The following works fine in my C# program:
string dbSQL = "SELECT stationID, stationLatitude, stationLongitude FROM stations_noaa" +
" WHERE stationLatitude BETWEEN " + LatLow + " AND " + LatHi +
" INTERSECT " +
"SELECT stationID, stationLatitude, stationLongitude FROM stations_noaa" +
" WHERE stationLongitude BETWEEN " + LongLow + " AND " + LongHi;
I did invest quite a bit of time trying to get the multiple between criteria in one SELECT statement before settling on this. Is it possible?
Related
String query = "insert into course_data values(null," + CourseName + ","
+ SCrsDesrpTemp + "," + CrsDes + "," + crsurl + ","
+ youtube + "," + sqlStrDate + "," + crsduration + ","
+ CrsImg + "," + "'Open2Study', 'Free', 'English', 'Yes'," + CrsImgUni + date + ")";
I keep getting syntax errors. The variable names are strings that hold values from scraped websites. I printed them out and they work fine, they all are of type string. But for some reason, I keep getting syntax error in the SQL query.
When presented to the database like this, string (and date) values need to be in single quotes.
String query = "insert into course_data values(null,'" + CourseName + "','"
+ SCrsDesrpTemp + "','" + CrsDes + "','" + crsurl + "','"
+ youtube + "','" + sqlStrDate + "','" + crsduration + "','"
+ CrsImg + "'," + "'Open2Study', 'Free', 'English', 'Yes','" + CrsImgUni + date + "')";
The last part may be incorrect "CrsImgUni + date" and you may need to ensure that dates are formatted correctly.
See also What is SQL injection?
My problem is: if I change the query string below to select * from table;, it works fine. but if I execute the query string below, it throws an error:
SQL error: Invalid column number. Cannot less than or equal zero.
This is the code:
columnHeader = " 'id', 'pat_name', 'pat_age' ";
var filename = $('serType') + $('serId') + ".csv";
var reporting_exportQuery = "select " + columnHeader +
" union all " +
"select * " +
"from " + $('serType') +
" into outfile 'C://mytest/reports/service reports/"+$('serType') + "/" + "" + filename + "' " +
"fields terminated by ',' " +
"lines terminated by '\\n';";
var test = "select * from Age;";
reporting_DBConn = DatabaseConnectionFactory.createDatabaseConnection('com.mysql.jdbc.Driver',:D);
logger.info(reporting_exportQuery);
var result = reporting_DBConn.executeCachedQuery(reporting_exportQuery);
You are adding(union) one column columnHeader with all columns (*) from table. You can do like this
SELECT 'columnHeader',table_alias.* FROM TABLE table_alias...
var filename = $('serType') + $('serId') + ".csv";
var reporting_exportQuery =
"select 'columnHeader',table_alias.* " +
"from " + $('serType') table_alias+
" into outfile 'C://mytest/reports/service reports/"+$('serType') + "/" + "" + filename + "' " +
"fields terminated by ',' " +
"lines terminated by '\\n';";
var test = "select * from Age;";
reporting_DBConn = DatabaseConnectionFactory.createDatabaseConnection('com.mysql.jdbc.Driver','jdbc:mysql://localhost:3310/cnwlreports', :D);
logger.info(reporting_exportQuery);
var result = reporting_DBConn.executeCachedQuery(reporting_exportQuery);
My guess is columnHeader have a diferent number of columns than select * in the union part.
Step to debug.
print the result string reporting_exportQuery
try running that string on the MySql.
Added:
First Select doesn't have FROM part
.
var reporting_exportQuery =
"select " + columnHeader +
"FROM SomeTable" <--- need FROM
" union all " +
"select " + columnHeader + <--- need same columns
Is it possible to prepend text to an SQL select statement. e.g.:
var query = "SELECT id, " +
"picture "
"FROM people";
to
var query = "SELECT id, " +
"picture AS './directory/' + picture "
"FROM people";
Yes. Something like this:
var query = "SELECT id, " +
"concat('./directory/',picture) AS picture "
"FROM people";
Bit more details: http://dev.mysql.com/doc/refman/5.0/en/string-functions.html#function_concat
You are constructing the query as a string, so yes, you can do this. However, you have to insert the value as a constant. Something like:
var query = "SELECT id, " +
"picture AS " + directory " + "picture "
"FROM people";
However, directory would need to be a value in the application and not the database (although another statement could read it).
Following Sql Query is throwing an ODBCException:
cmd.CommandText = "Select Max(" + primaryKey + ") from " + tableName + " where " + primary_key + " >= " + strt_rng[ftr_index] + " and " + primary_key + " < " + end_rng;
Actual Query is as follows:
SELECT MAX(FtreId) FROM tbmftre WHERE FtreId >=101 AND FtreId < 1000
Am i missing quotes in above query?
my sql statments are as follows
the insert statement only works
update and delete statements don't work
Purchase_InvoiceNo is a primary key column of Purchase table
i get this value like this and insert its value to PurchaseProduct table
"SELECT IDENT_CURRENT ('Purchase') AS [Purchase_InvoiceNo]"
string deletecmd_PurchaseProduct =
#"DELETE FROM PurchaseProduct " +
"PurchaseProduct_No=#PurchaseProduct_No and "+
"Purchase_InvoiceNo=#Purchase_InvoiceNo ";
string updatcmd_PurchaseProduct =
"UPDATE PurchaseProduct "
+ " SET "
+ " PurchaseProduct_SerialNo =#PurchaseProduct_SerialNo"
+ ", Purchase_InvoiceNo =#Purchase_InvoiceNo"
+ ", ProductNo =#ProductNo"
+ " PurchaseProduct_Quantity =#PurchaseProduct_Quantity "
+ ", PurchaseProduct_Unit =#PurchaseProduct_Unit"
+ ", PurchaseProduct_Price =#PurchaseProduct_Price"
+ " Where "
+ " PurchaseProduct_No=#PurchaseProduct_No";
string insertcmd_PurchaseProduct = "INSERT INTO PurchaseProduct" +
"(" +
" PurchaseProduct_SerialNo"+
",Purchase_InvoiceNo" +
",ProductNo" +
",PurchaseProduct_Quantity " +
",PurchaseProduct_Price" +
",PurchaseProduct_Unit" + //6
")" +
"Values" +
"(" +
" #PurchaseProduct_SerialNo"+
",#Purchase_InvoiceNo" +
",#ProductNo " +
",#PurchaseProduct_Quantity " +
",#PurchaseProduct_Price" +
",#PurchaseProduct_Unit" + //6
");";
Your Delete command appears to be incomplete:
string deletecmd_PurchaseProduct =
#"DELETE FROM PurchaseProduct " +
"PurchaseProduct_No=#PurchaseProduct_No and "+
"Purchase_InvoiceNo=#Purchase_InvoiceNo ";
should be:
string deletecmd_PurchaseProduct =
#"DELETE FROM PurchaseProduct WHERE" +
"PurchaseProduct_No=#PurchaseProduct_No and "+
"Purchase_InvoiceNo=#Purchase_InvoiceNo ";
I can't see why the INSERT should fail unless you're inserting a duplicate primary key value or you're not inserting data into a non-nullable field which does not have a default.
string updatcmd_PurchaseProduct =
"UPDATE PurchaseProduct "
+ "SET PurchaseProduct_SerialNo = #PurchaseProduct_SerialNo, "
+ "Purchase_InvoiceNo = #Purchase_InvoiceNo, "
+ "ProductNo = #ProductNo, "
+ "PurchaseProduct_Quantity = #PurchaseProduct_Quantity, "
+ "PurchaseProduct_Unit = #PurchaseProduct_Unit, "
+ "PurchaseProduct_Price = #PurchaseProduct_Price "
+ "Where PurchaseProduct_No = #PurchaseProduct_No";
There was a missing comma above.