finding hidden chars in sql query

I am working on a login system in flex and asp. I am encrypting the password before it is inserted it into the SQL database. But then when i do SELECT statement with username and encrypted password it returns 0 users found.
I outputted the sql statement and they passwords look excatly the same. But the SQL Select count(*) returns a 0.

link to the encrypting is used:
http://www.4guysfromrolla.com/webtech/110599-1.2.shtml

other information:
script language: asp + flex
database: sql server 2005

So i am thinking that their are hidden chars in the password. Is their a way to check this or even convert/exclude them ?
Any links or tips would be very helpfull

Use the sample to solve your issue...

Alter Function dbo.En_De_Crypt(@.Input varchar(max), @.Key int ) Returns Varchar(Max) as

Begin

Declare @.Len as Int;

Declare @.I as Int;

Declare @.Output as Varchar(max)

Select @.Len = Len(@.Input), @.I =1, @.Output=''

Declare @.Number Table (N int);

While(@.I<=@.Len)

Begin

Insert into @.Number Values(@.I);

Set @.I = @.I + 1;

End

Select @.Output = @.Output + Char(Ascii(Substring(@.Input,N,1)) ^ @.Key)

From @.Number

return @.Output

End

Go

Create Table #Passwords(

Password varchar(20)

);

Insert Into #Passwords Values(dbo.En_De_Crypt('One1234$$',100));

Insert Into #Passwords Values(dbo.En_De_Crypt('M1cr0$0ft',100));

Insert Into #Passwords Values(dbo.En_De_Crypt('Or@.c1e',100));

Insert Into #Passwords Values(dbo.En_De_Crypt('@.pp1e',100));

Select dbo.En_De_Crypt(Password,100) ,Password From #Passwords

/*

Orginal value Decrypted Value

One1234$$ + _VWP@.@.

M1cr0$0ft )Up'16T@.T '10

Or@.c1e +_$p_par

@.pp1e $__U_par */

--None of the query will return the data here..

Select Count(*) From #Passwords Where Password = '+

_VWP@.@.'

Select Count(*) From #Passwords Where Password = ')Up'16T@.T '10'

Select Count(*) From #Passwords Where Password = '?_p$'

Select Count(*) From #Passwords Where Password = '$__U_par'

--Use the following query to get the result..

Select Count(*) From #Passwords Where dbo.En_De_Crypt(Password,100)='M1cr0$0ft'

|||thnx Manivannan for the reply.
i will try it out.

Find time interval between dates

Hi, all. I've got a classic ASP app that I've been tasked with modifying to
track users' IP addresses. If they fail to login, we want to record their IP
and the date/time when they failed. If they fail more than 5 times within 10
minutes, we want to lock them out for 5 minutes. Below are the two SQL
Server 2000 tables I've created.
The problem I'm having is this: How do you figure out if user has failed 5
times within the last 10 minutes. If you believe there's a better way to
design the tables for this task, please let me know. Thank you :)
CREATE TABLE [tblHits] (
[hitID] [int] IDENTITY (1, 1) NOT NULL ,
[IP] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[email] [varchar] (195) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[dateAdded] [smalldatetime] NULL CONSTRAINT [DF_tblHits_dateAdded] DEFAULT
(getdate()),
CONSTRAINT [PK_tblHits] PRIMARY KEY CLUSTERED
(
[hitID]
) ON [PRIMARY] ,
CONSTRAINT [FK_tblHits_tblIPs] FOREIGN KEY
(
[IP]
) REFERENCES [tblIPs] (
[IP]
)
) ON [PRIMARY]
GO
CREATE TABLE [tblIPs] (
[IP] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL ,
[IPCount] [int] NULL CONSTRAINT [DF_tblIPs_IPCount] DEFAULT (1),
[dateLastMod] [smalldatetime] NULL CONSTRAINT [DF_tblIPs_dateLastMod]
DEFAULT (getdate()),
CONSTRAINT [PK_tblIPs] PRIMARY KEY CLUSTERED
(
[IP]
) ON [PRIMARY]
) ON [PRIMARY]
GOHi
smalldatetime data type has only the accuracy of 1 minute, so you might be
working between 9 and 11 minutes. The data type datetime might be more
appropriate.
Unless this is an intranet application, there is no guarantee that the IP
address could not be the source for multiple users. Corporates have large
proxy servers that do not expose the internal source IP. You might make a
lot of users unhappy if one of them fails to login correctly.
That aside. The following will return the number of hits in the last 10
minutes:
SELECT
COUNT(*)
FROM
tblHits
WHERE
dateAdded > DATEADD(mi, -10, GETDATE())
AND IP = @.YourCurrentIPAddress
Regards
Mike
This posting is provided "AS IS" with no warranties, and confers no rights.
"curious_Lee" <oneworld95_NOSPAM@.yahoo.com> wrote in message
news:eLAzbYbIGHA.3460@.TK2MSFTNGP12.phx.gbl...
> Hi, all. I've got a classic ASP app that I've been tasked with modifying
> to track users' IP addresses. If they fail to login, we want to record
> their IP and the date/time when they failed. If they fail more than 5
> times within 10 minutes, we want to lock them out for 5 minutes. Below are
> the two SQL Server 2000 tables I've created.
> The problem I'm having is this: How do you figure out if user has failed 5
> times within the last 10 minutes. If you believe there's a better way to
> design the tables for this task, please let me know. Thank you :)
> CREATE TABLE [tblHits] (
> [hitID] [int] IDENTITY (1, 1) NOT NULL ,
> [IP] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
> [email] [varchar] (195) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
> [dateAdded] [smalldatetime] NULL CONSTRAINT [DF_tblHits_dateAdded] DEFAULT
> (getdate()),
> CONSTRAINT [PK_tblHits] PRIMARY KEY CLUSTERED
> (
> [hitID]
> ) ON [PRIMARY] ,
> CONSTRAINT [FK_tblHits_tblIPs] FOREIGN KEY
> (
> [IP]
> ) REFERENCES [tblIPs] (
> [IP]
> )
> ) ON [PRIMARY]
> GO
> CREATE TABLE [tblIPs] (
> [IP] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL ,
> [IPCount] [int] NULL CONSTRAINT [DF_tblIPs_IPCount] DEFAULT (1),
> [dateLastMod] [smalldatetime] NULL CONSTRAINT [DF_tblIPs_dateLastMod]
> DEFAULT (getdate()),
> CONSTRAINT [PK_tblIPs] PRIMARY KEY CLUSTERED
> (
> [IP]
> ) ON [PRIMARY]
> ) ON [PRIMARY]
> GO
>
>
>|||Hi
. If you believe there's a better way to
> design the tables for this task, please let me know. Thank you :)
>
create table tblConnection
(
StartTimeCon datetime not null,
EndTimeCon datetime not null
)
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
10:00','20000610 10:10')
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
10:20','20000610 10:22')
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
10:23','20000610 10:25')
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
10:27','20000610 10:45')
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
11:57','20000610 12:00')
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
12:01','20000610 12:04')
insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
12:04','20000610 12:40')
SELECT
StartTimeCon,
ISNULL(
(SELECT MIN(EndTimeCon)
FROM tblConnection AS S3
WHERE S3.StartTimeCon >= S1.StartTimeCon
AND ISNULL(
DATEDIFF(
minute,
S3.EndTimeCon,
(SELECT MIN(StartTimeCon)
FROM tblConnection AS S4
WHERE S4.StartTimeCon > S3.EndTimeCon)), 5) >= 5),
EndTimeCon) AS EndTimeCon
FROM tblConnection AS S1
WHERE ISNULL(
DATEDIFF(
minute,
(SELECT MAX(EndTimeCon)
FROM tblConnection AS S2
WHERE S2.EndTimeCon < S1.StartTimeCon),S1.StartTimeCon),5) >= 5
Note: this SELECT returns rows that StartCon and EndCon >5 minutes. I hope
you get the idea and an modify the query.
"curious_Lee" <oneworld95_NOSPAM@.yahoo.com> wrote in message
news:eLAzbYbIGHA.3460@.TK2MSFTNGP12.phx.gbl...
> Hi, all. I've got a classic ASP app that I've been tasked with modifying
> to track users' IP addresses. If they fail to login, we want to record
> their IP and the date/time when they failed. If they fail more than 5
> times within 10 minutes, we want to lock them out for 5 minutes. Below are
> the two SQL Server 2000 tables I've created.
> The problem I'm having is this: How do you figure out if user has failed 5
> times within the last 10 minutes. If you believe there's a better way to
> design the tables for this task, please let me know. Thank you :)
> CREATE TABLE [tblHits] (
> [hitID] [int] IDENTITY (1, 1) NOT NULL ,
> [IP] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
> [email] [varchar] (195) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
> [dateAdded] [smalldatetime] NULL CONSTRAINT [DF_tblHits_dateAdded] DEFAULT
> (getdate()),
> CONSTRAINT [PK_tblHits] PRIMARY KEY CLUSTERED
> (
> [hitID]
> ) ON [PRIMARY] ,
> CONSTRAINT [FK_tblHits_tblIPs] FOREIGN KEY
> (
> [IP]
> ) REFERENCES [tblIPs] (
> [IP]
> )
> ) ON [PRIMARY]
> GO
> CREATE TABLE [tblIPs] (
> [IP] [varchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NOT NULL ,
> [IPCount] [int] NULL CONSTRAINT [DF_tblIPs_IPCount] DEFAULT (1),
> [dateLastMod] [smalldatetime] NULL CONSTRAINT [DF_tblIPs_dateLastMod]
> DEFAULT (getdate()),
> CONSTRAINT [PK_tblIPs] PRIMARY KEY CLUSTERED
> (
> [IP]
> ) ON [PRIMARY]
> ) ON [PRIMARY]
> GO
>
>
>|||Thank you, Michael and Uri. You've got some very creative solutions. By the
way, the point about public computers or proxy servers is a valid one; we
discussed it, but the powers-that-be wanted to go ahead and do this anyway.
"Uri Dimant" <urid@.iscar.co.il> wrote in message
news:OhYgKlbIGHA.3144@.TK2MSFTNGP10.phx.gbl...
> Hi
> . If you believe there's a better way to
>
> create table tblConnection
> (
> StartTimeCon datetime not null,
> EndTimeCon datetime not null
> )
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 10:00','20000610 10:10')
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 10:20','20000610 10:22')
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 10:23','20000610 10:25')
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 10:27','20000610 10:45')
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 11:57','20000610 12:00')
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 12:01','20000610 12:04')
> insert into tblConnection(StartTimeCon,EndTimeCon)va
lues ('20000610
> 12:04','20000610 12:40')
> SELECT
> StartTimeCon,
> ISNULL(
> (SELECT MIN(EndTimeCon)
> FROM tblConnection AS S3
> WHERE S3.StartTimeCon >= S1.StartTimeCon
> AND ISNULL(
> DATEDIFF(
> minute,
> S3.EndTimeCon,
> (SELECT MIN(StartTimeCon)
> FROM tblConnection AS S4
> WHERE S4.StartTimeCon > S3.EndTimeCon)), 5) >= 5),
> EndTimeCon) AS EndTimeCon
> FROM tblConnection AS S1
> WHERE ISNULL(
> DATEDIFF(
> minute,
> (SELECT MAX(EndTimeCon)
> FROM tblConnection AS S2
> WHERE S2.EndTimeCon < S1.StartTimeCon),S1.StartTimeCon),5) >= 5
>
>
> Note: this SELECT returns rows that StartCon and EndCon >5 minutes. I hope
> you get the idea and an modify the query.
>
>
> "curious_Lee" <oneworld95_NOSPAM@.yahoo.com> wrote in message
> news:eLAzbYbIGHA.3460@.TK2MSFTNGP12.phx.gbl...
>

find a character in string

Good morning,
In the past, with an Informix db and asp/vbscript pages, I've used the
following SQL statement:
select CustomerName, DrawNumber
from Customer
Where DrawNumber[4,4] not in ("I","M")
to find DrawNumber where the 4th character is not equal to I or M. Now that
we've switched over to a SQLServer db, I'm having some trouble getting this
statement work, or finding the equivalent. Any suggestions?
Thanks in advance!
RoseLookup how to use SUBSTRING() function in SQL Server Books Online.
Anith|||where DrawNumber not like '___[IM]%'
(3 underscores before the opening bracket)
Rose wrote:
> Good morning,
> In the past, with an Informix db and asp/vbscript pages, I've used the
> following SQL statement:
> select CustomerName, DrawNumber
> from Customer
> Where DrawNumber[4,4] not in ("I","M")
> to find DrawNumber where the 4th character is not equal to I or M. Now tha
t
> we've switched over to a SQLServer db, I'm having some trouble getting thi
s
> statement work, or finding the equivalent. Any suggestions?
> Thanks in advance!
> Rose|||Look at SUBSTRING() in BOL. It will help.
Perayu
"Rose" <Rose@.discussions.microsoft.com> wrote in message
news:BA7A20AD-3FF6-414D-96AC-8DF5C34FF75B@.microsoft.com...
> Good morning,
> In the past, with an Informix db and asp/vbscript pages, I've used the
> following SQL statement:
> select CustomerName, DrawNumber
> from Customer
> Where DrawNumber[4,4] not in ("I","M")
> to find DrawNumber where the 4th character is not equal to I or M. Now
> that
> we've switched over to a SQLServer db, I'm having some trouble getting
> this
> statement work, or finding the equivalent. Any suggestions?
> Thanks in advance!
> Rose|||Thanks Trey! It worked perfectly!
"Trey Walpole" wrote:

> where DrawNumber not like '___[IM]%'
> (3 underscores before the opening bracket)
> Rose wrote:
>

final product

Hi all,

I have build a small asp.net websites where I want to generate some reports, but I have some questions?

Do you have to install the reporting services on the system where the final product will be hosted?

I have tried to use the report viewer to build a local delivery report, but I can not see the printer, any solution to that ?

Yes you have to install Microsoft Report Viewer.

But, if you create a kit for your web site=> properties on the kit =>Prerequisites=>chech ""Microsoft Reports for VS 2005" (something like this) and also

VERY IMPORTANT chech the second options from down "Telecharger les components requires a partir de l'amplacement de mon application" (sorry but i have VS in french)

Thease option will create the kit with all you nead to run reports after the instalation!!!

Popa Iulia

__________________________________

MCP.MCAD.MCSD

|||

iuliax:

Yes you have to install Microsoft Report Viewer.

Popa Iulia

__________________________________

MCP.MCAD.MCSD

I know that report viewer has to be installed? What about SQL services?

When using report viewer with asp.net local delivery the printer icon disappear?

any solution to that?

|||

Hi there,

I am not sure if could solve that problem of not seeing printer on the reportviewer.

If you have solve the problem that please let me know, as I am also having same problem here. The printer does not appear on the toolbar. Even though I switched the Showprinter properties of reportviewer true.

Thanks

MEmam

kms

|||

Hi there,

I am still waiting for the any answer.

Please if there anyone is welcome to help me to solve the problem of why I can't see printer option on my reportviewer.

Thanks in advance if there is anyone who could provide me the answer. It will be a great help.

regards,

Emam

Filtering SqlDataSource to show all vs. non-null records

Hi -- I'm starting an ASP.NET 2.0 application which contains a page with a checkbox and gridview control on it. In its default state the gridview displays all the records from a table pulled from a SQL Server database (via a SqlDataSource object). When the user checks the checkbox, I want the gridview to display only the records where one of the columns is not null. But I've been unable to construct the WHERE clause of the SQLDataSource object correctly. I see that I can hard-code the SqlDataSource object so that the column to be filtered is always NULL or always NOT NULL. But I want this filtering to be more dynamic such that the decision to show all or non-null records happens at run-time. Should I be using two SqlDataSource objects -- one for the NOT NULL condition and one for the "all records" condition? Then when the user checks the checkbox, the gridview would be configured to point to the appropriate SqlDataSource object. (?) Seems like a bit of overhead with that approach. I'm hoping there's a more elegant way to get this done. Please let me know if you need more information. Thanks in advance.

Bill

Construct a better SELECT that uses a parameter.

SELECT ...

FROM ...

WHERE (@.ShowAll=1)

OR (@.ShowAll=0 AND (col1 IS NOT NULL OR col2 IS NOT NULL OR col3 IS NOT NULL))

|||Sweet. Thank you much.