I've tried searching for my answer but likely don't know the correct phrase(s) to ask. Basically my database has situations where we don't leave the data blank for whatever reason (not my call). For example, we have a url column that is by default "http://" instead of just leaving it blank.
It makes auditing data without exporting and filtering a hassle when you have text that looks like something is there but really isn't. This is just one of a few cases. Is there any way in MYSQL to do an IF statement that will search for the string you know exists and switch it with "" BUT will not replace the values that aren't the string you are replacing?
I've seen IF ELSE statements but my issue with that is that the the other data is being modified which is not ideal since their url is very specific so an else is not ideal.
For example, I had the normal code with this result: Example Image
But this is what happens when I try the IF statement (notice that the "http://" is gone, as I wanted, BUT the other organization URL's have been switched to whatever I put after the last comma): Example Image
I tried the alternative of not including an ELSE hoping that would help but I resulted in the following error:
CODE: IF (o.url = "http://","") as "Web Site"
ERROR: MySQL Error 1064:: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') as "Web Site" FROM organization o LEFT JOIN seed_organization_status ' at line 6 :: SQL:/ DirectQuery ID: 31 User ID: 64432 / SELECT o.organization_id as "track code|link:organization", o.incorporation_dt as "Inc. Date|format:date", os.name as "Company Size", sos.name as "start-up", IF (o.url = "http://","") as "Web Site" FROM organization o LEFT JOIN seed_organization_status sos ON o.seed_organization_status_id=sos.id LEFT JOIN organization_size os ON o.organization_size_id=os.organization_size_id WHERE sos.name = "Start-Up" ORDER BY o.name
Any help would be greatly appreciated. Thank you!
Related
I want to create simple app to search some data in specific table.
I've got one database and can connect to it.
Also when I hardcoded table name it works great.
But I want to make url like that:
/demo/{table}/{author}
It should work that i give specific table for eg. 'comedy' and next I set name of author for eg. 'smith'.
My booksRepository:
#Query(value = "SELECT * FROM :table WHERE author = :author",
nativeQuery=true)
public List<Book> findByAuthor(#Param("author") String author, #Param("table") String table);
But it didn't work. I've got error:
You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''comedy' WHERE author = 'Smith'' at line 1
It's adding ' to Query. Is there way to delete that? Is it possible or I need to put everything in one table?
Cheers :)
I haven't looked it up, but it seems that the variables in the query SQL can only be used to insert quoted values, not unquoted identifiers like a table name.
So I have a server set up to serve payment requests. A user enters their credit card details in a form.
Query to inject here:
$sql = "UPDATE users SET credit_card'".$credit_card."', cvv='".$cvv."', expdate='".$exp."' WHERE userid='".$_SESSION['userid']."'";
I am trying to change another users password from this query.
Where the $credit_card is posted from a form. Im trying to inject the $credit_card part by writing my own query and getting rid of the rest by adding ;-- to the end.
The statement I am using for $credit_card is :
', password='test' where userid='10';--
Now, I am positive this was working yesterday but now the following error appears and I cannot wrap my head around it. Any help please?
Query failed: UPDATE users SET credit_card'', password='test' WHERE userid='20';--, cvv='', expdate='' WHERE userid='20'
Not all database functions accept multiple statements so the ; delimiter may be considered unexpected input.
The syntax for single-line comments in MySQL is -- Foo (please note the white space after the double-dash).
If the server code is yours, you can just print the actually error message generated by the server (and not some generic "something went wrong" text). If it isn't, just copy and paste the SQL code from the error message into your favourite MySQL client.
mysql php admin table query enter image description here
I don't see why it says partID is giving me a problem? it is in the table and i think i have them linked correctly. I Have changed a few things i replaced comma with the and statement which cleared up alot of my errors. But since I've done that it continues to give me #1305 - FUNCTION homeshopping.partID does not exist. I have even looked at the structures an designer to make sure column names an tables are correct.
Don't forget to post your query as text also.
Because it's missing the keywork IN to have a query like this:
SELECT CONCAT(hscust.first,' ', hscust.last AS Customer,hsitems.description,hsitems.price,hsitems.itemCalss
FROM hscust,hsorders,hslineitem,hsitems
WHERE hslineitems.orderId = hsorders.orderId AND hsitems.partID = hslineitem.partNum AND hslineitem.price = hsitems.price AND partID IN ('CB03', 'CZ82');
I am trying to use the following bit of code to help in seeding my database. I need to add data continually over development and do not want to have to completely reseed data every time I add something new to the seeds.rb file. So I added the following function to insert the data if it doesn't already exist.
def AddSetting(group, name, value, desc)
Admin::Setting.create({group: group, name: name, value: value, description: desc}) unless Admin::Setting.find_by_sql("SELECT * FROM admin_settings WHERE group = '#{group}' AND name = '#{name}';").exists?
end
AddSetting('google', 'analytics_id', '', 'The ID of your Google Analytics account.')
AddSetting('general', 'page_title', '', '')
AddSetting('general', 'tag_line', '', '')
This function is included in the db/seeds.rb file. Is this the right way to do this?
However I am getting the following error when I try to run it through rake.
rake aborted!
Mysql2::Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group = 'google' AND name = 'analytics_id'' at line 1: SELECT * FROM admin_settings WHERE group = 'google' AND name = 'analytics_id';
Tasks: TOP => db:seed
(See full trace by running task with --trace)
Process finished with exit code 1
What is confusing me is that I am generating correct SQL as far as I can tell. In fact my code generates the SQL and I pass that to the find_by_sql function for the model, Rails itself can't be changing the SQL, or is it?
SELECT * FROM admin_settings WHERE group = 'google' AND name = 'analytics_id';
I've written a lot of SQL over the years and I've looked through similar questions here. Maybe I've missed something, but I cannot see it.
"group" is a keyword so you can't use it as-is as an identifier, you have to quote it with backticks (for MySQL at least):
SELECT *
FROM admin_settings
WHERE `group` = 'google'
AND name = 'analytics_id'
Any SQL that Rails/ActiveRecord generates will use the quoted version of the column name so I'd guess that you're generating some SQL (or just a snippet of SQL for the WHERE clause) and neglecting to quote the column names.
I'd recommend against using group as a column name, use something else so that you don't have to worry about sprinkling backticks all over the place in your code.
group is an invalid field name if left unquoted, as it is a SQL keyword. To fix, surround it with backticks in your find_by_sql query, so your DB doesn't attempt to interpret it as the GROUP keyword.
> *1. I need to write this in Active records *
i need to join these 3 tables , but the condition for join is very very selective
$this->db->select(name);
$this->db->from('table0');
$this->db->join('table1','(table1.id=0 AND table0.feild1 = table1.feild1) OR (table1.id=1 AND table0.feild2 = table1.feild2)') // <--- how to write this is my question
i could do a simple join but the main problem is achieving the condition in the join that i have mentioned above.Also this is a small part of a very , very ! big query so i really cant change it back to the native sql query like :
$this->db->query('//entire sql query'); //cant do this, need to write ACTIVE RECORDS
when i write the active records , firebug throws me an error saying :
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near ') OR
any suggestions ?
To be honest, I don't know that it is possible. CI doesn't use true Active Records, so each method has very rigid parameters, and I don't see any that can be tricked into performing the task you need.
What I would try is re-writing your query a bit:
$this->db->select(name);
$this->db->from('table0');
$this->db->join('table1','(table1.id=0 AND table0.feild1 = table1.feild1)', LEFT);
$this->db->join('table1','(table1.id=1 AND table0.feild2 = table1.feild2)', LEFT);
$this->db->where('(table1.id=0 AND table0.feild1 = table1.feild1)');
$this->db->or_where('(table1.id=1 AND table0.feild2 = table1.feild2)');
I believe this query would return the correct values, but you'll certainly want to thoroughly test it. Hope this at least points you in the right direction.