I try to execute a variable query within a custom mysql function, here's the script :
DELIMITER $
CREATE FUNCTION is_present(in_id BIGINT, in_table_name VARCHAR(255)) RETURNS BIT
BEGIN
DECLARE stm VARCHAR(255);
DECLARE result BIT DEFAULT 0;
SET stm := CONCAT('SELECT IF(COUNT(*), 1, 0) INTO result FROM', in_table_name, 'WHERE id=? LIMIT 1');
PREPARE query FROM stm;
EXECUTE query USING in_id;
DEALLOCATE PREPARE query;
RETURN result;
END $
DELIMITER ;
Mysql warns me about the syntax :
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use
near 'stm; EXECUTE query USING in_id; DEALLOCATE PREPARE query;
RETURN result; ' at line 9
I think you are missing a semicolon before var name:
PREPARE query FROM :stm;
Related
Query is retrieving correct result but in Prepared statement getting error "Error Code: 1064. check the manual that corresponds to your MySQL server version for the right syntax to use near 'INSERT INTO audittrail(BATCHID,IPADDRESS,DATE,LINENAME,ACTION) values (1165' at line 2"
Thanks in advance:-)
CREATE DEFINER = 'root'#'localhost'
PROCEDURE new_procedure()
BEGIN
DECLARE stmt text;
SET #stmt = (SELECT CONCAT('START TRANSACTION; \n', GROUP_CONCAT(objdata SEPARATOR ';\n'),';\nCOMMIT; \n DELETE FROM qry_obj_dtl where id in (',GROUP_CONCAT(ID SEPARATOR','),');') AS objData1 FROM qry_obj_dtl);
SELECT #stmt;
PREPARE param_stmt FROM #stmt;
EXECUTE param_stmt;
DEALLOCATE PREPARE param_stmt;
END
I am working in a stored procedure that is fetching queries from a table and execute them.
The problem is that I have some queries with single/doubled quotes and it is throwing an error on execute them.
Procedure
delimiter $$
drop procedure if exists run_change_ids_queries$$
create procedure run_change_ids_queries()
begin
declare s_query TEXT;
declare done bool default false;
declare c_queries cursor for
select `query` from `queries` WHERE `executed` = 0 ORDER BY `qry_id` ASC;
declare continue handler for not found set done = true;
open c_queries;
read_loop: loop
fetch c_queries into s_query;
if done then
leave read_loop;
end if;
-- run the query
set #sql = s_query;
prepare stmt from #sql;
execute stmt;
deallocate prepare stmt;
-- update executed flag on query
set #update = CONCAT('UPDATE `queries` SET `executed` = 1 WHERE `query` LIKE \'',#sql,'\';');
prepare stmt from #update;
execute stmt;
deallocate prepare stmt;
end loop;
end$$
Query update urisegments as s inner join change_product_ids as p on concat('{"product_id":"', p.old_id, '"}') = s.primary_key_value set s.primary_key_value = CONCAT('{"product_id":', p.new_id, '"}') where s.app_namespace = 'Shop' and s.primary_key_value like '%product_id%'; is throwing error: [42000][1064] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '{"product_id":"', p.old_id, '"}') = s.primary_key_value set s.primary_key_value ' at line 1
Workaround #01
I already tried to escape single/doubled quotes into \' and \" respectively, but it throws another error:
[42000][1064] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'{\"product_id\":\"\', p.old_id, \'\"}\') = s.primary_key_value set s.primary_k' at line 1.
Don't try to concatenate the query into the SQL. Prepared statements can contain placeholders, which you fill in when you use the EXECUTE statement.
set #update = 'UPDATE `queries` SET `executed` = 1 WHERE `query` = ?');
prepare stmt from #update;
execute stmt USING #sql;
The statement is not escaped.
All single/doubled quotes should be escaped.
update urisegments as s
inner join change_product_ids as p on concat(\'{\"product_id\":\"\', p.old_id, \'\"}\') = s.primary_key_value
set s.primary_key_value = CONCAT(\'{\"product_id\":\', p.new_id, \'\"}\')
where s.app_namespace = \'Shop\' and s.primary_key_value like \'%product_id%\';
Instead of testing for the query, test for its id:
... WHERE qry_id = ?
(Add that column to the initial SELECT.)
I have the following stored procedure:
CREATE PROCEDURE getLastValueAutomaticShelter(IN fieldName varchar(30), position_number INT)
BEGIN
SET #query = CONCAT('SELECT * FROM automatic_changes WHERE',fieldName,'IS NOT NULL AND P_id=?');
PREPARE stmt FROM #query;
SET #position_number=position_number;
EXECUTE stmt USING #position_number;
DEALLOCATE PREPARE stmt;
END
Then I am running it:
mysql> call getLastValueAutomaticShelter('current_level', 500)//
And getting the following error:
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near 'NOT N
ULL AND P_id=?' at line 1
Any ideas? Thanks.
You need to add some spaces in there:
SET #query = CONCAT('SELECT * FROM automatic_changes WHERE ',fieldName,' IS NOT NULL AND P_id=?');
/* right ^ here....and ^ here*/
Otherwise your final query might look like this:
SELECT * FROM automatic_changes WHEREcolumnameIS NOT NULL AND P_id='whatever';
You get the idea :)
This is the stored procedure I'm trying to use
DELIMITER ##
CREATE PROCEDURE exportFile()
BEGIN
DECLARE filename VARCHAR(255);
SET filename = CONCAT('~/Sample',NOW(),'.csv'));
SET #outfilestmt = concat('SELECT * INTO OUTFILE ',"'", filename,"'",' FROM Results') ;
PREPARE stmt FROM #outfilestmt;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
END ##
DELIMITER ;
This is the error I get
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');
SET #outfilestmt = concat('SELECT * INTO OUTFILE ',"'", filename,"'",' FROM R' at line 6
Desired Result:
call exportFile
--~/Sample2012-03-14-10:42:51.cvs
call exportFile
--~/Sample2012-03-14-10:42:52.cvs
call exportFile
--~/Sample2012-03-14-10:42:53.cvs
A semicolon is missing after
SET filename = CONCAT('~/Sample',NOW(),'.csv'))
and one brace is too much (also noted by Devart. Thanks). Change it to
SET filename = CONCAT('~/Sample',NOW(),'.csv');
Tested it to be sure. Works!
When creating the following procedure I receive this error message:
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near
'd_query;
set d_result = execute stmt;
deallocate prepare stmt; ' at line 15
But after checking I can't see the error. Line 15 relates to 'if d_query is not null then'.
Is this the true error? Or is it not happy to accept an execute as an assignment to d_result?
Any help would be greatly appreciated.
delimiter |
create procedure runtests()
begin
declare d_test_id char(20);
declare d_query text;
declare d_result text;
declare cur cursor for select test_id, query, result from datavalidator order by test_id;
open cur;
repeat
fetch cur into d_test_id, d_query, d_result;
if d_query is not null then
prepare stmt from d_query;
set d_result = execute stmt;
deallocate prepare stmt;
update datavalidator set result = d_result;
end if;
until done end repeat;
close cur;
end;
|
delimiter ; |
"Note that a literal string expression or a user variable are the only ways you can specify the statement to be prepared.", from this documentation.
Try writing the value into a user variable before trying to prepare, perhaps something like:
set #q_sql = d_query;
...or write directly into the user variable in the fetch line.