I have a MSSQL table with large number of alpha numeric codes. I have to verify these codes are within certain characters. How do I write a SQL in MSSQL? Any advice ?
Codes Table
JFBBB22 -> Valid
JBBYB33
AXBBB22 ->Invalid
LBBBB33
Code I am using in c# to validate..
Regex.IsMatch(code, "^[BCDFGHJKLMNPQRSTVWXZ123456789]*$").
WHERE code NOT LIKE '%[^BCDFGHJKLMNPQRSTVWXZ123456789]%'
You can do it like this:
select dbo.RegexMatch( N'123-45-6789', N'^\d{3}-\d{2}-\d{4}$' )
For the full documentation check The MSDN site for the official page
Related
Consider below query containing both Persian(a right to left language) and English(a left to right language):
SELECT 'نرم افزار SQL سرور'
the required result is this string :
سرور SQL نرم افزار
Is there any function or any other way to converting string from ltr to rtl??
It is required to add N before string literal: SELECT N'نرم افزار SQL سرور'. This is needed to correctly interpret contained Unicode characters. (Source)
Important: In some cases, please avoid using standard copy-paste in order to put SELECT into SSMS command window. This could affect the RTL/LTR order. Instead, try to open correctly composed file using File > Open.
And regarding your comment:
the result should be : سرور SQL نرم افزار`
I admit I understand RTL writing system only partially, but from what I can see, Persian words are put to the output exactly in order as you entered them (even if reading right to left). Could you show me based on Unicode Bidirectional Algorithm or similar standards document why the word order should be changed by SQL Server? Shouldn't be change you expect made by preprocessing on another place, sending expected string form SELECT N'سرور SQL نرم افزار'? I see no point why just SQL SELECT should perform the change. If it did, what would happen if you feed result of such a SELECT into another SELECT? Another transformation? I have reasons to think that SQL server is interpreting your input technically correctly.
Hint: maybe you can try to surround your RTL text by different Directional formatting characters.
Please try the same SELECT with MySQL server at SQL Fiddle. Different server and technology, but the same result as Microsoft SQL Server gave.
Result from SSMS with MS SQL Server:
Conclusion: in order to get expected result, please form the input accordingly.
Related: Transformation of word order you expected can be done by appropriate settings in user interface.
When we add digit with english this will again not work following solution will work
SELECT nchar(8234)+ N' 33-M ' + N'کلینک کمرہ نمبر' +nchar(8236) + N'میں تشریف لائیں'
I have a table containing a nvarchar column [AffectedNodes] that looks something like this when you take a peek at its contents (two variations shown):
"MID128; MID129; MID130"
"[1,3,2]; [3,1,2]"
We are working on a change which will move the AffectedNodes into its own table [AffectedNode] that has a nvarchar column [NodeId], which should store one of the nodes from the above string. I'm tasked with migrating the existing content to the new format.
As you can see the values are split using semi-column and a space.
To follow the database upgrade process they use in our project I have to write an SQL query in SQL Server CE. I'm wondering how I could do this in a neat way. Thanks!
SQL CE supports, CHARINDEX and SUBSTRING function, did you check that out or did you see any issue with them?
Pretty simple one today. I've got a column, let's call it title, with a bunch of project titles. What I need to to pull everything from the left of the ":" and do a left/right trim (I'm then going to be using that in a join later on but I just need a column with the new data for now). So here's an example of what the current column looks like:
And here's what I need it to look like after the query is run:
The problem is while the # are 6 characters now, I can't guarantee they'll always be 6 characters. So if I was doing this in Excel I'd use the deliminated feature or just write a left/len/search function. Wondering how to do the same in SQL. BTW, I'm using SQL Server Management Studio.
Thoughts?
Assuming that your number is always followed by a [space]:[space], then simply look for that first space, and use its location as the argument for a left-substring operation:
SELECT LEFT(Title, CHARINDEX(' ', Title, 0)) AS "New Title"
p.s. Just say you're using MS SQL Server. SSMS is just a management front-end for that database.
check this post out. it does exactly what you are trying to do.
SQL Server replace, remove all after certain character
The website i worked was recently attempted to be hacked by the following SQL injection script
boys' and 3=8 union
select 1,
concat(0x232425,ifnull(`table_name`,0x30),char(9),ifnull(`table_rows`,0x30), char(9),0x252423),
3,4,5,6,7,8,9
from `information_schema`.`tables`
where table_schema=0x62646B3032 limit 44,1 -- And '8'='8
This injection returned the mysql table name. This was reported by the error reporting system on that website and we managed to fix that part however I am not able to understand what does the above injection mean?
Anyone can explain this?
Penuel
They're using a select from the Information Schema views in mysql server :
http://dev.mysql.com/doc/refman/5.0/en/information-schema.html
They use some clever hacks to rout out simple sql injection prevention techniques.
According to this the MySQL concat()
Returns the string that results from
concatenating the arguments. May have
one or more arguments. If all
arguments are nonbinary strings, the
result is a nonbinary string. If the
arguments include any binary strings,
the result is a binary string. A
numeric argument is converted to its
equivalent binary string form
So 0x232425 is converted to #$% which is simply added to the begining and end of the table_name field. Maybe just to make it easier for them to pull out the Table names later using Regex.
Later on the char(9) is equivalent to a tab as you can see here and is just there to format the output nicer.
The 3,4,5,6,7,8,9 is just there so that the columns match the boys table that they are performing the Union on.
This injection returned the mysql table name.
Do you mean that your website displayed the table name when you gave it this input, or that the query returns that when run from the mysql client? If it showed on your website, then the attacker has the ability to inject much more harmful queries. Check your data.
I'm using an Xml field in my Sql Server database table. I'm trying to search a word using the XQuery contains method but it seems to search only in case sensitive mode. The lower method isn't implemented on Sql Server XQuery implementation also.
¿Is there a simple solution to this problem?
If you're using SQL Server 2005, I'm afraid you're out of luck.
If you're using SQL Server 2008, you can use the upper-case function like this :
DECLARE #x xml = N'abcDEF!#4';
SELECT #x.value('fn:upper-case(/text()[1])', 'nvarchar(10)');
Here's a link on MSDN for the upper-case syntax and a couple search examples :
http://msdn.microsoft.com/en-us/library/cc645590.aspx
First link from google points to MSDN page:
contains Function (XQuery)
In order to get case-insensitive
comparisons, the upper-case or
lower-case functions can be used.