i have to create a password field for my Diver table,
the password has to be exactly 8 characters, and only numbers (0-9) and letters (a-z) are
allowed. how do i do that?
i tried:
create table tblDiver
(
DiverNumber int primary key,
DiverPassword char(8) not null CHECK (DiverPassword like '[0-9][0-9][0-9][0-9][0-9][0-9] [0-9][0-9]')
)
but of course it only gives me to put only numbers.. i want letters also
You shouldn't save your passwords unencrypted in a database! NEVER!
but the regex expression you want is
like '[abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789][abcdefghijlmnopqrstuvzkwy0123456789]')
MSSQL as a fairly poor regex...
Related
I have a table hash_table both in Microsoft SQL Server and AWS Redshift.
Redshift
Column Name
Data Type
phone
numeric(8,8)
name
string(2147483647)
SQL Server
Column Name
Data Type
phone
numeric(8,0)
name
nvarchar(80)
I want to extract a hash value from both tables so I can automate the value comparison. But even when I have the same values in both sides, the hash value from each field isn't the same.
I suppose it has sth to do with the data types but I haven't found anything regardig this matter on hash articles.
Am I doing sth wrong?
Here are the functions I've used and them results. At first I tryed with column name but, once the data type differs from each database, I decided using phone:
Redshift
SELECT TOP (1)
len(TelephonyExtension) as PhoneLen,
TelephonyExtension as Phone,
MD5(CONVERT(nvarchar(30), phone)) as Hash
FROM hash_table
Result:
PhoneLen
Phone
Hash
1
1
cfcd208495d565ef62e7dff9f98764fa
SQL Server
SELECT TOP (1)
len(TelephonyExtension) as PhoneLen,
TelephonyExtension as Phone,
HASHBYTES('MD5', CONVERT(nvarchar(30), phone)) as Hash
FROM hash_table
PhoneLen
Phone
Hash
1
1
A46C3B54F2C9871CD91DAF7A932499X0
I have also used sha2_256 instead of MD5 but the problem persists
I expected the hash columns to have the same value in both systems for any type of column.
Hash operates on strings. If the hash is different then the strings are likely different. Add MD5(CONVERT(nvarchar(30), phone)) as Hash to you selects and post if there are differences.
I've done this a few times for clients and getting the strings to match exactly between two DBs can be tricky. Any extra spaces, non-printing chars, or puff of wind can make this mismatch.
I'm making a Windows Application by using Entity Framework.I have a table name "DichVu".
This is my talbe: "DichVu":
My problem here is when I insert new record to table "DichVu" the primary key just have 5 characters and I get successfully. But after that I write a method to get all records in my table "DichVu" and show them on GridControl my ID field(here is MaDV) has 10 characters (5 of them are blank).
I tried to use query in SQL Server and count the "MaDV" lenght but It showed me exactly 5 characters for each record.
Here is the result for using query:
And this is the result when I use the method to get those records:
As you can see in the above picture. I got the issue at the field "MaDV".
Hope everyone can help me. I will be grateful to everyone for helping me.
Use VarChar(10).
Char(10) will always be 10 characters long in storage, varchar (variable length characters) supports allowing different lengths.
I have a problem with encoding of string constants in queries to NVARCHAR field in SQL Server v12.0.2. I need to use national characters (all in the same single code page e.g. cyrillic WIN1251) in queries without N prefix.
Is it possible?
Example:
1. CREATE TABLE TEST (VALUE NVARCHAR(100) COLLATE Cyrillic_General_CI_AS);
2. INSERT INTO TEST VALUES (N'привет мир');
3. INSERT INTO TEST VALUES ('привет мир');
4. SELECT * FROM TEST;
This will return two rows:
| привет мир |
| ?????? ??? |
So the first insert works correctly, I expect the second to do the same because TEST.VALUE column collated in Cyrillic_General_CI_AS. But it looks like national characters ignores field collation and use code page from somewhere else.
I realize that in this case I won't be able to use characters from more than one code page and languages that doesn't fit 1-byte encoding, but that is fine for me. Other option is to modify all queries to use N prefix before string constants, but it is not possible.
Without the N prefix, the string is converted to the default code page of the database, not the table you're inserting into (see MSDN for details)
So either you should change database collation to Cyrillic_General_CI_AS, or find all the string constants and insert N prefix.
I am working on building a database for my HR system. where i need to store the number of employee at each department . this number can be any thing from zero to 999999 ... now i am storing the EmployeeCount as int , and i am checking that the user should not enter negative numbers ,, so i will not end up having values such as -30 , -100 , etc..
now i am not sure if there is a better datatype to be used inside the sql server 2008 r2 ,to represents EmployeeCount, which only allow storing positive int ? i nearest datatype is tinyint but it only allow having up to 255..
int is probably the best datatype for you in this case.
There is not a standard way of saying "positive int", but just plain "int" is the closest thing to it, and then let your application (or db constraints, or sprocs, or triggers, etc.) make sure that the value entered ends up >= 0.
You can only use SMALLINT if the maximum of employeecount is 32768. Other than that, you would need an INT and you could add a constraint for values to be positive, when designing your table. Something like:
EmployeeCount int NOT NULL CHECK (EmployeeCount > 0)
If you really want to, you can also define your own type. Read this for further information:
https://technet.microsoft.com/en-us/library/aa933121(v=sql.80).aspx
How to encrypt column in postgres database using pgcrypto addon ?
I am using postgres 9.3 and i need to encrypt one of my column , does postgres also support Aes encryption or by any mean i can achieve it ?
Yes, Postgres pgcrypto module does support AES. All details with examples can be found here. As for the sample usage:
-- add extension
CREATE EXTENSION pgcrypto;
-- sample DDL
CREATE TABLE test_encrypt(
value TEXT
);
INSERT INTO test_encrypt VALUES ('testvalue');
-- encrypt value
WITH encrypted_data AS (
SELECT crypt('PasswordToEncrypt0',gen_salt('md5')) as hashed_value
)
UPDATE test_encrypt SET value = (SELECT hashed_value FROM encrypted_data);
Validate password:
SELECT (value = crypt('PasswordToEncrypt0', value)) AS match FROM test_encrypt;
Returns:
match
-------
t
(1 row)
The above is not encryption as encryption is reversible which means if you encrypt some secret text or value, you should be able to know what that secret value or text was unlike hashing where you want to verify if the user-provided value matches the hashed value or not.
This is how you would encrypt column data using pgcrypto module.
create extension if not exists pgcrypto; -- this will install the module if not installed
CREATE TABLE agents (
id serial primary key,
name varchar not null
);
INSERT INTO agents (name) values
(pgp_sym_encrypt('Johny Smith', 'longsecretencryptionkey')),
(pgp_sym_encrypt('Bob Marley', 'longsecretencryptionkey'));
longsecretencryptionkey
is your encryption key. You can generate encryption key from here encryption key generator and choose the bit of your choice. The recommendation would be to choose min 256 bit.
Remember to keep the encryption key somewhere safe saved somewhere. If you lose your encryption key, you will not be able to decrypt it anymore. This is very crucial to understand.
This is how you would query them
SELECT pgp_sym_decrypt(name::bytea, 'longsecretencryptionkey') FROM users WHERE pgp_sym_decrypt(name::bytea, 'longsecretencryptionkey') ILIKE 'johny%'; -- querying for agents whose name start with johny
You can checkout this blog article which helped me
https://blog.andreiavram.ro/encrypt-postgresql-column/
Note:
Instead of keeping the name column in varchar, you can use bytea data type for the column. So the table becomes
CREATE TABLE agents (
id serial primary key,
name bytea not null
);
So, when querying you don't need to cast every time, you can do just this
SELECT pgp_sym_decrypt(name, 'longsecretencryptionkey') FROM users WHERE pgp_sym_decrypt(name::bytea, 'longsecretencryptionkey') ILIKE 'johny%'; -- querying for agents whose name start with johny
edit queue is full,
just put some description about crypt here:
一. crypt()
Password Hashing Functions
https://www.postgresql.org/docs/current/pgcrypto.html#id-1.11.7.35.7
The functions crypt() and gen_salt() are specifically designed for hashing passwords.
crypt() does the hashing and gen_salt() prepares algorithm parameters for it.
crypt(password text, salt text) returns text
Calculates a crypt(3)-style hash of password. When storing a new password, you need to use gen_salt() to generate a new salt value. To check a password, pass the stored hash value as salt, and test whether the result matches the stored value.
man 3 crypt
https://manpages.ubuntu.com/manpages/jammy/en/man3/crypt.3.html
The crypt, crypt_r, crypt_rn, and crypt_ra functions irreversibly “hash” phrase for storage in the system password database (shadow(5)) using a cryptographic “hashing method.”
二. pgp_sym_encrypt
PGP Encryption Functions
https://www.postgresql.org/docs/current/pgcrypto.html#id-1.11.7.35.8
The functions here implement the encryption part of the OpenPGP (RFC 4880) standard. Supported are both symmetric-key and public-key encryption.
pgp_sym_encrypt(data text, psw text [, options text ]) returns bytea
Encrypt data with a symmetric PGP key psw.
pgp_sym_decrypt(msg bytea, psw text [, options text ]) returns text
Decrypt a symmetric-key-encrypted PGP message.