Sybase NNTP forums - End Of Life (EOL)

The NNTP forums from Sybase - forums.sybase.com - are now closed.

All new questions should be directed to the appropriate forum at the SAP Community Network (SCN).

Individual products have links to the respective forums on SCN, or you can go to SCN and search for your product in the search box (upper right corner) to find your specific developer center.

error when using webservice to update a table?

2 posts in General Discussion Last posting was on 2007-11-05 16:28:28.0Z
gpzhang Posted on 2007-11-05 05:21:16.0Z
From: "gpzhang" <gpzhang@sybase.com>
Newsgroups: ianywhere.public.general
Subject: error when using webservice to update a table?
Lines: 27
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.3138
X-RFC2646: Format=Flowed; Original
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
NNTP-Posting-Host: gpzhang-desktop.sybase.com
X-Original-NNTP-Posting-Host: gpzhang-desktop.sybase.com
Message-ID: <472ea84c$1@forums-1-dub>
Date: 4 Nov 2007 21:21:16 -0800
X-Trace: forums-1-dub 1194240076 10.42.14.187 (4 Nov 2007 21:21:16 -0800)
X-Original-Trace: 4 Nov 2007 21:21:16 -0800, gpzhang-desktop.sybase.com
X-Authenticated-User: pbplugin
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub ianywhere.public.general:6530
Article PK: 3128

Hi,

I created simple webservice which does not define operations.

CREATE SERVICE "AnyHa" TYPE 'HTML' USER "DBA";

I can call like

http://localhost:8008/demo/AnyHa?select * from ulcustomer to select from
tables.

But when I call like

http://localhost:8008/demo/AnyHa?update ulcustomer set cust_name='he' where
cust_id=2000

I got : 400 bad request.

But I can ran the sql correctly in dbisql. Any idea about it?

BTW, i can create a stored procedure calling update statement and
successfully call the stored procedure via http://localhost:8008/demo/AnyHa
to do the update.

Thanks,


"Nick Elson" < Posted on 2007-11-05 16:28:28.0Z
From: "Nick Elson" <@@@nick@@@.@@@elson@sybase@@@.@@@com@@@>
Newsgroups: ianywhere.public.general
References: <472ea84c$1@forums-1-dub>
Subject: Re: error when using webservice to update a table?
Lines: 76
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
X-RFC2646: Format=Flowed; Response
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
NNTP-Posting-Host: nicelson-d620.sybase.com
X-Original-NNTP-Posting-Host: nicelson-d620.sybase.com
Message-ID: <472f44ac$1@forums-1-dub>
Date: 5 Nov 2007 08:28:28 -0800
X-Trace: forums-1-dub 1194280108 10.25.98.247 (5 Nov 2007 08:28:28 -0800)
X-Original-Trace: 5 Nov 2007 08:28:28 -0800, nicelson-d620.sybase.com
X-Authenticated-User: techsupp
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub ianywhere.public.general:6533
Article PK: 3129

You should expect a lot of traffic on this thread about
SQL Spoofing and the need to avoid doing this.
[your URL use of SQL is wide open to abuse but
persons who are not so caring about your systems as
you may want]

As to your mal-formed URL (and only on the matter
of 'well formed' URLs), you have a few issues. For
example the use of spaces (while obviously not
currently fatal to your tests) is really supposed
to be escaped as %20. In your first URL that
would look like

http://localhost:8008/demo/AnyHa?select%20*%20from%20ulcustomer%20to%20select%20from%20tables

Some browsers/http clients can tolerate spaces and
others can not; see you news reader's inability to
highlight your whole URL as a proper link below
for an example of same.

Even more seriously, "=" is one of the reserved
characters for a URL [see rfc 1738 if interested].
So are
";" "/" "?" ":" "@" and "&"

unless used for their specific purpose.


As to the "=" character, all URL parameters are
expected to be encoded as assignment pairs
so your use of '=' in that update statement is going
to be confusing your browser/http client . Instead
of the 2 '=' characters you will likely need to encode
those at '%3D's instead to get a Valid URL. As in

http://localhost:8008/demo/AnyHa?update ulcustomer set cust_name%3D'he'
where cust_id%3D2000

That much should get you past the confusion over
the "=". You next hurtle will wbe parsing that inside
your service. For that you will probably require the
use of
http_decode( )

"gpzhang" <gpzhang@sybase.com> wrote in message
news:472ea84c$1@forums-1-dub...
> Hi,
>
> I created simple webservice which does not define operations.
>
> CREATE SERVICE "AnyHa" TYPE 'HTML' USER "DBA";
>
> I can call like
>
> http://localhost:8008/demo/AnyHa?select * from ulcustomer to select from
> tables.
>
> But when I call like
>
> http://localhost:8008/demo/AnyHa?update ulcustomer set cust_name='he'
> where cust_id=2000
>
> I got : 400 bad request.
>
> But I can ran the sql correctly in dbisql. Any idea about it?
>
> BTW, i can create a stored procedure calling update statement and
> successfully call the stored procedure via
> http://localhost:8008/demo/AnyHa to do the update.
>
> Thanks,
>