This document provides information about SQL Injection attacks and how the risks associated with them are mitigated in the DataFlex application environment. When SQL statements written by a developer are included in an application program for direct execution by an SQL server, the developer is responsible for making sure that his or her programming style does not let the guard down for threats like SQL Injection or other risks.
What is an SQL Injection attack?
This blog contains information on choosing and changing the data source in the Data Access report writer.
During the creation of a new report a data source needs to be selected. A data source makes it possible for the report writer to access the rows of data in tables. Currently 3 data source categories are available; DataFlex, ODBC and RDS.
For the DataFlex database the data source is either the list of tables (usually named filelist.cfg)
Updated 25-Feb-2013 at 09:24 AM by Vincent Oorsprong
(Two functions added)
The Database Connectivity Kits used to add an uppercase (U_) column when tables were converted from DataFlex native databases to an SQL backend. That column was there just to fulfill the need of an uppercase index segment.
However, starting with build 22.214.171.124 (find the latest builds available at ftp://ftp.dataaccess.com/pub/products/connectivity/ ), the Connectivity Kits were changed and by default they simply use the collating sequence defined for the database on the backend and
When using the database Connectivity Kits, developers may choose to use embedded SQL (ESQL) in their applications to take advantage of the database server capabilities and set processing. In ESQL you can execute many different statements either one by one or in batches. So, how can batch statements be used in Visual DataFlex?
What are Batch Statements
A batch of SQL statements is a group of two or more SQL statements or a single SQL statement that has the same effect as a group