I am trying to convert an Oracle query to a SQL Server and facing an issue. Can you please help me ?
Oracle Query:
select ORA_HASH(SYS_GUID()) as SEGMENTID from my_Table
I am looking for a function which is equivalent to ORA_HASH() function in SQL Server. I was searching in google and found that HASHBYTES() function is the one which works as ORA_HASH in SQL Server. But when I tried to use, the return value of this is Hexa decimal and on the other hand, ORA_HASH is returning an integer.
Can you please help me in proving the equivalent function to ORA_HASH in SQL Server which works same as ORA_HASH ?
You shall try CHECKSUM which as per doc is intended for use in building hash indexes. https://learn.microsoft.com/en-us/sql/t-sql/functions/checksum-transact-sql
Related
I'm trying to filter results from a Query i have created in Microsoft Query to pull data from a database into my Excel sheet. Specifically I'm trying to filter out based on the nth character of a string.
I can easily filter out the based on the first char:
SOPOrderReturnLine.ItemCode Like 'A25%'
But I have no idea how I could filter to show only entries where the 10th char = "A". I'm sure I have to use a Substring function, but it's not familiar to me and I'm struggling to get it to work.
Try to edit your sql query and enter the following statement:
select * from SOPOrderReturnLine where substring(SOPOrderReturnLine.ItemCode,10,1) = 'A';
The statement should work for a MySql database as well as for an Sql Server in the background; (I've tested it with an MySql database).
Hope this helps.
In MSQuery (Jet under the covers, I think), the function is Mid.
SELECT * FROM tblLocation WHERE (Mid(LocationName,2,1)='e')
to find a lower case 'e' in the second location.
I assume when you say MS Query, you are running a query against a DBMS (SQL Server or some other via ODBC).
The use of substr, substring or mid should work, depending on which DBMS. That said, unless you're using MS Access, I think most DBMSs will support the underscore character as "any single character." It might even work in Access, but I don't know for sure. Therefore, I think in addition to the suggestions you've gotten, this will also work in most cases:
SOPOrderReturnLine.ItemCode Like '_________A%'
If you want to use substring, don't hold me to these, but I think:
Oracle / DB2 / SQLite - substr
Microsoft SQL Server / Sybase / MySQL - substring
MS Access - mid
PostgreSQL -substr or substring
I know there's a way to do this in regular Sql Server, and if I'm not mistaken, it looks something like this:
SELECT UNIX_TIMESTAMP(ba_trans_entered) * 1000 AS 'dateUTC'
I do admit, however, that I don't get the * 1000 part, but that's beside the point.
When I try to perform this query in SQL Server CE it just tells me (i.e., WebMatrix tells me):
'UNIX_TIMESTAMP' is not a recognized built-in function name.
I'm assuming UNIX_TIMESTAMP is not supported in Sql Server Compact.
Also, I tried Googling and searching here on SE but no data relevant to SQL Server CE shows up, so there may not be a way in the given environment.
Is there any way to convert 'datetime' (example: 7/13/2007 12:00:00 AM) to timestamp (example: 1184302800000)? I know I can do this in JavaScript, but I was told it might be faster to do this in the query itself, and since I am pulling a ton of data...
The UNIX_TIMESTAMP function does not exist in SQL Server on SQL Server Compact, but you can use DATEDIFF:
DATEDIFF(SECOND,{d '1970-01-01'}, ba_trans_entered)
On searching msdn, I found a built-in function called HASHBYTES(). Not sure if that can be used to get a result that DBMS_UTILITY.get_hash_value() gives in oracle.I am using SQL Server 2008. Thanks in advance.
HASHBYTES is close, but uses presets for certain algorithms (e.g. SHA1 or MD5)
You can't choose the base or length like you can with DBMS_UTILITY.GET_HASH_VALUE()
You may have to roll your own to emulate it exactly but I'd see this as a backwards step...
Comparison in SQL built-in functions in Oracle and SQL Server on below given link
http://dotnet-bm.blogspot.in/2013/08/comparison-in-sql-built-in-functions-in.html
In postgresql database have one function btrim(string text [, characters text]).
For examples
btrim('xwxpostsqlwwx', 'wx')
In this function return value postsql.
Like this I need to do in SQL Server 2005. Is there any similar builtin function available in SQL Server?
REPLACE, SUBSTRING,CHARINDEX
http://msdn.microsoft.com/en-us/library/ms181984.aspx
I don't know of any exact equivalent, but you should be able to achieve the same results using SQLServer's Regular Expression functionality.
I believe there is no such a built-in function, but you can create your own if you like. You can find an example of a function doing exactly what you want here (at the bottom of the page).
The website i worked was recently attempted to be hacked by the following SQL injection script
boys' and 3=8 union
select 1,
concat(0x232425,ifnull(`table_name`,0x30),char(9),ifnull(`table_rows`,0x30), char(9),0x252423),
3,4,5,6,7,8,9
from `information_schema`.`tables`
where table_schema=0x62646B3032 limit 44,1 -- And '8'='8
This injection returned the mysql table name. This was reported by the error reporting system on that website and we managed to fix that part however I am not able to understand what does the above injection mean?
Anyone can explain this?
Penuel
They're using a select from the Information Schema views in mysql server :
http://dev.mysql.com/doc/refman/5.0/en/information-schema.html
They use some clever hacks to rout out simple sql injection prevention techniques.
According to this the MySQL concat()
Returns the string that results from
concatenating the arguments. May have
one or more arguments. If all
arguments are nonbinary strings, the
result is a nonbinary string. If the
arguments include any binary strings,
the result is a binary string. A
numeric argument is converted to its
equivalent binary string form
So 0x232425 is converted to #$% which is simply added to the begining and end of the table_name field. Maybe just to make it easier for them to pull out the Table names later using Regex.
Later on the char(9) is equivalent to a tab as you can see here and is just there to format the output nicer.
The 3,4,5,6,7,8,9 is just there so that the columns match the boys table that they are performing the Union on.
This injection returned the mysql table name.
Do you mean that your website displayed the table name when you gave it this input, or that the query returns that when run from the mysql client? If it showed on your website, then the attacker has the ability to inject much more harmful queries. Check your data.