Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I'm trying to pull a simple count distinct from a table in MySQL. The query is the following:
select COUNT (DISTINCT column1) as distinctVol
from table1
The error I'm getting is below:
Error: You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'DISTINCT call_reference) as distinctVol
from dlr_calls_hist' at line 1 (State:37000, Native Code: 428)
I've already tried in various different ways, but I can try things again upon suggestions, to make sure it's not typo related.
I've also given it a go with an online SS to MySQL converter (I'm used to using SQL Server), which just spat back the same syntax.
Yes, I could potentially output data and import it into SQL Server, which is the final aim of my efforts, but first I would need to create the dataset as the entire db in MySQL is too large with quite a bit of unnecessary info - trying to keep the resource waste to minimum.
All ideas welcome, and thank you in advanZe!
In MySQL, when using aggregate functions, you can't have whitespace between the function name and the (. Change to:
SELECT COUNT(DISTINCT column1)
FROM table1
DEMO
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 2 years ago.
Improve this question
I don't have much experience with mySQL but I thought I knew the basics. However, I am clearly missing something. I am using a database that has 6 tables, I can look at 5 of them with no problem. I was looking for some values and I wasn't sure which exact table it was in so I typed in my mySQL 101 level statement- 'SELECT * FROM project', received the values, and saw that my target was not in there. So I next ran 'SELECT * FROM release' except that command does not work.
The MySQL Workbench underlines the word 'SELECT' and the tooltip message says- "select" is not valid at this position for this server version
When I attempt to run the command, I get Error Code: 1064. You have an error in your SQL syntax
So I tried deleting and rewriting, thinking it was some sort of bug but restarts and everything else I have tried is not helping and I have been unable to google anything relevant.
full command-
USE scorecarddb;
SHOW TABLES;
SELECT * FROM release;
but I usually just use the 1 line command run (aka I only run line 3 since I am already in the scorecard db). And I don't think it is an actual syntax error because if I change the word 'release' to 'project' or any of the other table names, it works
release might be a reserved keyword. Try using:
SELECT * FROM `release`;
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
this error
2 errors were found during analysis.
This type of clause was previously parsed. (near "WHERE" at position 64)
Unrecognized statement type. (near "WHERE" at position 64)
SQL query: Documentation
SELECT * FROM helpdeskrequest
WHERE detail LIKE '%New PC%'
AND WHERE type='HW'
MySQL said: Documentation
1064 - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE type='HW'' at line 2
{SELECT * FROM helpdeskrequest
WHERE detail LIKE '%New PC%' AND WHERE type='HW'}
You don't need the double WHERE:
SELECT * FROM helpdeskrequest
WHERE detail LIKE '%New PC%' AND type='HW'
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 6 years ago.
Improve this question
Mysql Delete query VS Mysql Triggers (which is fast option?)
Triggers if you want your DBA to be in control of the code.
Query if you want your programmers to be in control of the code.
To clarify:
If it's a trigger, then the implication is that it's part of the database design for things to work that way. i.e. the structure of the database depends on it working that way.
If it's query code, then the implication is that the action is part of your business logic, and not critical to the core structure of the DB.
As mentioned before, they are different things. From MSDN: "A trigger is a special kind of stored procedure that automatically executes when an event occurs in the database server"; whereas a DELETE is a DML statement, that is, statement to manipulate database records. In this case, used for removing database records from a table or view.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 years ago.
Improve this question
I want to run a MySQL query and then process all the result sets. The MySQL
5.7 documentation says that the way to do is to use SELECT ... PROCEDURE
stored_procedure_name(parameters). I created a stored procedure that does what I want without any problems. I used it in a SELECT ... PROCEDURE query and got this syntax error:
ComposeStatement (identifier) is not valid at this position
(where ComposeStatement is the name of my stored procedure). I checked I have the proper number of parameters and they are of the proper type. Using a
different procedure gives the same error (with the obvious change in name).
The documentation shows an example of this syntax using a procedure called
ANALYSE (which I understand from another post is now deprecated, but I really don't care about using ANALYSE specifically). When I tried the example I get the same error, with ANALYSE as the identifier. The errors I'm getting are
not in the procedures themselves, which is why many earlier posts don't apply.
Any suggestions? The SELECT..PROCEDURE construct sounds like it's exactly
what I need.
The MySQL feature #LarryGriffith references has nothing to do with stored procedures.
It's related to this deprecated feature: https://dev.mysql.com/doc/refman/5.7/en/procedure-analyse.html
SELECT col1, col2 FROM table1 PROCEDURE ANALYSE(10, 2000);
This use of the PROCEDURE query modifier is like putting a filter function on the result set from a query. It's analogous to a pipeline in the shell:
ls | grep myfile
The thing is, the "procedure" you use (ANALYSE() in the example) is not a stored procedure of the type you can write with CREATE PROCEDURE.
You would have to code the filtering function in C++ and compile it with the MySQL source.
The ANALYZE() example was originally meant as a proof of concept or example that developers could follow if they wanted to develop their own query filters. But I've never heard of anyone who actually did create a query filter of their own.
Last year it was announced that the SELECT ... PROCEDURE ANALYZE() feature was intended to be deprecated in MySQL 8. http://www.tocker.ca/2015/06/29/plan-to-deprecate-procedure-analyse.html
If you need to post-filter a query result, it's far easier to write a script (in Python or whatever your favorite language is), which fetches the raw data from the query result, and then does whatever you need to do with it.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
Okay so basically I'm a little bit stumped. This question is regarding the JDBC driver. Basically we own a server that is hosted on this driver, and it's running MYSQL. We are using coldfusion as our language of choice. We have a GET parameter ?lang= and injecting the character '\' into it prompts the error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near and no other character causes this error. I am sort of worried here. Can anyone tell me how an attacker would approach an sql injection attack into this parameter? So I can understand how I can filter it because in my code I am properly filtering preg_match on \ character and yet I still get this error. How would I be able to inject this parameter? Can someone point me to a guide or something, or if it's even possible. Just so I can rest in piece assuming it's not. But anyhow if this information is necessary the mysql version is 5.1.30 and the exact driver name is MySQL-AB JDBC Driver. Thanks for taking your time to help me out!
\ can be an escape character in mysql.
For example, an attacker could use the \b sequence to delete portions of your query and rewrite with their own injected sql.
The most reliable way to prevent sql injection attacks is to use parametrized queries.
See also:
Mysql character escape sequences
Preventing Sql Injection in Java
Using prepared statements
Also be aware that in many databases (not absolutely sure about the JDBC/Mysql combination) it is also possible to "inject" a wildcard character into a sql LIKE clause, even with a parametrized query. "Injection" in this particular case is not always a problem - in fact, in many cases it may be exactly the desired behavior. However, it can be a problem, if for example, you were doing something horrid like SELECT * FROM Users WHERE UserName LIKE #userInput AND Password LIKE #passwordInput (which would allow anyone to log in simply by inputing the % wildcard character on the screen for both fields).