I want to call a procedure with some conditions,
This is my code.
DELIMITER $$
USE `jijo_db`$$
DROP PROCEDURE IF EXISTS `view_all_user_details_with_limit`$$
CREATE DEFINER=`root`#`localhost` PROCEDURE `view_all_user_details_with_limit`(IN StartNo INT,IN EndNo INT, IN OrderVal VARCHAR(10),IN Cond VARCHAR(50))
BEGIN
SELECT * FROM `tbl_user_details` WHERE Cond ORDER BY OrderVal LIMIT StartNo,EndNo;
END$$
DELIMITER ;
procedure call - CALL view_all_user_details_with_limit(0,10,'',"NAME LIKE '%a%'");
but I dont get any result. why ????
If you want to have variable WHERE, LIMIT, and ORDER BY conditions, you will need to create a prepared statement in your stored procedure.
Try something like this:
DELIMITER $$
USE `jijo_db`$$
DROP PROCEDURE IF EXISTS `view_all_user_details_with_limit`$$
CREATE DEFINER=`root`#`localhost` PROCEDURE `view_all_user_details_with_limit`(IN StartNo INT,IN EndNo INT, IN OrderVal VARCHAR(10),IN Cond VARCHAR(50))
BEGIN
SET #q = CONCAT('SELECT * FROM `tbl_user_details` WHERE ', Cond);
IF OrderVal != '' THEN
SET #q = CONCAT(#q, ' ORDER BY ', OrderVal);
END IF;
SET #q = CONCAT(#q, ' LIMIT ', StartNo, ', ', EndNo - StartNo + 1);
PREPARE stmt FROM #q;
EXECUTE stmt;
END$$
DELIMITER ;
Your problem seems to be happening in WHERE Cond.
A MySQL Stored Procedure won't interpret that string as an expression, but will instead attempt to cast it to a Boolean.
You can see by running SELECT CAST("NAME LIKE '%a%'" AS UNSIGNED); that the string will be interpreted as False, and thereby you won't get any results.
I suggest instead that you accept in your Cond variable a string such as '%a%' and then update your query to:
SELECT *
FROM `tbl_user_details`
WHERE `NAME` LIKE Cond
ORDER BY OrderVal
LIMIT StartNo, EndNo;
Related
As the title mention, i have a problem to apply simple filter on a query result using the operator (IN) in a MySQL Stored Procedured.
The simple example of the Stored Procedured looking like this
DELIMITER $$
DROP PROCEDURE IF EXISTS `sp_example`$$
CREATE DEFINER=`root`#`localhost` PROCEDURE `sp_example`(
`filter_uid_value` TEXT
)
BEGIN
SELECT
a.id
, a.name
, a.uid
FROM
employee_example a
WHERE 1=1
AND a.uid IN (filter_uid_value)
END$$
DELIMITER;
so when i call this stored procedured, for example like this
CALL sp_example("du4jgjVRJGs,oKxU3SzV8CK");
the filter is not apply, i wonder how can fix this
CREATE DEFINER=`root`#`localhost` PROCEDURE `sp_example`(
`filter_uid_value` TEXT
)
SELECT id, name, uid
FROM employee_example
WHERE FIND_IN_SET(uid, filter_uid_value);
DELIMITER not needed.
DELIMITER ;;
CREATE DEFINER=`root`#`localhost` PROCEDURE `sp_example`(
`filter_uid_value` TEXT
)
BEGIN
SET #sql := CONCAT( 'SELECT id, name, uid ',
'FROM employee_example ',
'WHERE uid IN ("',
REPLACE(filter_uid_value, ',', '","'),
'")' );
PREPARE stmt FROM #sql;
EXECUTE stmt;
DROP PREPARE stmt;
END;;
DELIMITER ;
I am trying to make a function witch create a new ID from any table given as parameter.
DROP FUNCTION IF EXISTS create_id;
DELIMITER $$
CREATE FUNCTION create_id(db_table TEXT,pkey TEXT,strlen INT,joinner TEXT)
RETURNS TEXT
BEGIN
DECLARE max_id TEXT;
DECLARE new_id TEXT;
SET max_id = (SELECT MAX(pkey) FROM db_table);
SET new_id = max_id;
RETURN new_id;
END;
$$
DELIMITER ;
Thank you for your answers
You can't use variables like you want to; basically, if you want a variable identifier (table name, column name or the-like), you need to use dynamic SQL. But MySQL functions do not support dynamic SQL. So, instead, you need to use a procedure with an OUT paramter.
Consider:
drop procedure if exists create_id;
delimiter $$
create procedure create_id(in _db_table text, in _pkey text, out _max_id int)
begin
set #max_id = null;
set #sql = concat('select max(`', _pkey, '`) into #max_id from `', _db_table, '`');
prepare stmt from #sql;
execute stmt;
deallocate prepare stmt;
set _max_id = #max_id;
end;
$$
delimiter ;
Then, you invoke the procedure and recover the out value like so:
call create_id('mytable', 'id', #max_id);
select #max_id;
Note: I couldn't see the point for the last two arguments to your original function, so I removed them.
I do my filter with column of table pass through parameter(field after where in line 7) procedure but pass parameter column of table ,mysql doesn't know
use testphantrang;
DELIMITER $$
CREATE PROCEDURE `filter`(in field varchar(40), in giatri varchar(40),in index_of_page int)
begin
declare xx int ;
set xx = index_of_page*15;
SELECT * from test where field like CONCAT('%', giatri,'%') limit xx,15;
END; $$
DELIMITER ;
call `filter`('email','b',0);
Below is my table:
DELIMITER $$
CREATE PROCEDURE `filter`(in field varchar(40), in giatri varchar(40),in index_of_page int)
begin
declare xx int ;
set xx = index_of_page*15;
set #query = CONCAT('SELECT * from test where field rlike ''', giatri,''' limit ',xx,',15;');
PREPARE dynamic_statement FROM #query;
EXECUTE dynamic_statement;
DEALLOCATE PREPARE dynamic_statement;
END; $$
DELIMITER ;
call `filter`('email','b',0);
I've created a stored procedure:
DELIMITER $$
DROP PROCEDURE IF EXISTS `zero`.`sp_for_insert_into_account_db`$$
CREATE PROCEDURE `zero`.`sp_for_insert_into_account_db` (usr_key char(6),usr_name varchar(15),usr_password varchar(15),OUT output_message INT)
BEGIN
DECLARE no_of_row INT;
SELECT COUNT(*) INTO no_of_row from account_db;
IF no_of_row < 4 THEN
SET #s = CONCAT('insert into account_db (USR_KEY,USR_NAME,USR_PWD) VALUES (',usr_key,usr_name,usr_password,')');
PREPARE stmt FROM #s;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
SET output_message=1;
ELSE
SET output_message=0;
END IF;
END$$
DELIMITER ;
I'm calling it with query
call sp_for_insert_into_account_db('a','b','c',#output_ message);
The error is like:
Column count does not match value...
I'm passing 4 arguments...
Why is this error occurring?
I've already checked with this syntax (by default parameter is IN type)
sp_for_insert_into_account_db(IN usr_key char(6),
IN usr_name varchar(15),
IN usr_password varchar(15),
OUT output_message INT)
Problem is also here:
SET #s = CONCAT('insert into account_db (USR_KEY,USR_NAME,USR_PWD) VALUES (',usr_key,usr_name,usr_password,')');
You are trying to insert 3 values and the concatenation returns 1
use this instead:
SET #s = CONCAT('insert into account_db (USR_KEY,USR_NAME,USR_PWD) VALUES (\'',usr_key,'\',\'',usr_name,'\',\'',usr_password,'\')');
Not entirely sure why you're using prepared statements/dynamic sql when you dont need to ?? See the following example which i've cleaned up for you a little:
drop procedure if exists sp_for_insert_into_account_db;
delimiter #
create procedure sp_for_insert_into_account_db
(
in p_usr_key char(6),
in p_usr_name varchar(15),
in p_usr_pwd varchar(15),
out p_output_message tinyint unsigned
)
begin
declare v_no_of_row int unsigned default 0;
set p_output_message=0;
select count(*) into v_no_of_row from account_db;
if v_no_of_row < 4 then
insert into account_db(usr_key, usr_name, usr_pwd) values (p_usr_key, p_usr_name, p_usr_pwd);
set p_output_message = 1;
end if;
end#
delimiter ;
call sp_for_insert_into_account_db (...);
EDIT
are you a COBOL PROGRAMMER FROM THE 1970'S AND IS THAT WHY YOU HAVE TO USE CAPS ?
I am using mysql which i have a stored procedure which has an input variable.
I want to use this variable in a select statement (with like clause).
Eg:
DELIMITER $$
DROP PROCEDURE IF EXISTS `DeleteDataByTransactionID` $$
CREATE DEFINER=`root`#`%` PROCEDURE `DeleteDataByTransactionID`(in **$TransactionID** varchar(50))
BEGIN
delete from sqlstatements where tempsql like '%'+ **$TransactionID** + '%';
END $$
DELIMITER ;
Thanks
DELIMITER $$
DROP PROCEDURE IF EXISTS `DeleteDataByTransactionID`
$$
CREATE DEFINER=`root`#`%` PROCEDURE `DeleteDataByTransactionID`(TransactionID VARCHAR(50))
BEGIN
DELETE
FROM sqlstatements
WHERE tempsql LIKE CONCAT('%', TransactionID, '%');
END
$$
DELIMITER ;
Actually, the accepted answer's version is open to SQL injection if the caller does not properly parameterize the call to the stored procedure. I would recommend utilizing a prepared statement in the stored procedure as follows to be safe instead of relying on the caller:
DELIMITER $$
CREATE PROCEDURE `DeleteDataByTransactionID`
(
TransactionID VARCHAR(50)
)
BEGIN
SET #sql =
"DELETE
FROM sqlstatements
WHERE
tempsql LIKE CONCAT('%', ?, '%')";
SET #transid = TransactionID;
PREPARE stmt FROM #sql;
EXECUTE stmt USING #transid;
DEALLOCATE PREPARE stmt;
END
$$