Related
Probably a simple answer to this one but I can't find the answer online :(
I am currently migrating to MySQL database but I am having problems transfering my stored procedures from my dataset in Visual Studio. The SQL query in my dataset did not force me to name all the parameters however, MySQL gives a syntax error when I use ? instead of naming and declaring every single parameter.
SQL query in dataset of Visual Studio:
UPDATE tblConfigurations
SET DEUnit_ID_UnitName = ?, DEUnit_ID_UnitType = ?, DEUnit_ID_UnitLevel = ?, DEUnit_Aut_NumberOfMastercards = ?, DEUnit_Aut_MasterCardId1 = ?, DEUnit_Aut_MasterCardId2 = ?,
DEUnit_Aut_MasterCardId3 = ?, DEUnit_Aut_MasterCardId4 = ?, DEUnit_Aut_MasterCardId5 = ?, DEUnit_Aut_MasterCardId6 = ?, DEUnit_Aut_MasterCardId7 = ?, DEUnit_Aut_MasterCardId8 = ?,
DEUnit_Lck_SeperatedAntennas = ?, DEUnit_AF_SilentAlarmActivation = ?, DEUnit_AF_AlarmInputConnection = ?, DEUnit_NW_Address = ?, DEUnit_KD_KeyboardOrientation = ?,
DEUnit_KD_SpecialAcousticConfirmation = ?, DEUnit_KD_KeyClickSound = ?, DEUnit_KD_LedColors = ?, DEUnit_ReservedValue1 = ?, DEUnit_ReservedValue2 = ?, DEUnit_ReservedValue4 = ?,
DEUnit_ReservedValue7 = ?, DEUnit_ReservedValue8 = ?, DEUnit_ReservedValue9 = ?, DEUnit_ReservedValue10 = ?, DEUnit_ReservedValue11 = ?, DEUnit_ReservedValue12 = ?, DEUnit_ReservedValue13 = ?,
DEUnit_ReservedValue14 = ?, DEUnit_ReservedValue15 = ?, DEUnit_ReservedValue22 = ?, DEUnit_ReservedValue27 = ?
WHERE (config_ID = ?)
You can use the ? placeholders only if you use the PREPARE and EXECUTE syntax. Read https://dev.mysql.com/doc/refman/8.0/en/sql-prepared-statements.html for details.
But even if you do use PREPARE & EXECUTE, you would still have to name the variables as you pass them to EXECUTE.
In a stored procedure, you can use variables instead of using placeholders.
CREATE PROCEDURE citycount (IN country CHAR(3), OUT cities INT)
BEGIN
SELECT COUNT(*) INTO cities FROM world.city
WHERE CountryCode = country;
END
In that example, country is a procedure input parameter. You can use it directly in an SQL statement (in this case SELECT, but it works for UPDATE too).
Make sure your parameter names are not the same as any column in the table you query, because that creates an ambiguity.
I set up an Apps Script program and it needs to save data to database. However, it is not working.
I have tried to use the code from Google Apps Script Documentation but I can't see how to skip the autoIncrementing field named ID and its the primary key as well.
I have used code below.
var connectionName = 'frms-db:us-central1:****';
var user = 'rj-**';
var userPwd = 'fEwnj*LAAj3****';
var db = 'CCW_CLR';
var dbUrl = 'jdbc:google:mysql://' + connectionName + '/' + db;
var conn = Jdbc.getCloudSqlConnection(dbUrl, user, userPwd);
var stmt2 = conn.prepareStatement('INSERT INTO tblPreInterview '
+ '(ID, Timestamp, Email, Section4, Section5, Section6, Section7, Pages12_13, MinorsAtHome, FirearmsStoreage, ReferenceType1, ReferenceName1, ReferencePhone1, ReferenceType2, ReferenceName2, ReferencePhone2, ReferenceEmail2, '
+ 'ReferenceType3, ReferenceName3, ReferencePhone3, ReferenceEmail3, DeptConditions, NoGuarantee, ServicePolicy, NoRefunds, PenaltyPerjury, Authorization) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '
+ '?, ?, ?, ?, ?, ?, ?, ?, ?, ?)');
stmt2.setString(2, new Date());
stmt2.setString(3, data.email);
stmt2.setString(4, data.section4);
stmt2.setString(5, data.section5);
stmt2.setString(6, data.section6);
stmt2.setString(7, data.section8);
stmt2.setString(8, data.pages1213);
stmt2.setString(9, data.minors);
stmt2.setString(10, data.storefirearm);
stmt2.setString(11, data.reftype1);
stmt2.setString(12, data.refcon1);
stmt2.setString(13, data.refphone1);
stmt2.setString(14, data.refemail1);
stmt2.setString(15, data.reftype2);
stmt2.setString(16, data.refcon2);
stmt2.setString(17, data.refphone2);
stmt2.setString(18, data.refemail2);
stmt2.setString(19, data.reftype3);
stmt2.setString(20, data.refcon3);
stmt2.setString(21, data.refemail3);
stmt2.setString(22, data.deptcondition);
stmt2.setString(23, data.review_agree1);
stmt2.setString(24, data.review_agree2);
stmt2.setString(25, data.review_agree3);
stmt2.setString(26, data.review_agree4);
stmt2.setString(27, data.review_agree5);
stmt2.setString(28, data.signature);
stmt2.execute();
I expect to add data to my SQL database.
If the column is auto_incremented, you do not need to provide a value for it. MySQL automatically assigns a new number when you perform an insert where no value is given for that column.
So you should just not specify this column in your insert, ie change:
var stmt2 = conn.prepareStatement(
'INSERT INTO tblPreInterview '
+ '(ID, Timestamp, Email, Section4, Section5, Section6, ...
To:
'INSERT INTO tblPreInterview '
+ '(Timestamp, Email, Section4, Section5, Section6, ...
Accordingly you should remove the first parameter.
I am trying to fix my sql problem for 3 hours and I cant find the little thing the destroy my code.
The error :
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order, image, category_id) VALUES('test', 'test', '<p>test' at line 1
The query: All the variables they are post fields that sended.
try {
$statement = $link->prepare("INSERT INTO `info_pages` (name, title, text, img_credits, meta_title, meta_keywords, order, image, category_id) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?)");
$statement->execute(array($main_title, $side_title, $content, $img_credits, $meta_title, $meta_keywords, $order, $image, $category_id));
//echo $BNL->msg("הדף <b>{$main_title}</b> נוצר בהצלה, הנך מועבר...", true);
//echo $BNL->MoveTo($url."index.php?page=info_pages",1);
if (!$statement->execute()) {
print_r($statement->errorInfo());
}
} catch(PDOException $e){
echo $BNL->msg("<b>שגיאה</b>, צרו קשר עם המנהל");
}
grave is more commonly referred to as a "backtick", which MySQL uses to escape MySQL reserved words.
Already #Mat said his comment that you used reserve word in your statement that why its thrown error and that is "order",so if you use this type reserve word you have write your query below way.
("INSERT INTO `info_pages`
(`name`,
`title`,
`text`,
`img_credits`,
`meta_title`,
`meta_keywords`,
`order`,
`image`,
`category_id`)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
Though i used for every column but not needed that you can use it for only "order" column
Novice here. Just trying to bind values to eliminate sql injections. I've got the code below but I get this error...
called with 1 bind variables when 47 are needed at my.cgi line 803.
and output looks like..
$new_row='53616c7465645f5fd8b88f6a16704f8ebc0a2002dfg45633617bbb0446fa', 'test12', 'user', '2012-03-06', 'xcvb', 'xb', 'xcvbb', 'xcvbb', 'UT', 'US', '4566', '4564564566', 'todd#my.com', 'vbn', '', '200', 'Monthly', 'eBook', 'WebStore', '9.95', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 'http://my.com', 'my.com', '', '', '', '', '', '', '', '', '2012-03-06', '30-Day-Trial'
$questionmarks=?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
I've tried it with/without quotes and commas. Any ideas appreciated.
foreach my $field (#account_field_order) {
$new_row .= "'" . param($field) . "', ";
$questionmarks .="?, ";
}#foreach
$new_row .= "'$status'";
$questionmarks .= "? ";
my $dsn = "DBI:mysql:$database";
my $dbh = DBI->connect($dsn, $MYSQLuserid, $MYSQLpassword )
or die $DBI::errstr;
my $sth = $dbh->prepare(qq(INSERT INTO $table VALUES ($questionmarks) ))
or die $DBI::errstr;
$sth->execute(qq($new_row)) or die $DBI::errstr;
You're supposed to supply a list of arguments, one for each questionmark, not a single scalar argument that contains the strings of the arguments. When I answered your question before, I told you to do:
my #values = map param($_), #account_field_order; # add values to array
push #values, $status; # for simplicity
$new_row = join ", ", ("?") x #values; # add ? for each value
... # basically same code as before, except the execute statement:
$sth->execute(#values); # arguments given will be inserted at placeholders
Where $new_row is your placeholder string, not your argument list. Not:
$new_row .= "'" . param($field) . "', ";
...
$new_row .= "'$status'";
$sth->execute(qq($new_row)) or die $DBI::errstr;
Because $new_row counts as one argument, since it is a scalar. You need an array or list of the same length as the number of questionmarks.
First, lets fix the first statements:
#new_row=('53616c7465645f5fd8b88f6a16704f8ebc0a2002dfg45633617bbb0446fa', 'test12', 'user', '2012-03-06', 'xcvb', 'xb', 'xcvbb', 'xcvbb', 'UT', 'US', '4566', '4564564566', 'todd#my.com', 'vbn', '', '200', 'Monthly', 'eBook', 'WebStore', '9.95', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', 'http://my.com', 'my.com', '', '', '', '', '', '', '', '', '2012-03-06', '30-Day-Trial');
$questionmarks="?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?";
These will create an array of values and a single string with all the ?s.
Then in the execute statement:
$sth->execute(#new_row) or die $DBI::errstr;
which will pass in your array of values into the execute line, rather than a single argument like you were doing before.
I keep getting an incorrect string value error in my Rake Task when I go to insert into my DB for one specific record. I tried converting it to UTF8 after reading several posts here on it but still have not resolved the issue (no guarantee I did that right). Any thoughts on what else it could be? Anything I left out?
MySQL Server Community 5.5
Conversion Code:
ic = Iconv.new('UTF-8//IGNORE', 'UTF-8')
#summary = ic.iconv(bug.summary << ' ')[0..-2]
Create Code:
JiraBug.create(
:issue => bug.key,
:summary => #summary,
:reporter_name => reporter_name,
:assignee_name => assignee_name,
:weight => weight, :issue_created => issue_created,
:issue_updated => issue_updated,
:jira_it_division_id => #it_division_id,
:jira_project_id => #project_id,
:jira_priority_id => #priority_id,
:jira_status_id => #status_id,
:jira_originating_phase_id => #originating_phase_id,
:jira_detection_phase_id => #detection_phase_id,
:jira_version_id => #version_id,
:jira_version_name => #version_name,
:death_burrito_application_id => #jira_id
)
Offending String:
"Instance Blueprints → aa-test-kim → Module/Domain Objects - there is
a drop down title \"ID [REMOVEME]\". I don't think the 'removeme'
belongs."
Error
Mysql::Error: Incorrect string value: '\xE2\x86\x92 aa...' for column
'summary' at row 1: INSERT INTO jira_bugs (assignee_name,
created_at, death_burrito_application_id, issue,
issue_created, issue_updated, jira_detection_phase_id,
jira_it_division_id, jira_originating_phase_id,
jira_priority_id, jira_project_id, jira_status_id,
jira_version_id, jira_version_name, reporter_name, summary,
updated_at, weight) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?, ?, ?, ?, ?) [1m[35m (1.0ms)[0m ROLLBACK Mysql::Error:
Incorrect string value: '\xE2\x86\x92 aa...' for column 'summary' at
row 1: INSERT INTO jira_bugs (assignee_name, created_at,
death_burrito_application_id, issue, issue_created,
issue_updated, jira_detection_phase_id, jira_it_division_id,
jira_originating_phase_id, jira_priority_id, jira_project_id,
jira_status_id, jira_version_id, jira_version_name,
reporter_name, summary, updated_at, weight) VALUES (?, ?, ?,
?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
I wound up doing a record specific hack for right now.
#summary = bug.summary.gsub(/→/,'>')
Not the greatest solution but until I find a better way this will have to do