What if too many parameters in mysql query in node.js - mysql

This table has many parameters, and when i do insert it's like this, (... is for demo propose)
const sqlCmd = `insert into Consumer (key, secret, ..., version)
values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`;
try {
const param = [myTable.key, myTable.secret, ..., myTable.version];
return await dbPool.execSqlCmd(sqlCmd, param)
}
Is there a way to avoid so many ?s ?

In SQL, you use one ? parameter placeholder for each scalar value you want to pass to the SQL statement. No more, no less.
If you want fewer ? placeholders, then you must pass fewer parameters. You can do this by:
Omitting some columns from the INSERT statement. The row inserted will use the DEFAULT value declared for the column, or else NULL if there is no default.
Using a constant expression in the VALUES clause for some columns, instead of a parameter. I mean this can be a constant literal, like a numeric or string or date, or it can be an expression or function, which will be evaluated, and the resulting value used for the INSERT.

Related

how to solve unexpected token using MySQL Hibernate?

Im getting below error
org.hibernate.hql.internal.ast.QuerySyntaxException:unexpected token values: values near line 1, column 161 .
[insert into shop_information(storeName, ownername, license, email, dlnumber, gst, pan, pincode, phonenumber, mobile, fax, cst, phone, district, state, country) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)]
You have to use
session.createSQLQuery(SQL_QUERY);
not
session.createQuery(SQL_QUERY);
HQL only supports insert from another table.
e.g.
INSERT INTO Entity properties_list select_statement.
If you wan't to use standard insert statement like
INSERT INTO Table properties_list values ( :vals)
you need
session.createSQLQuery(SQL_QUERY)
Edit, to answer the comment:
I think that the parameters are 0-based, so try to start the parameters from 0:
query.setParameter(0,storeName);
query.setParameter(1,ownerName);
etc...
However the better way is to use named parameters:
sessionFactory.getCurrentSession()
.createSQLQuery("update table set field = 1 where id = :id")
.setParameter("id", someId)
.executeUpdate();

Issue in inserting values to table through jsp

I got this exception while using one of the answers from stackoverflow.
You can't specify target table 'tablename' for update in FROM clause
This is my query and am using JSP to pass queries:
String queryString = "INSERT INTO tablename(SL_No,candidate,phone,pan,mailid)
VALUES(SELECT (MAX(SL_No)+1 newSL_No from tablename), ?, ?, ?, ? ))";
Thanks in advance.
INSERT INTO tablename(SL_No,candidate,phone,pan,mailid)
select MAX(SL_No) + 1, ?, ?, ?, ?
from tablename
But actually it looks like you could just use the auto-increment of the SQL engine to do MAX(SL_No) + 1. If you change to column to that then your statement would be
INSERT INTO tablename(candidate,phone,pan,mailid)
values (?, ?, ?, ?)

Syntax error mysql

Where is the syntax error in this statement? I dont get it, can I use the "? bind param method" in this case? I use PDO
$stmt = $dbh->prepare("INSERT INTO epinfo WHERE TVShowTitle=? (Season, Episode, SDLink, HDLink, DlSDLink, DlHDLink) VALUES (?, ?, ?, ?, ?, ?)");
$stmt->bindParam(1, $_POST[tvshow]);
$stmt->bindParam(2, $_POST[season]);
$stmt->bindParam(3, $_POST[episode]);
$stmt->bindParam(4, $_POST[sdlink]);
$stmt->bindParam(5, $_POST[hdlink]);
$stmt->bindParam(6, $_POST[dlsdlink]);
$stmt->bindParam(7, $_POST[dlhdlink]);
$stmt->execute();
Error message:
SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE TVShowTitle='Breaking Bad' (Season, Episode, SDLink, HDLink, DlSDLink, DlH' at line 1
The standard INSERT syntax has no WHERE clause. I think you want to UPDATE your existing record.
UPDATE epinfo
SET Season = ?,
Episode = ?,
SDLink = ?,
HDLink = ?,
DlSDLink = ?,
DlHDLink = ?
WHERE TVShowTitle=?
INSERT INTO epinfo (TVShowTitle, Season, Episode, SDLink, HDLink, DlSDLink, DlHDLink) VALUES (?, ?, ?, ?, ?, ?, ?)"
You need to remove the where clause.
from here
INSERT INTO epinfo WHERE
Try like this:-
INSERT INTO epinfo(Season, Episode, SDLink, HDLink, DlSDLink, DlHDLink)
VALUES (?, ?, ?, ?, ?, ?)
From your comments:
If you want to update the value then use it like this:-
update epinfo
set column = "value"
where TVShowTitle=?

How to insert record if there are no duplicate in the previous query in MySQL

I have 2 insert queries that I need to execute. each query will insert data in a different table. The first query has ON DUPLICATE KEY UPDATE clause. What I need to do is to prevent the second query from running is the first one cause an update due to a DUPLICATE KEY.
here is my code currently.
$insertEvent = $db->processQuery('INSERT INTO calendar_events (start_on, end_on, subject, owner_id, created_by, phone_call_id, status )
VALUES (?, ?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE start_on = ?, end_on =?, status = ? ',
array($start, $end, $subject, $owner, $created_by, $phone_call_id, $status, $start, $end, $status) );
$event_id = $db->lastinsertid();
$insertEvent2 = $db->processQuery('INSERT INTO calendar_attendees (event_id, owner_id) VALUE (?, ?)', array($event_id, $owner));
I only want to execute $insertEvent2 only if $insertEvent created a new record otherise ignore the second statement.
Thanks
I believe you can use INSERT IGNORE syntax on your second INSERT, so that your query will look like
INSERT IGNORE INTO calendar_attendees (event_id, owner_id) VALUES (?, ?)
Make sure that you have a UNIQE constraint on (event_id, owner_id).
BTW you have a typo in your second insert. It should be VALUES instead of VALUE.

How can I pass MySQL functions as bind parameters in prepared statement?

I'm trying to do this:
$sth = $dbi->prepare('INSERT INTO table VALUES (?, ?, ?)');
$sth->execute(
$var1,
$var2 || 'NOW()',
$var3
);
without any luck. Any ideas?
$sth = $dbi->prepare('INSERT INTO table VALUES (?, COALESCE(?, NOW()), ?)');
$sth->execute(
$var1,
$var2,
$var3
);
Functions cannot be bound parameters. MySQL will enclose them in quotes which is not valid syntax.
Your options are:
DEFAULT CURRENT_TIMESTAMP - If the field is a TIMESTAMP field you can declare it to have a default of the current time like this. This does not work for DATETIME fields.
Use perl - $now = time2str('%Y-%m-%d %T', time);
You can use the following coding also.
$sth = $dbi->prepare('INSERT INTO table VALUES (?, COALESCE(?, NOW()), ?)');
$sth->bind_param($var1,$var2,$var3);
$sth1=$sth->execute;