New List(Of String)(IO.File.ReadAllLines("File1")) Dim lines2 As New List(Of String)(IO.File.ReadAllLines("File2")) IO.File.WriteAllLines("File2", lines1.ToArray) & +1)
[code]....
I use the above coding, but it removes the second column?
I have a txt field that is used for comments that is stored in a SQL Varchar(max) field. No matter what I put in there it always is limited to 50 Characters. I was told that it was unlimited pretty much. I need to be able to put in up to 200 characters.
I'm working on this project, and when the form loads it should automatically put the Focus on the username field if it is empty, however if there is a username - put the focus on where you write your message.Below is the code, and it simply doesn't seem to work for whatever reason. I have tried several methods of it, and even commented out every other line of code in the application to make sure there was no interference, and there was none. is there anything that could possibly overwrite the ability to do this? Some setting I need to change? etc etc?
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load If String.IsNullOrEmpty(txtUser.Text) Then txtUser.Focus() Else
I have text field that a user enters a date in. Based on what they enter a drop down box will appear or not appear. To obtain the info for the code to control the drop down I am using an auto post back on the text box. This is however making the app a bit clumsy as the user is taken back to the top of the page.
