Stinging Insects
- Date: 2007-01-23 - Word Count: 1051
Share This!
MySQL Server is the most widely used database management system in the world, primarily because it is open source and free. Hence, most databases you may get from outside sources will probably be in the form of a MySQL injection script. This is fine if you use MySQL for your own website databases, but if you use Microsoft SQL Server the script will require a little editing before it will work.
The first thing you'll need to do is remove any comment lines from the script. MySQL comment lines begin with a pound character ("#") and MSSQL comment lines begin with a double dash ("--"), which makes them completely incompatible and will product a syntax error if you try to import a MySQL injection as-is into MSSQL Server. So to get started, open up Query Analyzer if you haven't already (the easiest way to run scripts in MSSQL Server), load up the injection script you are working with, and remove any comment lines (look for the pound symbol). It is easier just to remove them than it is to try and convert them to propery MSSQL syntax, and they are just comment lines anyway so it won't affect anything.
The bulk of your script will most likely be a series of INSERT statements, and these aren't very different in MSSQL as compared to MySQL. However, your script may also include at the beginning a small section that creates the database table where the data will be inserted, and this CREATE TABLE statement is likely to be VERY different in MSSQL, depending on how complicated it is (there could be primary and secondary keys, constraints, even triggers -- the more of these the more the syntax changes from MySQL to MSSQL). Since this is likely to give you the most trouble, it is recommended that you create the database tables manually in Enterprise Manager rather than trying to convert the syntax of the script snippet. Looking at the code, you should be able to easily identify the fields and their types (such as int, varchar, text, etc). Once you have the database table created in Enterprise Manager, delete the snippet of code from the injection script that deals with the creation of the table.
Now all that remains is to convert the INSERT statements to the proper syntax for MSSQL Server. There are a few different steps to accomplish this, but none of them are very complicated. The first difference in syntax between MySQL and MSSQL is that in MySQL, all statements must end with a semicolon (";"). In MSSQL, this is a syntax error. The easiest way to remove these semicolons is to do a search and replace, and since the INSERT statements should be passing a series of values for each record of data, each line of the MySQL script will most likely end with a paranthesis and semicolon (");"). So, do a search and replace and replace all instances of ");" with just the parenthesis ")".
Another difference that you will have to correct for is that your MySQL injection script will most likely use an acute accent / reverse apostrophe (ANSI character 180) around the table name on each line. In MSSQL Server, you can encapsulate an object's name (such as a table's) with either square brackets ("[" and "]") or nothing at all. However, you probably don't want to do a blanket search-and-replace of the reverse apostrophe character, because that character might be used in the data of each record (especially if the data contains text, such as an article body). The easiest way to correct for this difference in syntax, then, is to do another search and replace, and replace all instances of the reverse apostrophe AND the table name, for example "`articles`" with just the table name "articles".
Finally, there will also be numerous occurrences of apostrophes throughout the text fields of the data, and the apostrophe character is used to encapsulate strings in the script. In MySQL, the way to escape an apostrophe so that the script knows it is part of the text and not the end of the string, is to use a backslash followed by the apostrophe ("'"). In a MSSQL Server script, the proper way to escape an apostrophe is to use a double apostrophe ("''"). So, one more search and replace is called for -- this time, replace all instances of ['] with [''] (double apostrophe, NOT an actual quotation mark).
Once these steps are all complete, you are ready to run the script! There shouldn't be any other syntax changes you'll have to make, but don't worry if there are because when you execute the injection script it will tell you if there are any errors. If everything was corrected properly and there are no errors, you should get a series of "1 row(s) affected" responses -- one for each INSERT statement in the script. If you want to verify that the proper number of records are in the database table, you can execute a "select count(*) from tablename" statement to count the rows of the table -- it should match the number of lines in the injection script, give or take a few for blank lines, etc.
That's it! Your options are now increased tremendously, because now you can use either MySQL or MSSQL injection scripts to import acquired databases into your database system. If you use MySQL as your dbms, you can do this process in reverse to convert a MSSQL injection script into a MySQL one. Either way, you now can import data using an injection script from either of the two most popular database management systems in the world. Now, where to obtain such databases or injection scripts is another question entirely, and beyond the scope of this article. Suffice it to say that there are numerous sources on the internet where you can purchase or acquire databases -- a good one is www.WebContents.org. I think you will find that not only is it much easier to acquire content databases for your users than it is to build them from scratch, but it also is an easy way to add a lot of new, fresh content for your users with a minimal amount of time and effort. Using this method, you can get databases of articles, jokes, quotes, recipes, etc, and put them right on your website or any other database-integrated application, with very little work. Good luck!
The first thing you'll need to do is remove any comment lines from the script. MySQL comment lines begin with a pound character ("#") and MSSQL comment lines begin with a double dash ("--"), which makes them completely incompatible and will product a syntax error if you try to import a MySQL injection as-is into MSSQL Server. So to get started, open up Query Analyzer if you haven't already (the easiest way to run scripts in MSSQL Server), load up the injection script you are working with, and remove any comment lines (look for the pound symbol). It is easier just to remove them than it is to try and convert them to propery MSSQL syntax, and they are just comment lines anyway so it won't affect anything.
The bulk of your script will most likely be a series of INSERT statements, and these aren't very different in MSSQL as compared to MySQL. However, your script may also include at the beginning a small section that creates the database table where the data will be inserted, and this CREATE TABLE statement is likely to be VERY different in MSSQL, depending on how complicated it is (there could be primary and secondary keys, constraints, even triggers -- the more of these the more the syntax changes from MySQL to MSSQL). Since this is likely to give you the most trouble, it is recommended that you create the database tables manually in Enterprise Manager rather than trying to convert the syntax of the script snippet. Looking at the code, you should be able to easily identify the fields and their types (such as int, varchar, text, etc). Once you have the database table created in Enterprise Manager, delete the snippet of code from the injection script that deals with the creation of the table.
Now all that remains is to convert the INSERT statements to the proper syntax for MSSQL Server. There are a few different steps to accomplish this, but none of them are very complicated. The first difference in syntax between MySQL and MSSQL is that in MySQL, all statements must end with a semicolon (";"). In MSSQL, this is a syntax error. The easiest way to remove these semicolons is to do a search and replace, and since the INSERT statements should be passing a series of values for each record of data, each line of the MySQL script will most likely end with a paranthesis and semicolon (");"). So, do a search and replace and replace all instances of ");" with just the parenthesis ")".
Another difference that you will have to correct for is that your MySQL injection script will most likely use an acute accent / reverse apostrophe (ANSI character 180) around the table name on each line. In MSSQL Server, you can encapsulate an object's name (such as a table's) with either square brackets ("[" and "]") or nothing at all. However, you probably don't want to do a blanket search-and-replace of the reverse apostrophe character, because that character might be used in the data of each record (especially if the data contains text, such as an article body). The easiest way to correct for this difference in syntax, then, is to do another search and replace, and replace all instances of the reverse apostrophe AND the table name, for example "`articles`" with just the table name "articles".
Finally, there will also be numerous occurrences of apostrophes throughout the text fields of the data, and the apostrophe character is used to encapsulate strings in the script. In MySQL, the way to escape an apostrophe so that the script knows it is part of the text and not the end of the string, is to use a backslash followed by the apostrophe ("'"). In a MSSQL Server script, the proper way to escape an apostrophe is to use a double apostrophe ("''"). So, one more search and replace is called for -- this time, replace all instances of ['] with [''] (double apostrophe, NOT an actual quotation mark).
Once these steps are all complete, you are ready to run the script! There shouldn't be any other syntax changes you'll have to make, but don't worry if there are because when you execute the injection script it will tell you if there are any errors. If everything was corrected properly and there are no errors, you should get a series of "1 row(s) affected" responses -- one for each INSERT statement in the script. If you want to verify that the proper number of records are in the database table, you can execute a "select count(*) from tablename" statement to count the rows of the table -- it should match the number of lines in the injection script, give or take a few for blank lines, etc.
That's it! Your options are now increased tremendously, because now you can use either MySQL or MSSQL injection scripts to import acquired databases into your database system. If you use MySQL as your dbms, you can do this process in reverse to convert a MSSQL injection script into a MySQL one. Either way, you now can import data using an injection script from either of the two most popular database management systems in the world. Now, where to obtain such databases or injection scripts is another question entirely, and beyond the scope of this article. Suffice it to say that there are numerous sources on the internet where you can purchase or acquire databases -- a good one is www.WebContents.org. I think you will find that not only is it much easier to acquire content databases for your users than it is to build them from scratch, but it also is an easy way to add a lot of new, fresh content for your users with a minimal amount of time and effort. Using this method, you can get databases of articles, jokes, quotes, recipes, etc, and put them right on your website or any other database-integrated application, with very little work. Good luck!
Related Tags: microsoft, server, convert, script, mysql, injection, mssql, sql, syntax
Your Article Search Directory : Find in Articles
Recent articles in this category:
- How to Capitalize on Free Content From Podcasts
One of the major challenges for every website owner is generating compelling content that will - Looking for a Niche? 40 Keyword Suggestions
One of the most important steps foraffiliate marketing and Internet marketing is finding a go - 5 Benefits Of Having Your Own Home Business
There is no secret to why millions of people are flocking to the internet to start their own h - Optimized Articles Drive Traffic to Websites
Benefits of SEO ArticlesSEO Articles can help move websites up in the search engines and are o - Why You Should Be Using an Online Backup Service
Online BackupOnline backup services are relatively new but they are gaining popularity at the - FREEDOM1-PACKAGE.COM/ YOUR TOP MONEY ONLINE BUSINESSES Presents:
FREEDOM1-PACKAGE.COM/ YOUR TOP MONEY ONLINE BUSINESSES!Presents:Evaluating Your Website Traffi - 3 Bonuses To Success University's Already Stellar Program
It is not very often that you will come across a program to the likes of Success University. - How to Optimize Your Website For Better Visitor Experience and More Traffic
This article describes in simple terms, practical and effective tactics used to optimize your - Do You Like Being On Top? A Global Domains International Position.
If you like to be on top then you are just like millions of other web site owners trying to po - Internet Marketer's Dream: 8 Productivity Tips for Firefox Browser Users
Here are 8 productivity tips specifically for Mozilla Firefox users:1) SearchStatus. Set your
Most viewed articles in this category:
- The Webmaster's Assistant
There are many tools available to a webmaster to analyse website traffic allowing them to monitor th - Free Webmaster Resources
The overall importance of Quality Web Development or Web Design Tools is a factor among webmast - Webmaster Staff Leasing
Some of you might be wondering what webmaster staffing means? So just to make it clear for everyone - 6 Steps to a More Successful Website in 2006
Another year has passed and a new one has dawned. It's an exciting time to have an online business. - Web Analytics - Getting It Right
Understanding and using web analytics.In recent years, website marketers were concerned with increas - Want Your Website Visitors to Return?
If your like me you have searched on every search engine any possible way to advertise your website. - 4 Nearly FREE Ways for a Web Designer to Establish a Local Presence
Everyone seems to be a web designer these days. From your uncle’s neighbor’s nephe - HTML Editors
If you're the typical non professional user then you are probably familiar with the more popular one - Easy Content Management with Server Side Includes (part 1)
I honestly see very few websites that can really say they don’t need some sort of Content Mana - Reasons why you should have a Weblogger installed on your web site.
Radhika Venkata (c).I don't know about you, but when I built my first web site threeyears back I don