We Keep Coding

MYSQL - Execute procedure to execute statement from table

I am working in a stored procedure that is fetching queries from a table and execute them.
The problem is that I have some queries with single/doubled quotes and it is throwing an error on execute them.
Procedure
delimiter $$
drop procedure if exists run_change_ids_queries$$
create procedure run_change_ids_queries()
begin
declare s_query TEXT;
declare done bool default false;
declare c_queries cursor for
select `query` from `queries` WHERE `executed` = 0 ORDER BY `qry_id` ASC;
declare continue handler for not found set done = true;
open c_queries;
read_loop: loop
fetch c_queries into s_query;
if done then
leave read_loop;
end if;
-- run the query
set #sql = s_query;
prepare stmt from #sql;
execute stmt;
deallocate prepare stmt;
-- update executed flag on query
set #update = CONCAT('UPDATE `queries` SET `executed` = 1 WHERE `query` LIKE \'',#sql,'\';');
prepare stmt from #update;
execute stmt;
deallocate prepare stmt;
end loop;
end$$
Query update urisegments as s inner join change_product_ids as p on concat('{"product_id":"', p.old_id, '"}') = s.primary_key_value set s.primary_key_value = CONCAT('{"product_id":', p.new_id, '"}') where s.app_namespace = 'Shop' and s.primary_key_value like '%product_id%'; is throwing error: [42000][1064] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '{"product_id":"', p.old_id, '"}') = s.primary_key_value set s.primary_key_value ' at line 1
Workaround #01
I already tried to escape single/doubled quotes into \' and \" respectively, but it throws another error:
[42000][1064] You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'{\"product_id\":\"\', p.old_id, \'\"}\') = s.primary_key_value set s.primary_k' at line 1.

Don't try to concatenate the query into the SQL. Prepared statements can contain placeholders, which you fill in when you use the EXECUTE statement.
set #update = 'UPDATE `queries` SET `executed` = 1 WHERE `query` = ?');
prepare stmt from #update;
execute stmt USING #sql;

The statement is not escaped.
All single/doubled quotes should be escaped.
update urisegments as s
inner join change_product_ids as p on concat(\'{\"product_id\":\"\', p.old_id, \'\"}\') = s.primary_key_value
set s.primary_key_value = CONCAT(\'{\"product_id\":\', p.new_id, \'\"}\')
where s.app_namespace = \'Shop\' and s.primary_key_value like \'%product_id%\';

Instead of testing for the query, test for its id:
... WHERE qry_id = ?
(Add that column to the initial SELECT.)

calling stored procedure is giving an error

The error mysql is throwing is
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NULL' at line 1
My using phpmyadmin to wreite procedures.
and my stored procedure is
BEGIN
DECLARE page_limit int(100);
DECLARE page_no VARCHAR(100);
DECLARE rstarts int(100) DEFAULT 1;
DECLARE rends int(100) DEFAULT 15;
DECLARE query varchar(255) ;
set query = ' select brandid from brandinfo limit #rstarts,#rends';
PREPARE stmt FROM #query;
set rstarts = 15;
set rends =1;
EXECUTE stmt using #rstarts,#rends;
DEALLOCATE PREPARE stmt;
END

Declared variables and variables beginning with # are two different stories. Read about user defined variables (the ones with #).
DELIMITER $$
CREATE PROCEDURE your_procedure_name()
BEGIN
SET #rstarts = 1;
SET #rends = 15;
set #query = 'select brandid from brandinfo limit ?, ?';
PREPARE stmt FROM #query;
EXECUTE stmt using #rstarts, #rends;
DEALLOCATE PREPARE stmt;
END $$
DELIMITER ;
Also in your query string you want to use ? as parameters, not the variable names. And you might miss on setting the delimiter to something different than ;

MySQL how do you make a prepare statement with a variable?

This is the stored procedure I'm trying to use
DELIMITER ##
CREATE PROCEDURE exportFile()
BEGIN
DECLARE filename VARCHAR(255);
SET filename = CONCAT('~/Sample',NOW(),'.csv'));
SET #outfilestmt = concat('SELECT * INTO OUTFILE ',"'", filename,"'",' FROM Results') ;
PREPARE stmt FROM #outfilestmt;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
END ##
DELIMITER ;
This is the error I get
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ');
SET #outfilestmt = concat('SELECT * INTO OUTFILE ',"'", filename,"'",' FROM R' at line 6
Desired Result:
call exportFile
--~/Sample2012-03-14-10:42:51.cvs
call exportFile
--~/Sample2012-03-14-10:42:52.cvs
call exportFile
--~/Sample2012-03-14-10:42:53.cvs

A semicolon is missing after
SET filename = CONCAT('~/Sample',NOW(),'.csv'))
and one brace is too much (also noted by Devart. Thanks). Change it to
SET filename = CONCAT('~/Sample',NOW(),'.csv');
Tested it to be sure. Works!

Stored procedure error on CALL

I am trying to call a procedure which compiles successfully but on calling I get this error:
Query: call proc5
Error Code: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'NULL' at line 1
This is my Stored procedure:
DELIMITER $$
CREATE DEFINER = `root` #`localhost` PROCEDURE `proc5` ()
BEGIN
DECLARE done BOOL DEFAULT FALSE ;
DECLARE tablename VARCHAR (100) ;
DECLARE tracktables CURSOR FOR
SELECT
TABLE_NAME
FROM
information_schema.TABLES
WHERE TABLE_SCHEMA = 'db1' ;
DECLARE CONTINUE HANDLER FOR SQLSTATE '02000' SET done = TRUE ;
OPEN tracktables ;
myloop :
LOOP
FETCH tracktables INTO tablename ;
IF done
THEN CLOSE tracktables ;
LEAVE myloop ;
END IF ;
SET #s = CONCAT(
'INSERT INTO db2.test1 SELECT * FROM ',
#tablename
) ;
PREPARE stmt1 FROM #s ;
EXECUTE stmt1 ;
DEALLOCATE PREPARE stmt1 ;
END LOOP ;
END $$
DELIMITER ;
Actually, I want to select all the tables from a database and insert those tables into one table which is in another database using MySQL Cursors. And when I call this stored procedure I get the above error.

The problem is that you are mixing declared variables and impromtu #vars.
var -> tablename does not equal var -> #tablename.
Change the set line to:
SET #s = CONCAT(
'INSERT INTO db2.test1 SELECT * FROM `'
,tablename
,'`'
) ;
Now it should work.
The backticks ` should not be needed, but are there just in case.

Mysql Stored Procedure Issue

When creating the following procedure I receive this error message:
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near
'd_query;
set d_result = execute stmt;
deallocate prepare stmt; ' at line 15
But after checking I can't see the error. Line 15 relates to 'if d_query is not null then'.
Is this the true error? Or is it not happy to accept an execute as an assignment to d_result?
Any help would be greatly appreciated.
delimiter |
create procedure runtests()
begin
declare d_test_id char(20);
declare d_query text;
declare d_result text;
declare cur cursor for select test_id, query, result from datavalidator order by test_id;
open cur;
repeat
fetch cur into d_test_id, d_query, d_result;
if d_query is not null then
prepare stmt from d_query;
set d_result = execute stmt;
deallocate prepare stmt;
update datavalidator set result = d_result;
end if;
until done end repeat;
close cur;
end;
|
delimiter ; |

"Note that a literal string expression or a user variable are the only ways you can specify the statement to be prepared.", from this documentation.
Try writing the value into a user variable before trying to prepare, perhaps something like:
set #q_sql = d_query;
...or write directly into the user variable in the fetch line.