Escaping hyphen in MySQL query (not using a backtick) - mysql

We have an existing schema we're trying to fit some quartz tables into, but the tables are named with hyphen in them, so we'd like to use a prefix like "08-Scheduling_QUARTZ_"
Since quartz doesn't wrap any of the queries in back ticks, the prefix doesn't work.
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '08-Scheduling_QUARTZ_TRIGGERS SET TRIGGER_STATE = 'WAITING' WHERE SCHED_NAME' at line 1]]
Curious if there is any chance there is some other way to escape the "-" in a mysql query other than `` around the whole table name?
I've tried
x'-'x
x\-x
x"-"x
x`-`x

No, you must delimit the identifier if it has certain punctuation characters.
In MySQL, the default identifier delimiter is the back-tick.
If you enable the ANSI or ANSI_QUOTES SQL modes, you can use double-quotes as an identifier delimiter.
If you don't want to use delimiters, you must choose a different convention for prefixing your table names. You could use _ for example.
Read https://dev.mysql.com/doc/refman/8.0/en/identifiers.html for more details on the characters permitted in identifiers without delimiters.

Related

Can Doctrine save fields which are reserved keys?

I have a table with "from", "with" columns too. When I want to persist it, I get an exception:
PDOException' with message 'SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from, with, fb_email, fb_id, fb_login_code, fb_hometown, fb_location, fb_tagged_' at line 1' in
I affraid the "from" and "with" names causes this, any idea?
As documented under Quoting Reserved Words:
Sometimes it is necessary to quote a column or table name because of reserved word conflicts. Doctrine does not quote identifiers automatically, because it leads to more problems than it would solve. Quoting tables and column names needs to be done explicitly using ticks in the definition.
<?php
/** #Column(name="`number`", type="integer") */
private $number;
Doctrine will then quote this column name in all SQL statements according to the used database platform.
Warning
Identifier Quoting does not work for join column names or discriminator column names unless you are using a custom QuoteStrategy.
For more control over column quoting the Doctrine\ORM\Mapping\QuoteStrategy interface was introduced in 2.3. It is invoked for every column, table, alias and other SQL names. You can implement the QuoteStrategy and set it by calling Doctrine\ORM\Configuration#setQuoteStrategy().
The ANSI Quote Strategy was added, which assumes quoting is not necessary for any SQL name. You can use it with the following code:
<?php
use Doctrine\ORM\Mapping\AnsiQuoteStrategy;
$configuration->setQuoteStrategy(new AnsiQuoteStrategy());
For yaml orm mapping you have to specify column with escaped quotes :
fields:
order:
column: "`order`"
type: integer

when i will run this query it will give an error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'specific) VALUES ('5.jpg','kids','anyone')' at line 1,,
My query is
$sql="INSERT INTO imagetable(image,name,specific) VALUES ('$dbimage','$dbname','dbspec')";
specific is a reserved word in MySQL. Either use backticks to escape it or use another name for your column.
INSERT INTO imagetable (image, name, `specific`)
VALUES ('$dbimage','$dbname','dbspec')
sql="INSERT INTO `imagetable` (`image`,`name`,`specific`) VALUES ('$dbimage','$dbname','dbspec')";
While not required, it is a good practice to surround your column names (and table names) with ` characters. This avoids issues with reserved words used by the SQL language.
The reason you are getting this issue is because "specific" is a reserved keyword by the SQL language. Think of it like trying to name a variable "if". Since the keyword "if" is reserved by the coding language, you cannot do this. It is the same concept with "specific" in SQL.

SQL update statement with default as column name

I've got an SQL code to update values in a column.
I need to find one query to work for MS SQL and MySQL.
The main problem is that the columns which I'm using are Default and Type which are saved names in the SQL and therefore it doesn't work with the normal update statements.
I've found the following solutions, but I would like to make one query for both -
--Clearing Data logs Defualt MS SQL
UPDATE queries
SET [Default] = 0
FROM queries
WHERE [Type] = 4
--Clearing Data logs Defualt MySQL
UPDATE queries q
SET q.Default = 0
WHERE q.TYPE = 4
Thanks a lot for the help!
You've got to enable ANSI quotes for both servers. If you do that you could use double quotes to quote your identifiers.
For MySQL:
SET sql_mode = 'ANSI_QUOTES'
Treat “"” as an identifier quote character (like the “” quote
character) and not as a string quote character. You can still use “”
to quote identifiers with this mode enabled. With ANSI_QUOTES enabled,
you cannot use double quotation marks to quote literal strings,
because it is interpreted as an identifier.
For MS SQL Server.
SET QUOTED_IDENTIFIER ON
Causes SQL Server to follow the ISO rules regarding quotation mark
delimiting identifiers and literal strings. Identifiers delimited by
double quotation marks can be either Transact-SQL reserved keywords or
can contain characters not generally allowed by the Transact-SQL
syntax rules for identifiers.
Now you can write the single query that works for both, MS SQL Server and MySQL:
UPDATE queries q
SET q."Default" = 0
WHERE q."TYPE" = 4
And before I forget it: best way out of such problems is to avoid reserved words as identifiers, see solution 1. You've got to avoid reserved words of all involved worlds (T-SQL and the sql dialect of MySQL).

Mysql handling with single quotes conflict

I'm using joomla to develop sites, but I'm having a strange error. I have a syntax error in the following code:
$q = "TRUNCATE TABLE ".$db->quote('#__csvi_available_fields');
Which give output on runtime:
TRUNCATE TABLE 'erx_csvi_available_fields'
But mysql shows an error:
JDatabaseMySQL::query: 1064 - You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the
right syntax to use near ''#__csvi_available_fields'' at line 1
SQL=TRUNCATE TABLE '#__csvi_available_fields'
The strange thing is when I run without quotes, it runs normal:
TRUNCATE TABLE erx_csvi_available_fields <-- works without problem
Any idea what went wrong here ?
As other have said the wrong quotes have been added.
When using Joomla's JDatabase to provide quoting there are two different functions you can call one for values and another for database, table or column/field names.
To make your example line work you need to use quoteName() as follows:
$q = "TRUNCATE TABLE ".$db->quoteName('#__csvi_available_fields');
The $db->quote() is used to quote values being used in the SQL.
You can read through /libraries/joomla/database/database.php for an idea of how the abstraction is supposed to work.
don't use single quotes "'". use "`" (left to the numbers on your keyboard). normal single quotes are for strings, same as double quotes
Single quotes are used for strings, you should use backticks for names.
From the MySQL manual:
The identifier quote character is the backtick (`)
Also have a look at this Stackoverflow question: Using backquote/backticks for mysql queries

Error in MySQL Query (Banned Word?)

I have an MySQL query, which returns an error message. I think it could be due to the word "out". Normally, I would just change the field name but I am working on some software that I am not used to and I don't know how much of a change that would be. So, I want to be sure if I have to.
Here is the query:
SELECT * FROM probid_bids WHERE auctionid=73 AND out=0 AND invalid=0
Here the error message:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'out=0 AND invalid=0' at line 1
OUT is indeed a reserved word. You can encase the column names in backticks to quote the names, and thus avoid this problem, like so:
SELECT * FROM probid_bids WHERE `auctionid`=73 AND `out`=0 AND `invalid`=0
OUT is a reserved word (it is used to specify the type of parameters -- IN, OUT, INOUT -- when creating procedures). Try enclosing it inside backticks (`).
The rules regarding how and when to quote the identifiers (table names, column names, etc) are described here.
Note: certain MySQL configurations allow you to use double quotes as well but this should be avoided; stick with using backticks to quote identifiers and single quotes to quote strings.
Escape the keys:
SELECT * FROM `probid_bids` WHERE `auctionid`=73 AND `out`=0 AND `invalid`=0