This document provides information about SQL Injection attacks and how the risks associated with them are mitigated in the DataFlex application environment. When SQL statements written by a developer are included in an application program for direct execution by an SQL server, the developer is responsible for making sure that his or her programming style does not let the guard down for threats like SQL Injection or other risks.
What is an SQL Injection attack?
A normal uninstall procedure of DataFlex requires three simple steps:
Run Programs and Features (accessible through Control Panel on your Windows machine)Select to uninstall DataFlexRestart your computer to finalize the process (and release anything DataFlex that was loaded in memory)
Sometimes users fail to execute step 3 and go straight to installing another build of DataFlex. What might happen is that files not released from memory will still be detected as existing files
Updated 18-Mar-2015 at 12:57 PM by Marcia Booth
If you are migrating a web application from Visual DataFlex 17.1 to DataFlex 18.0, you might need to take an extra step to get your application to successfully compile and run in the new revision.
This is due to a change in the tWebRow structure used in DataFlex Web Framework.
To understand the two main reasons for this change it is important to understand how this worked under 17.1.
When the DataFlex web framework was developed,
Updated 24-Apr-2014 at 10:03 AM by Dennis Piccioni
Visual DataFlex 17.0 introduced a change in regards to fonts. Visual DataFlex 17.0 (and higher) allows true Windows fonts to be used in applications. Before 17.0, Sans Serif was the only font used in Visual DatFlex.
That means that applications being migrated to 17.0 or higher may need to be adjusted in order to have the desired screen layout on all platforms and resolutions, but once you make this one-time change, your application should look the same on any platform.
Updated 8-Sep-2014 at 01:10 PM by Marcia Booth
The Database Connectivity Kits used to add an uppercase (U_) column when tables were converted from DataFlex native databases to an SQL backend. That column was there just to fulfill the need of an uppercase index segment.
However, starting with build 126.96.36.199 (find the latest builds available at ftp://ftp.dataaccess.com/pub/products/connectivity/ ), the Connectivity Kits were changed and by default they simply use the collating sequence defined for the database on the backend and
Through Report Designer Component (RDC) you manipulate objects and their properties, and use events and methods available in those objects. You can read more in the Help on the page Understanding the RDC Object Model (under Reference Library | Crystal Reports Development).
Because of that, there might not be a direct way to change something in cCrystal like it was in the old CrystalReport class, i.e. by simply setting a different property in cCrystal; you will have to find what you
When a column contains a NULL value, its content is undefined. if you are using Visual DataFlex commands/methods, the Connectivity Kit has ways (e.g. DF_FIELD_IS_NULL) to deal with return values and take care of NULL values for you.
Now, if you are using Embedded SQL (ESQL), you have direct access to what is stored in the SQL backend and will need to take care of NULL values yourself, otherwise you might see gibberish when the value returned is NULL -- and NULLs can be anything! In
Updated 19-Dec-2012 at 12:16 PM by Marcia Booth
When using the database Connectivity Kits, developers may choose to use embedded SQL (ESQL) in their applications to take advantage of the database server capabilities and set processing. In ESQL you can execute many different statements either one by one or in batches. So, how can batch statements be used in Visual DataFlex?
What are Batch Statements
A batch of SQL statements is a group of two or more SQL statements or a single SQL statement that has the same effect as a group
When using one of the database Connectivity Kits, how can you make your program display its own error message when a connection string is not correct? By default, an error is displayed and the database will pop up a login dialog for users to enter their correct user and password. Or the application may display an unhandled error. Hmm... not what you want to see when using either the login command or SQLConnect method.
In order to have your application better handle those errors,
In order to update our Samples to use the new XML methods (*NS methods) and schema validation, I had to go through some steps to get it all working. I thought it would be beneficial to document what I have done and share what I have learned while converting the samples -- so here I am.
Note that these changes are not required for applications to be migrated to Visual DataFlex 15.1, but namespaces can play a vital role in a data integration project or data exchange scenario, where
The default Windows settings constantly change and starting with Windows Server 2003 some settings are not configured to accommodate what is needed in a Visual DataFlex environment. Also, some components necessary for Visual DataFlex to fully run are not installed by default. So, before installing Visual DataFlex, you should review and configure your server.
In order to install and successfully run, Visual DataFlex needs the following to be appropriately set:
Updated 8-Aug-2014 at 11:17 AM by Marcia Booth
When using the Connectivity Kits, we hear a lot about intermediate (INT) files and structure cache (CCH) files, but the role that those files play in the Connectivity Kit world seems to not be completely understood.
What is an INT file?
INT files are text files that contain the driver name to be used to open a table, the table's connection information (server, database, etc) and identification (table name, schema, etc), and some special information (e.g. whether the table is
Updated 15-Dec-2009 at 09:28 AM by Stephen W. Meeley
Amidst all the Arrays & Structs in-depth multi-part series by Sonny Falk, why not take a look at an example of using an array? The code shown here uses a single-dimensional array as the base for a stack class.
A stack is, by definition, a "last in, first out" (LIFO) abstract structure where elements can be added or taken off from only one end, called the "top". A stack can have any abstract data type as an element, but is characterized by two fundamental operations: push and pop.
Depending on what you are working on, certain improvements in security that Microsoft implemented become annoyances in your test environment. On Windows Server 2003, my favorite two that I need to turn off immediately are:
1. Internet Explorer Enhanced Security Configuration
2. Shutdown Event Tracker
1. Internet Explorer Enhanced Security Configuration
By default, this is enabled on Windows 2003. Whenever you open IE, you get the message below displayed
When writing the Migration Wizard I needed to come up with a solution for executing different routines depending on the revision the original workspace was from. As part of that solution, I decided to create a function that would generate the name of the routine on the fly, using the revision of the workspace that was being migrated. That way the main migration code would be simple and clean, and I would never need to change it in the future to accommodate upcoming revisions.
Updated 17-Aug-2009 at 08:44 AM by Stephen W. Meeley
What??? Connectivity Kits and Visual DataFlex combined in one serial number? How can I use it? What about the web server? Can I use the same registration program to enter all my licenses? Which license should be active? And what does being active mean anyway?
If those questions have crossed your mind but you never really asked them, just carry on reading; this is your chance to get them all answered.
The Pieces: Types of Licenses
How does Data Access
Updated 29-Jun-2016 at 05:04 PM by Marcia Booth
Note: This information applies to Visual DataFlex 2008 and higher.
What is Skinning?
Skinning can be defined as the process of applying a skin (customized graphical appearances) in order to change an application’s look and feel. Some skins merely make the program more aesthetically pleasing, but others can rearrange elements of the interface, potentially making the program easier to use.
Visual DataFlex and Skinning
Updated 3-Aug-2009 at 09:19 AM by Marcia Booth