| Author |
 Topic  |
|
nr
SQLTeam MVY
United Kingdom
12543 Posts |
 Posted - 11/06/2002 : 10:23:10
|
I'm always happy for people to criticise things I write or say.
Whether or not they waste their time in a futile attempt to improve it  .
==========================================
Cursors are useful if you don't know sql.
DTS can be used in a similar way.
Beer is not cold and it isn't fizzy. |
 |
|
|
robvolk
Most Valuable Yak
USA
15568 Posts |
Posted - 11/06/2002 : 10:53:45
|
quote:
I'm not sure what you mean here, but it is very *unpolitely* to reply in such manner to my bug report.
SQL Team is not a bug reporting site, it is a community of SQL Server users and developers who focus on helping each other out. Reporting a "bug" as you call it without any detail on how to fix it is not particularly helpful.
quote:
It is a common practice for software industry to confirm found bugs, fix 'em and disclose details.
OK, the key term I see there is "FIX 'EM", so where's the bug fix? Oh wait, I forgot, that's not your job...sounds like the typical l337 d00d script kiddie hacker org Bugtraq line.quote:
Moreover, I'd like to imform everyone on this site that few times I've reported those people (graz, robvolk) bugs on their own site (multiple SQL Injection bugs) and they even don't say me "thanks".
Well, I have not received an email from you or anyone else about these kinds of vulnerabilities, and you did not post them on SQL Team. Kind of hard to thank you for something you didn't do. I'll check in with "those people" and see if they've heard about it.quote:
Also those “gurus” have deleted my messages where I’ve shown how easy it is to break encryption used by SQL Server 7.
Not one of your posts was ever deleted from SQL Team by me or anyone else; baseless accusation does not help your position at all. Secondly:
http://www.sqlteam.com/Forums/topic.asp?TOPIC_ID=17198
The reasons for removing the link you posted were VERY POLITELY explained in that thread. The encryption weaknesses in MS products are not correctable by anyone outside of Microsoft, and providing code that exploits their weaknesses only makes them weaker and makes innocent users more vulnerable.
I'm trying to reconcile your concern for SQL Team's security against your public posting of details on how to exploit its weaknesses, and so far I can't...if you were truly interested in helping you could have easily sent a private email instead of hanging a sign out that says "This is how to break the encryption".
quote:
I think that this forum is completely controlled by “moderators” and reflects only their own opinion...
The moderator's job is moderate posts to the forums that are not in line with its stated goals and guidelines; SQL Team is certainly no exception and not nearly as closed-minded as you would suggest. For you to even suggest that it only reflects my opinion proves pretty clearly you haven't been reading SQL Team...in this thread no less. If I wasn't open to your dissenting opinion, I could just delete your posts as you have claimed, and that simply hasn't happened.quote:
but I’ll post further my findings and thoughts here because I’d like to share information.
If you can do that without needlessly criticizing the contributors, please do. Jay managed to do it very nicely; examples such as his are welcomed here on SQL Team.
|
|
|
|
jimmers
Starting Member
12 Posts |
Posted - 11/06/2002 : 11:36:37
|
2Page47:
I mean that code doesn't strip special symbols for shell.
BTW xp_fileexist is undocumented one and maybe dropped, replaced, modified in any hotfix/service pack. Anyway, the solution you've
posted is better than nothing!
Cheers
|
|
|
|
jimmers
Starting Member
12 Posts |
Posted - 11/06/2002 : 12:29:04
|
2robvolk:
quote:
Reporting a "bug" as you call it without any detail on how to fix it is not particularly helpful.
Why you decide what is helpful and what is not? Let site visitors decide.
quote:
OK, the key term I see there is "FIX 'EM", so where's the bug fix?
Where? Fix should be supplied by author. If this is impossible I've mentioned two
system functions that may be used as reference when coding. You should read
carefully posting before blaming them. Also I'm not glad to hear comparisons with
script kiddies.
quote:
Well, I have not received an email from you or anyone else about these kinds of vulnerabilities...
I'm sure that now you'll deny the fact that I've sent such mails. However, it doesn't
matter - believe or not I was able to query underlying SQL Server database.
quote:
Not one of your posts was ever deleted from SQL
Yes, I'm wrong - it was partially deleted. Link was the most important part of the message.
I won't discuss your policy about security because your approach seems to be not serious.
quote:
If you can do that without needlessly criticizing the contributors
Where I've needlessly criticized contributor (nr)? I've stressed an error in T-SQL.
Lets stop this endless discussion and let me post my messages without your meaningless comments.
Who wants will take them into account.
|
|
|
|
graz
Chief SQLTeam Crack Dealer
USA
4128 Posts |
Posted - 11/06/2002 : 12:47:52
|
Since this topic has strayed quite a ways off topic I've started a new thread. Please continue any discussion not directly related to THIS article there.
Thanks,
graz
http://www.sqlteam.com/Forums/topic.asp?TOPIC_ID=21368
===============================================
Creating tomorrow's legacy systems today.
One crisis at a time. |
|
|
|
cdeclos
Starting Member
Belgium
1 Posts |
Posted - 05/05/2010 : 04:19:19
|
Hello Folks
Thanks for this great script.... However, I implemented it on one of our SQL 2005 boxes and I'm running into some trouble when it comes to backing up the logs : on the server, there is a mix of simple & full recovery models databases. I would have liked to add a condition that takes this parameter into account, but I'm a complete noob in SQL scripting :-)
An idea, someone ?
Thanks,
Christian |
|
|
|
Kristen
Test
United Kingdom
22191 Posts |
Posted - 05/05/2010 : 05:09:06
|
Have a look at Tara's blog (on this site).
The article you are commenting on was written in 2002 ... so probably not best-of-breed for current versions of SQL Server. |
|
|
|
Apex
Starting Member
Turkey
2 Posts |
Posted - 03/30/2011 : 15:17:16
|
i can not run, I would like to receive automatic backup for sql server 2005 express edition but getting this error. how can i solve this problem
Error
Msg 208, Level 16, State 1, Procedure spBackupAllDatabases, Line 42
Invalid object name 'DatabaseBackup'.
(1 row(s) affected) |
|
|
|
Apex
Starting Member
Turkey
2 Posts |
Posted - 04/01/2011 : 06:17:34
|
quote:
Originally posted by Apex
i can not run, I would like to receive automatic backup for sql server 2005 express edition but getting this error. how can i solve this problem
Error
Msg 208, Level 16, State 1, Procedure spBackupAllDatabases, Line 42
Invalid object name 'DatabaseBackup'.
(1 row(s) affected)
this problem resolved.but i don't understand delete old backups chapter |
|
|
|
Topic |
|
Article: Database Backup Script
