I can not seem to get this to work as expected.
"SELECT event_positions.id as ep_id, event_positions.pos_prefered_tech, event_positions.assigned_tech_id, "
. "event_schedule.id as es_id, event_schedule.event_id, event_schedule.event_day, event_schedule.event_stime,"
. "event.id as eid, event.crewer_id as cid, event.event_title, event.crewed_by,"
. "crewer.crewer_company"
. "FROM event_schedule "
. "INNER JOIN event_positions "
. "ON event_schedule.id = event_positions.event_sched_id"
. "INNER JOIN event "
. "ON event_schedule.event_id = event.id"
. "INNER JOIN crewer "
. "ON event.crewer_id = crewer.id "
. "WHERE event_schedule.event_day >= NOW() "
. "AND event.crewer_id = ?"
If i remove the AND statement it will pull all data as expected. But I need to filter for the specific crewer_id
When I try to do this I get an empty result set. No errors.
It seems like there's some spaces missing in the generated SQL text, for example, before FROM and before INNER JOIN crewer. Are you sure this SQL statement is working?
The question mark character ? doesn't look like valid SQL. So it's likely (and we're going to assume) that this SQL text is for a prepared statement, and that the question mark is intended as a placeholder for a bind variable.
If that's the case, I suspect there's a problem with the parameter bind.
I recommend you verify that the value you are providing for the bind parameter is a value that would return rows, that is, one of the values for crewer.id that's returned by the query when this predicate is omitted.
I also suggest you test using a hardcoded literal value, in place of the question mark. Choose a literal value, again, that you know will return rows.
I suspect that when you debug this, you will find the problem is with the bind parameter. (It's only a suspicion, because there's not enough information provided for me to make a determination.)
Related
I'm trying to update a database in JavaFX using JDBC and Textfields ,
The first textfields, but I keep getting SQL syntax errors.
It's a simple update syntax , but I have to use the textfield.getText() in order to fill up the data.
I tried this as the query I'll execute:
UPDATE intervention
set "+update_textfield2.getText()+" = "+update_textfield3.getText()+"
WHERE ( Numdemande ="+update_textfield.getText()+"
To explain the code above : set the database field the user entered (update_textfield2) as the value the user entered (update_textfield3) where the "Numdemande" number is x (update_textfield)
While your code is unsafe, as explained in the comments, I'll answer on the assumption that your class has not yet covered SQL injection attacks.
As for your SQL statement itself, there are several problems.
First of all, you are using double quotes " instead of single quotes '. It is unclear which dialect of SQL you are using, but most, if not all, require single quotes when passing through Strings like this.
Secondly, you are wrapping your calls to the textField.getText()
methods in quotes, meaning you're telling SQL to use that text
literally.
You have not added a closing parentheses ()) at the end of your WHERE clause. The parentheses in this case, however, are not necessary.
In essence, you're trying to pass the following statement to SQL:
UPDATE intervention
set +update_textfield2.getText()+ = '+update_textfield3.getText()+'
WHERE ( Numdemande = '+update_textfield.getText()+'
Unless you have a field called +update_textfield2.getText()+ in your table, this statement will fail.
The following String would produce the correct statement:
String statement = "UPDATE intervention " +
"SET " + update_textfield2.getText() + " = " + update_textfield3.getText() +
"WHERE Numdemande = " + update_textfield.getText() + ";";
Side Note: Please learn the Java Naming Conventions and stick to them. In your code, you've used Snake Case when naming your TextField, but should be using Camel Case instead. An appropriate name for your TextField might be something like this instead: updateTextField1
From the table Table, I would like to build a query that gives me the table Query.
The first issue is to build Query.Note as a concatenation of Table.Note.
Te second issue, more difficult, is to concatenate Table.Project + ": " + Table.Note each time that Table.Note is not empty.
Some clues?
For my needs, it is enough to solve the first issue. The second one would be great to have.
I am open to VBA-solutions.
Thanks in advance!
This involves using the "GetList" Function that is found Microsoft Access condense multiple lines in a table.
Please note that Table and Query are reserved words, and that Note needed to be made plural as Notes.
SELECT
T2.Client
,GetList("Select Project & "": "" & Note From myTable as T1 where T1.Client = """ & T2.Client & """","","; ") AS Notes
FROM myTable as T2
GROUP BY T2.Client;
$query = mysqli_query($link, "SELECT *
FROM table
WHERE column=" . row_data['column'] . " ") or die(mysqli_error($link));
Can someone tell me what wrong with syntax? I honestly work on this problem in an hour but I can't figure it out up to now. I think it is on the syntax maybe my quoutes is placed on wrong?
row_data['column'] is equals to value a
If I make it hardcoded, it output expect results.
$query = mysqli_query($link, "SELECT *
FROM table
WHERE column='value a'") or die(mysqli_error($link));
Error
Unknown column 'value a' in 'where clause'
You just miss single quotes:
$query = mysqli_query($link, "SELECT *
FROM table
WHERE column='" . row_data['column'] . "' ") or die(mysqli_error($link));
In your second example you have placed single quotes around the value while in the first not.
I guess your data is coming from another query, so you can think about join to reduce number of queries.
If data is coming from a user input you should have a look at prepared statements. If you place user input directly into the query you are open to sql injections.
Last but not least if you are still learning have a look at pdo instead of mysqli
I can't figure out why I get an SQL error with the mySQL statement (in php file) below. I think the problem relates to the second condition 'AGREEDPRODUCTS.productid_corporation is null'. I checked that the syntax of the used parameters is correct as used in the database. I also tried other alternatives with respect to the second condition (like using WHERE but that is obvious not allowed;MySQL join with where clause) but those didn't work.
$sqlquery4 = "SELECT AGREEDPRODUCTS.id,AGREEDPRODUCTS.productid_supplier,EMETERPRODUCTS.productname "
. "FROM AGREEDPRODUCTS "
. "INNER JOIN EMETERPRODUCTS "
. "ON AGREEDPRODUCTS.productid_supplier=EMETERPRODUCTS.productid AGREEDPRODUCTS.producttype='EMETER' AND AGREEDPRODUCTS.productid_corporation is null "
. "ORDER BY AGREEDPRODUCTS.productid_supplier";
Any suggestions?
You've missed an AND, or other separator, on that line:
ON AGREEDPRODUCTS.productid_supplier=EMETERPRODUCTS.productid AGREEDPRODUCTS.producttype='EMETER' AND AGREEDPRODUCTS.productid_corporation is null
^^^
ON AGREEDPRODUCTS.productid_supplier=EMETERPRODUCTS.productid AND AGREEDPRODUCTS.producttype='EMETER' AND AGREEDPRODUCTS.productid_corporation is null
You're missing an AND........................................................................................^here^.
And you confused something here:
like using WHERE but that is obvious not allowed
The WHERE in this question makes the left/right join to an inner join. That's why you have to put it in the join condition. A WHERE clause is always possible. You could as well also put your second join condition in a where clause.
I have a mysql table id,name,gender,age religion( enum('HIN','CHR','MUS') ,category(enum('IND','AMR','SPA') where last 2 are enum datatype and my code in drupal was
$sql="SELECT * FROM {emp} WHERE age=".$age." and religion=".$rel." and category=".$categ;
$result=db_query_range($sql,0,10);
while($data=db_fetch_object($result))
{
print $data->id." ".$data->name."<br>";
}
I get no result or error . I'm trying different query with each field and all are fine except using enum.
for ex: $sql='SELECT * FROM {emp} WHERE religion="'.$rel.'"';
Is there any problem in using enum datatype in drupal
Enum is not something that I believe drupal can make with the schema API, which is what you in most cases want to use for modules and stuff. Also you are lacking an ending ) in your reference to it, but I'm sure you did it right when your made the table.
Enum is only a constraint that is built into the database when inserting values. So if you try to insert an invalid value, you will insert an empty string instead. So it wont have any effect on Drupal querying to get data. It also wont have any effect when Drupal insert values, other than converting invalid values to empty strings. You might want to check the your data, to see if it is as expected. You might just get no results because your query doesn't match anything.
Another thing is the way you construct your queries is a big NO NO, as it's very insecure. What you should do is this:
db_query("SELECT ... '%s' ...", $var);
Drupal will replace %s with your var and make sure there is no SQL injection and other nasty things. %s indicates the var is a string, use %d for ints and there are a few others I can't remember just now. You can have several placeholders like this, and they will be insert in order, much like the t function.
Seconding Googletorps advise on using parameterized queries (+1). That would not only be more secure, but also make it easier to spot the errors ;)
Your original query misses some quotes around your (String) comparison values. The following should work (Note the added single quotes):
$sql = "SELECT * FROM {emp} WHERE age='" . $age . "' and religion='" . $rel . "' and category='" . $categ . "'";
The right way to do it would be something like this:
$sql = "SELECT * FROM {emp} WHERE age='%s' and religion='%s' and category='%s'";
$args = array($age, $rel, $categ);
$result = db_query_range($sql, $args ,0 , 10);
// ...