I created simple webservice which does not define operations.
CREATE SERVICE "AnyHa" TYPE 'HTML' USER "DBA";
I can call like
http://localhost:8008/demo/AnyHa?select * from ulcustomer to select from
But when I call like
http://localhost:8008/demo/AnyHa?update ulcustomer set cust_name='he' where
I got : 400 bad request.
But I can ran the sql correctly in dbisql. Any idea about it?
BTW, i can create a stored procedure calling update statement and
successfully call the stored procedure via http://localhost:8008/demo/AnyHa
to do the update.
Subject: error when using webservice to update a table?
X-Newsreader: Microsoft Outlook Express 6.00.2900.3138
X-RFC2646: Format=Flowed; Original
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
Date: 4 Nov 2007 21:21:16 -0800
X-Trace: forums-1-dub 1194240076 10.42.14.187 (4 Nov 2007 21:21:16 -0800)
X-Original-Trace: 4 Nov 2007 21:21:16 -0800, gpzhang-desktop.sybase.com
Xref: forums-1-dub ianywhere.public.general:6530
Article PK: 3128
Subject: Re: error when using webservice to update a table?
X-Newsreader: Microsoft Outlook Express 6.00.2900.2869
X-RFC2646: Format=Flowed; Response
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962
Date: 5 Nov 2007 08:28:28 -0800
X-Trace: forums-1-dub 1194280108 10.25.98.247 (5 Nov 2007 08:28:28 -0800)
X-Original-Trace: 5 Nov 2007 08:28:28 -0800, nicelson-d620.sybase.com
Xref: forums-1-dub ianywhere.public.general:6533
Article PK: 3129
You should expect a lot of traffic on this thread about
SQL Spoofing and the need to avoid doing this.
[your URL use of SQL is wide open to abuse but
persons who are not so caring about your systems as
you may want]
As to your mal-formed URL (and only on the matter
of 'well formed' URLs), you have a few issues. For
example the use of spaces (while obviously not
currently fatal to your tests) is really supposed
to be escaped as %20. In your first URL that
would look like
Some browsers/http clients can tolerate spaces and
others can not; see you news reader's inability to
highlight your whole URL as a proper link below
for an example of same.
Even more seriously, "=" is one of the reserved
characters for a URL [see rfc 1738 if interested].
";" "/" "?" ":" "@" and "&"
unless used for their specific purpose.
As to the "=" character, all URL parameters are
expected to be encoded as assignment pairs
so your use of '=' in that update statement is going
to be confusing your browser/http client . Instead
of the 2 '=' characters you will likely need to encode
those at '%3D's instead to get a Valid URL. As in
http://localhost:8008/demo/AnyHa?update ulcustomer set cust_name%3D'he'
That much should get you past the confusion over
the "=". You next hurtle will wbe parsing that inside
your service. For that you will probably require the