Answer / sudheer

sql injection attacks are used to steal information from a
database from which normally not be available and /or to
gain access to an organaization 's host computers through
the computer that is hosting the database.
EXAMPLE:
select email,pwd,login_id,fullname from members where
email='x'

Now somebody does not put 'x' as the input but
puts 'x ;drop table members;' so the actual sql wich will
execute is
select email,pwd,login_id,fullname from members where
email=x;drop table members;
Think once what happens to ur database.

Answer / kanan

how to catch the errors in sqlserver?

BEGIN TRY
SELECT 1/0
END TRY

BEGIN CATCH
RETURN ERROR_NUMBER()
RETURN ERROR_MESSAGE()
RETURN ERROR_LINE()
END CATCH

i have account table which consists of account name,card no and card no consists 16 digits now i want to retrieve the data if card no starts from 4 then it should print visa and if it starts from 5 then it should print master so plse help me to write simple query with out store procs .

3 Answers  

---

Explain cursor as data base object?

0 Answers  

---

Can anyone explain difference between Database, Data warehouse and Data mart with some example?````

4 Answers  

---

How to write stored procedure to update the data in 10 tables

4 Answers  

---

You are creating an application where users are asked their gender in the gender combo box you have three options: ‘male’ , ‘female’ and ‘i choose not to disclose’ these options are stored in the table as 1, 0 or null which datatype should you use?

0 Answers  

---

Can you explain what is indexed view? How to create it?

0 Answers  

---

Can you tell me about the concept of ER diagrams?

0 Answers  

---

How do I setup a sql server database?

0 Answers  

---

What is wrong with sql server client libarary dll, ntwdblib.dll?

0 Answers  

---

What is mssql?

0 Answers  

---

Can we add a cpu to sql server?

0 Answers  

---

What is the difference between inner join and equi join?

0 Answers  

---