Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (3)

Resolved SQLCA connection

  1. How-to
0
Votes
Undo
  1. James Pendarvis
    James Pendarvis
  2. PowerBuilder
  3. Monday, 16 December 2019 12:48 PM UTC

Okay - I am not sure why this is happening, but I need to understand.

When I execute the application via the IDE the SQLCA.dbparm = "DataSource='**************',TrustedConnection=1,Namespace='System.Data.SqlClient',Database='*******',CommandTimeout= '1200'"

 

When I execute the application via the server that is hosting the EXE the SQLCA.dbparm = "DataSource=**************,TrustedConnection=1,Namespace='System.Data.SqlClient',Database=*******,CommandTimeout= '1200'"

 

The difference between the two is the ' mark associate to the DataSource and DataBase. These values are being provided by the application.ini file.

 

My application provides the following snippet of code:

SQLCA.DBParm = "DataSource='"            + profilestring(gs_inidbloc, 'DBMS_PROFILES', 'DataSource', '') + "'" &
                       + ",TrustedConnection="  + profilestring(gs_inidbloc, 'DBMS_PROFILES', 'TrustedConnection', '') &
                       + ",Namespace='"            + profilestring(gs_inidbloc, 'DBMS_PROFILES', 'Namespace', '') + "'" &
                       + ",Database='"               + profilestring(gs_inidbloc, 'DBMS_PROFILES', 'DataBase', '')  + "'" &
                       + ",CommandTimeout= '1200' "

 

Thumbnail Viewer for Images?
Migration from 8 to 19 - data type errors
Responses (3)
James Pendarvis
James Pendarvis Accepted Answer Pending Moderation
  1. Wednesday, 18 December 2019 11:56 AM UTC
  2. PowerBuilder
  3. # 1

I have modified my code to include the function, it is still stripping the '.

 

I have added the character ~ to the string formation:

SQLCA.DBMS = profilestring(gs_inidbloc, 'DBMS_PROFILES', 'DBMS', '')
SQLCA.AutoCommit = False
SQLCA.Database = ls_database
SQLCA.DBParm = "DataSource= ~' "            + ls_source + "~'" &
                       + ",TrustedConnection="  + profilestring(gs_inidbloc, 'DBMS_PROFILES', 'TrustedConnection', '') &
                       + ",Namespace=  "            + wf_quoted(ls_namespace, "'")  &
                       + ",CommandTimeout= '1200' "

 

I did make the function global but here is its code:

if Left(as_text, 1) + Right(as_text, 2) = as_quote + as_quote then
   return as_text
else
   return as_quote + as_text + as_quote
end if

 

Connection string results

 

dbparm=DataSource=server\instance, TrustedConnection=1,Namespace='System.data.SqlClient',Database=db_version

 

Error is DBMS ADO.NET is not supported in your current installation.

 

I think if I can get the ' wrapped around the server\instance I might have a different result.

Comment
Michael Kramer
  1. Michael Kramer
  2. Wednesday, 18 December 2019 17:26 PM UTC
I would drop the tilde character since you are embedding single quotes in a double-quoted string. Hence, no need for the tilde characters.

BTW: I see your NameSpace segment is single-quoted (that's where you call your wf_quoted function.

What happens if you remove 2 x [ ~' ] around ls_datasource and instead call wf_quoted same as for NameSpace?

  1. Helpful
James Pendarvis
  1. James Pendarvis
  2. Wednesday, 18 December 2019 19:00 PM UTC
It still drops the ' around DataSource and Database. It added the ' mark around the namespace regardless of the function being called.



I have a desktop application that uses ADO.NET. When I connection with a standard connection string:

Data Source = server\instance; Initial Catalog= database_name; Integrated Security = true I am successful in logging in.
  1. Helpful
There are no comments made yet.
Michael Kramer
Michael Kramer Accepted Answer Pending Moderation
  1. Monday, 16 December 2019 14:09 PM UTC
  2. PowerBuilder
  3. # 2

Sample function that applies quotes only when quotes are missing

// string function of_GetQuoted(readonly string as_text, readonly string as_quote)
if Left(as_text, 1) + Right(as_text, 2) = as_quote + as_quote then
   return as_text
else
   return as_quote + as_text + as_quote
end if

This function is easily inserted into existing expressions:

SQLCA.DBParm = "DataSource='" + ProfileString(gs_inidbloc, ...) + &

SQLCA.DBParm = "DataSource=" + of_Quoted(ProfileString(gs_inidbloc, ...), "'") + &

 

Comment
There are no comments made yet.
Michael Kramer
Michael Kramer Accepted Answer Pending Moderation
  1. Monday, 16 December 2019 13:19 PM UTC
  2. PowerBuilder
  3. # 3

As long as your DataSource string contains no "dangerous" characters they perform equivalent. Examples of "dangerous" characters: Comma, semicolon, space, quotes, etc.

SQLCA.DBParm="DataSource='Alfa,DisableBind=1',TrustedConnection=1,..."

SQLCA.DBParm="DataSource=Alfa,DisableBind=1,TrustedConnection=1,..."

In most cases your data source name is safe - but who knows what an attack on your INI file may do to your DBParm text?

I personally would always use quotes to eliminate a risk I don't need.

HTH /Michael

Comment
James Pendarvis
  1. James Pendarvis
  2. Monday, 16 December 2019 13:26 PM UTC
Would charaters like _ or / be considered "dangerous". How can I force the tick marks?
  1. Helpful
Michael Kramer
  1. Michael Kramer
  2. Monday, 16 December 2019 14:01 PM UTC
One options >>> (extra spaces for reading)

ls_datasource = ProfileString( . . . )

IF Left(ls_datasource, 1) + Right(ls_datasource, 1) <> " ' ' " THEN ls_datasource = " ' " + ls_datasource + " ' "



That one-liner colud be wrapper in a function to return a guaranteed quoted string. (see separate reply for code example)
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.