I am getting an error message: "Operation must use an updateable query" when I try to run my SQL. From my understanding, this happens when joins are used in update/delete queries in MS Access. However, I'm a little confused because I have another query almost identical in my database which works fine.
This is my troublesome query:
UPDATE [GS] INNER JOIN [Views] ON
([Views].Hostname = [GS].Hostname)
AND ([GS].APPID = [Views].APPID)
SET
[GS].APPID = [Views].APPID,
[GS].[Name] = [Views].[Name],
[GS].Hostname = [Views].Hostname,
[GS].[Date] = [Views].[Date],
[GS].[Unit] = [Views].[Unit],
[GS].[Owner] = [Views].[Owner];
As I said before, I am confused because I have another query similar to this, which runs perfectly. This is that query:
UPDATE [Views] INNER JOIN [GS] ON
[Views].APPID = [GS].APPID
SET
[GS].APPID = [Views].APPID,
[GS].[Name] = [Views].[Name],
[GS].[Criticial?] = [Views].[Criticial?],
[GS].[Unit] = [Views].[Unit],
[GS].[Owner] = [Views].[Owner];
What is wrong with my first query? Why does the second query work when the first doesn't?
There is no error in the code, but the error is thrown due to the following:
- Please check whether you have given Read-write permission to MS-Access database file.
- The Database file where it is stored (say in Folder1) is read-only..?
suppose you are stored the database (MS-Access file) in read only folder, while running your application the connection is not force-fully opened. Hence change the file permission / its containing folder permission like in C:\Program files all most all c drive files been set read-only so changing this permission solves this Problem.
Whether this answer is universally true or not, I don't know, but I solved this by altering my query slightly.
Rather than joining a select query to a table and processing it, I changed the select query to create a temporary table. I then used that temporary table to the real table and it all worked perfectly.
I had the same error when was trying to update linked table.
The issue was that linked table had no PRIMARY KEY.
After adding primary key constraint on database side and re linking this table to access problem was solved.
Hope it will help somebody.
I had the same problem exactly, and I can't remember how I fond this solution but simply adding DISTINCTROW solved the problem.
In your code it will look like this:
UPDATE DISTINCTROW [GS] INNER JOIN [Views] ON <- the only change is here
([Views].Hostname = [GS].Hostname)
AND ([GS].APPID = [Views].APPID)
...
I'm not sure why this works, but for me, it did exactly what I needed.
To update records, you need to write changes to .mdb file on disk. If your web/shared application can't write to disk, you can't update existing or add new records. So, enable read/write access in database folder or move database to other folder where your application has write permission....for more detail please check:
http://www.beansoftware.com/ASP.NET-FAQ/Operation-Must-Use-An-Updateable-Query.aspx
set permission on application directory solve this issue with me
To set this permission, right click on the App_Data folder (or whichever other folder you have put the file in) and select Properties. Look for the Security tab. If you can't see it, you need to go to My Computer, then click Tools and choose Folder Options.... then click the View tab. Scroll to the bottom and uncheck "Use simple file sharing (recommended)". Back to the Security tab, you need to add the relevant account to the Group or User Names box. Click Add.... then click Advanced, then Find Now. The appropriate account should be listed. Double click it to add it to the Group or User Names box, then check the Modify option in the permissions. That's it. You are done.
I used a temp table and finally got this to work. Here is the logic that is used once you create the temp table:
UPDATE your_table, temp
SET your_table.value = temp.value
WHERE your_table.id = temp.id
I got this same error and using a primary key did not make a difference. The issue was that the table is a linked Excel table. I know there are settings to change this but my IT department has locked this so we cant change it. Instead, I created a make table from the linked table and used that instead in my Update Query and it worked. Note, any queries in your query that are also linked to the same Excel linked table will cause the same error so you will need to change these as well so they are not directly linked to the Excel linked table. HTH
This is a shot in the dark but try putting the two operands for the AND in parentheses
On ((A = B) And (C = D))
I was accessing the database using UNC path and occasionally this exception was thrown. When I replaced the computer name with IP address, the problem was suddenly resolved.
You have to remove the IMEX=1 if you want to update. ;)
"IMEX=1; tells the driver to always read "intermixed" (numbers, dates, strings etc) data columns as text. Note that this option might affect excel sheet write access negative."
https://www.connectionstrings.com/excel/
UPDATE [GS] INNER JOIN [Views] ON
([Views].Hostname = [GS].Hostname)
AND ([GS].APPID = [Views].APPID) <------------ This is the difference
SET
[GS].APPID = [Views].APPID,
[GS].[Name] = [Views].[Name],
[GS].Hostname = [Views].Hostname,
[GS].[Date] = [Views].[Date],
[GS].[Unit] = [Views].[Unit],
[GS].[Owner] = [Views].[Owner];
I found the following in the "e-mail" field of my newsletter subscriber database: ' OR 1=1/*
I know it's a SQL injection, but that's it. I've googled it a little bit, but I'm still on clear on what exactly it's trying to achieve. This occurred early Nov, and to my knowledge we had no outages around that time. Can any of you kind souls tell me what this guy was probably trying and do? Is there any way to know whether he achieved what he was trying to do?
I know virtually nothing about this and I'm worried. :(
'OR 1=1 is an attempt to make a query succeed no matter what
The /* is an attempt to start a multiline comment so the rest of the query is ignored.
An example would be
SELECT userid
FROM users
WHERE username = ''OR 1=1/*'
AND password = ''
AND domain = ''
As you can see if you were to populate the username field without escaping the ' no matter what credentials the user passes in the query would return all userids in the system likely granting access to the attacker (possibly admin access if admin is your first user). You will also notice the remainder of the query would be commented out because of the /* including the real '.
The fact that you can see the value in your database means that it was escaped and that particular attack did not succeed. However, you should investigate if any other attempts were made.
It probably aimed to select all the informations in your table. If you use this kind of query (for example in PHP) :
mysql_query("SELECT * FROM newsletter WHERE email = '$email'");
The email ' OR 1=1/* will give this kind of query :
mysql_query("SELECT * FROM newsletter WHERE email = '' OR 1=1/*");
So it selects all the rows (because 1=1 is always true and the rest of the query is 'commented'). But it was not successful
if strings used in your queries are escaped
if you don't display all the queries results on a page...
The specific value in your database isn't what you should be focusing on. This is likely the result of an attacker fuzzing your system to see if it is vulnerable to a set of standard attacks, instead of a targeted attack exploiting a known vulnerability.
You should instead focus on ensuring that your application is secure against these types of attacks; OWASP is a good resource for this.
If you're using parameterized queries to access the database, then you're secure against Sql injection, unless you're using dynamic Sql in the backend as well.
If you're not doing this, you're vulnerable and you should resolve this immediately.
Also, you should consider performing some sort of validation of e-mail addresses.
Its better if you use validation code to the users input for making it restricted to use symbols and part of code in your input form. If you embeed php in html code your php code have to become on the top to make sure that it is not ignored as comment if a hacker edit the page and add /* in your html code
I have a MySQL database, and i created a DB and named it 'PERSONDB'. Within that DB, i have created a table and named it Person. This table has 3 fields. id,name,age.
Now i need to save some values from my flex website to the mySQL 'PERSONDB' that i created.
How can i do this in Flex (Flax builder 4.6)
Note: I have added 2 fields name and age, in the Flex project and when the user clicks on the Button i need those values to be saved in the DB. how can i do this.
asSQL ( http://code.google.com/p/assql/ ) is a good approach to using mySQL. It allows for direct access to mySQL from any application either in AIR or web based. I use this pretty regularly in my coding so I don't have to write a Java or PHP as a back end unless there is a good reason to have a back end in place.
OK, here is the code I use:
<assql:MySqlService id ="DB"
hostname ="localhost"
username ="user"
password ="password"
database ="db"
autoConnect="true"
connect ="handleConnected(event)"
sqlError ="handleError(event)"/>
private function getSelectedData() : void
{
DB.send("SELECT * from table WHERE number = '" + number.text + "'");
}
That's all there is too it. The top part sets up the connection and is in the section of the code. The rest is in the part (ActionScript). Of course, it can be done in straight ActionScript as well, but this solution used MXML.
I need to design database with frontend as HTML.
This is my first attempt to do this.
What I need is,
- User can input a word from HTML page, click submit
I will query the word to get a URL from database and user sees that webpage(pointed by URL).
Just enter word, submit and get the webpage displayed.
People suggested using JSP/Access. I am new to everything.
Can you please point out what exactly I need to do?
Thanks a ton.
Following is the way you need to approach
Step1:
Create an HTML page which can take an input from the users
Step 2:
After getting the data from the user, create a connection to the database and pass the searched string as an input paramater.
Step 3:
You will get a result set from a database
Step 4:
Iterate through the result set and display in the html page, if you require the url to be given for those url, so when user clicks So that he will be directed to those websites.
Sample Query:
Select * from table1 where url_Word like '%Search_String'
This will be the procedure that you need to follow to complete your work.
You do not need a database you need a text file. If this is a school project you need more information.
I need help to quickly add about >100 username and password to a locally installed Wordpress.
I have a list of usernames in text file, and I'd let each password to be equal to username (or someother function if equal is not allowed by Wordpress).
Is there a way I can programmatically add users to Wordpress? I have access to wordpress database if that helps.
Thanks.
If you don't want to use a plugin and you have your users and passwords stored in an array, simply throw it into a loop and use the 'wp_create_user' function. It takes 3 parameters (username, password and email). It will return the ID if successful and false if not.
http://codex.wordpress.org/Function_Reference/wp_create_user
Check out this plugin, it will let you import users from a csv which is basically what you're looking to do:
http://www.dagondesign.com/articles/import-users-plugin-for-wordpress/