This is my first time creating a sql procedure, and i need some help.
What i am trying to do is to create a procedure that returns true or false if the user has correctly inputed his email and password
DELIMITER $$
CREATE PROCEDURE login(IN email varchar(50), IN password varchar(30))
BEGIN
DECLARE #email VARCHAR(50);
DECLARE #password VARCHAR(50);
IF((SELECT COUNT(id) FROM users WHERE email = #email AND password = #password) = 0, 'true', 'false');
END$$
DELIMITER ;
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '#email VARCHAR(50);
DECLARE #password VARCHAR(50);
IF((SELECT COUNT(id' at line 3
This is the error message, i am using phpMyAdmin
Maybe this example will help you:
create table Test(Pass varchar(100), Mail varchar(100));
insert into Test(Pass, Mail) values('Pass1', "Email1");
insert into Test(Pass, Mail) values('Pass2', "Email2");
insert into Test(Pass, Mail) values('Pass3', "Email3");
DROP FUNCTION IF EXISTS loginFunction;
DELIMITER go
CREATE FUNCTION login(p_Pass char(100), p_Mail char(100)) RETURNS boolean
BEGIN
declare countUser int;
DECLARE flag boolean;
SET flag = IF( (select count(*)
from Test
where Pass = p_Pass and Mail = p_Mail) > 0, 1, 0);
RETURN flag;
END;
go
DELIMITER ;
SELECT login('Pass1', 'Email1');
Demo:
https://paiza.io/projects/sioJelUeAuqfrStgCe2h5w?language=mysql
You want your procedure to return something but you don't use 'return' in it
https://wiki.ispirer.com/sqlways/mysql/techniques/return-value-from-procedure
beside that, your code look very much vulnerable to SQL Injection
https://security.stackexchange.com/questions/68701/how-does-stored-procedure-prevents-sql-injection
Maybe you could consider doing this check in your application instead of inside the database
Related
CREATE PROCEDURE insert_user(in uname varchar(20),in gender varchar(20),in email varchar(20),in phone varchar(20),in pword varchar(20),in city varchar(20))
BEGIN
DECLARE finished integer default 0;
Declare cnt integer default 0;
declare id integer;
DECLARE c_cur cursor for select user_id from user;
DECLARE CONTINUE HANDLE FOR NOT FOUND SET finished = 1;
open c_cur;
ins_user: loop
fetch c_cur into id;
IF finished = 1 THEN
LEAVE ins_user;
end if;
cnt:=id;
end loop ins_user;
cnt:=cnt+1;
insert into user
values(cnt,uname,email,phone,city,pword,gender);
END;
Am getting the error #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'HANDLE FOR NOT FOUND SET finished = 1; open c_cur; ins_user: loop fetch ' at line 7
i am not sure where its getting wrong
Set the Delimiter to something else, other than ;, for eg: $$. This will allow the parser to treat the whole create statement as one.
At the end, redefine the Delimiter back to ;
user is a keyword in MySQL. It is better to rename your table to something else, or use backticks around it.
There is a typo; it should be HANDLER not HANDLE
Try:
DELIMITER $$
DROP PROCEDURE IF EXISTS insert_user $$
CREATE PROCEDURE insert_user(in uname varchar(20),
in gender varchar(20),
in email varchar(20),
in phone varchar(20),
in pword varchar(20),
in city varchar(20))
BEGIN
DECLARE finished INT DEFAULT 0;
Declare cnt INT DEFAULT 0;
declare id INT;
DECLARE c_cur CURSOR FOR select user_id from `user`;
DECLARE CONTINUE HANDLER FOR NOT FOUND SET finished = 1;
open c_cur;
ins_user: loop
fetch c_cur into id;
IF finished = 1 THEN
LEAVE ins_user;
end if;
SET cnt:=id; -- set was missing here
end loop ins_user;
SET cnt:=cnt+1; -- set was missing here
insert into `user`
values(cnt,uname,email,phone,city,pword,gender);
END $$
DELIMITER ;
I tried to make a simple procedure in MariaDB 10.2 but I encountered an issue regarding variables defining.
I am receiving (conn:107) You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 3 message when I declare a variable.
I read the MariaDB documentation and I it says that a variable is defined like this DECLARE var_name [, var_name] ... type [DEFAULT value]
Where I am wrong? I am coming from Oracle SQL and some sintax is wired for me.
I use Eclipse with MariaDB JDBC to connect on SQL.
CREATE PROCEDURE nom_jobs_insert(IN p_name varchar(100) CHARACTER SET 'utf8')
BEGIN
DECLARE counter INT DEFAULT 0;
SELECT count(*) INTO counter
FROM nom_jobs
WHERE lower(name) = lower(p_name)
IF counter = 1 THEN
INSERT INTO nom_jobs(name) VALUES (p_name);
END IF;
END;
I found the solution.
In MariaDB you have to define a delimiter before create a procedure and you need to mark where the procedure code is finished.
DELIMITER //
CREATE PROCEDURE nom_jobs_insert(IN p_name varchar(100) CHARACTER SET 'utf8')
BEGIN
DECLARE counter INT DEFAULT 0;
SELECT count(*) INTO counter
FROM nom_jobs
WHERE lower(name) = lower(p_name);
IF counter = 1 THEN
INSERT INTO nom_jobs(name) VALUES (p_name);
END IF;
END; //
You have error not in DECLARE expression, add ; after SELECT statement
Here are the clues that point to a missing DELIMITER:
near '' at line 3
Line 3 contains the first ;
When the error says near '', the parser thinks it has run off the end of the "statement".
Put those together -- it thinks that there is one 3-line statement ending with ;. But the CREATE PROCEDURE should be longer than that.
CREATE PROCEDURE nom_jobs_insert(IN p_name varchar(100) CHARACTER SET 'utf8')
IS
DECLARE counter INTEGER DEFAULT 0;
BEGIN
SELECT count(*) INTO counter
FROM nom_jobs
WHERE lower(name) = lower(p_name)
IF counter = 1 THEN
INSERT INTO nom_jobs(name) VALUES (p_name);
END IF;
END;
I've written a function but it gives me mistake a the second line (create statement) if anyone could help me, I really appreciate:
CREATE FUNCTION GetPrefix (phone_num VARCHAR(30)) RETURNS varchar(30)
deterministic
BEGIN
DECLARE x INT;
DECLARE prefix varchar(30);
SET x = 0;
for prefix in SELECT code
FROM tab_len
while (length(phone_num)) > 0
do
if prefix<>left(phone_num, length(phone_num)-x)
then set x=x+1 ;
else return 1 ;
END while ;
END $$;
and I receive this error :
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'for prefix in SELECT code
FROM tab_len while (length(phone_n' at line 9
DELIMITER $$
DROP FUNCTION IF EXISTS GetPrefix $$
CREATE FUNCTION GetPrefix
(
phone_num VARCHAR(30)
)
RETURNS varchar(30)
BEGIN
DECLARE var_x INT DEFAULT 0;
DECLARE var_prefix VARCHAR(100);
SET phone_num = IFNULL(phone_num,'');
-- your logic will go here.
return phone_num;
END$$
DELIMITER ;
SELECT GetPrefix('test');
This is right syntax to write a function in mysql.
check out the differences. Take a look Here
I am trying to create a function that returns rowcount. But it returns error again and again.
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 11
DELIMITER $$
CREATE FUNCTION func1(userid INT)
RETURNS INT
NOT DETERMINISTIC
BEGIN
DECLARE var_name INT;
SET var_name = 0;
SELECT COUNT(*) INTO var_name
FROM wps_bal
WHERE u_id = userid;
RETURN var_name;
END$$
Most probably your version of PHPMyAdmin does not support the DELIMITER statement which is not MySQL statement. Here you can find how to create the function in PHPMyAdmin: Store procedures in phpMyAdmin
Yes. This was helpfull
I have created the solution:
DELIMITER $$
CREATE FUNCTION func1(userid INT)
RETURNS INT
NOT DETERMINISTIC
BEGIN
DECLARE var_name INT;
SET var_name = 0;
SELECT COUNT(*) INTO var_name
FROM wps_bal
WHERE u_id = userid;
RETURN var_name;
END$$
DELIMITER ;
Hi
I'm very very new at MySQL and was wondering if anyone could help me out.
I'm trying to build a procedure for my database and am using the following code.
CREATE PROCEDURE `createuser`(username VARCHAR(100), password VARCHAR(100), email VARCHAR(100)) BEGIN
DECLare returnValue int;
IF EXISTS(SELECT 'True' FROM User_Table WHERE(User_Username = username OR User_Email = email))
BEGIN
SET returnValue = 0;
END;
ELSE
BEGIN
SET returnValue = 1;
INSERT into User_Table(User_Username, User_Password,User_Email) VALUES(username, password,email)
END; END;
I'm getting a error on the BEGIN after the if statement. The error is "Bad syntax near "BEGIN SET returnvalue = 0; END ELSE;
Could you please tell me if im using the IF statement correctly in a mysql sence. It seems to work fine on a MSSql server but not on a Mysql.
Would it also be possible to point me in the direction of some good tutorials for this kinda stuff as the main MYSQL website isn't particularity user friendly.
Cheers
Instead of
IF statement
BEGIN
commands;
END
ELSE
BEGIN
commands;
END
use
IF statement THEN
commands;
ELSE
commands;
END IF;
Here is how I would write your procedure (changes may be a mixture of cosmetic changes and actual changes; suggest experimenting to find out which are which)
CREATE PROCEDURE `createuser` ( IN username VARCHAR(100),
IN password VARCHAR(100),
IN email VARCHAR(100)
)
BEGIN
DECLARE returnValue INT;
IF EXISTS (
SELECT 1
FROM User_Table
WHERE User_Username = username OR User_Email = email
) THEN
SET returnValue = 0;
ELSE
SET returnValue = 1;
INSERT INTO User_Table
(User_Username, User_Password, User_Email)
VALUES
(username, password, email);
END IF;
END;
You don't appear to be doing anything with the variable returnValue. You might need to declare this as OUT or INOUT, depending on what you want to do with it. I haven't got experience of using return values for stored procedures.