Please I am new. I am performing an insert select and I want to remove the slashes in a particular field say field b at the select portion of the query.
eg. insert into mytable(a,b,c) select a, stripslashes(b),c from mysecondtable;
Please help.
you can use REPLACE like this:
insert into mytable(a,b,c)
select a, REPLACE(b, '\\', '\') as b, c
from mysecondtable;
The REPLACE expression might have to be refined, but I hope this gets you started.
You can use MySQL String functions, e.g. replace.
Also consider sanitizing or preparing any input to the SELECT in the calling application before you execute the query.
use the SUBSTR function of mysql or do something like this:
"insert into table set value = " . stripslashes('whatever')
Are you doint this with PHP? Then a simple $fieldB = strip_slashes($_POST['b']); should do. You should then use $fieldB in your query.
Related
Its very weird situation I know, nut I have got myself into it somehow. I have to connect to some other system service by passing some parameters in url.
In their service they are creating some query using parameter I pass.
For my case I have to pass 'Select' as a parameter name which is actually some class name on their side. So they end up in creating query as Select * from select
and some condition.
On execution I am getting error response as:
'There was a syntax error in a SQL query or filter expression at line
1, position 186. Saw \"Select\" but expected
'..SQL: \"SELECT col1, col2 FROM Select AS D where
some condition.
Can somebody help me on this.
Since Select is reserved word, you have to escape it by enclosing in backticks characters in order for MySQL to process your query:
select * from `select`
Its recommended not to use MySQL reserved keywords.. but if its necessary there is a solution..
Use this, it will work for you :
select * from yourdatabasename.select
I'm using PDO to connect to MySQL. Everything is working fine, except this doesn't work.
Does anyone knows why? And how should i do it?
SELECT * FROM flagIt WHERE :flagids LIKE CONCAT('%', flagIt.flagIt_id, '%')
:flagids is equivalent to a string like "ID1 ID2 ID3".
EDIT (just to compare)
SELECT * FROM flagIt WHERE 'ID1 ID2 ID3' LIKE CONCAT('%', flagIt.flagIt_id, '%)
If i use like this, it works fine, so...why it does not work with :flagids?
I hope you understand my problem.
Thank you very much.
EDIT
I tried:
"SELECT * FROM flagIt WHERE flagIt.flagIt_id IN(:flagids)"
and as Hobo Sapiens suggested
"SELECT * FROM flagIt WHERE FIND_IN_SET(flagIt.flagIt_id, :flagids)"
and nothing works!!!!!!!!!
This is the query you're submitting to PDO::prepare():
SELECT * FROM flagIt WHERE :flagids LIKE CONCAT('%', flagIt.flagIt_id, '%')
The process of preparing a statement doesn't just involve evaluating the contents of the placeholders, substituting them in a string and executing the resulting query.
A prepare asks the server to evaluate the query and prepare an execution plan that includes the table and indexes it will use. For that it needs to know which columns of which tables it must work with, which is why one cannot use a placeholder where you would need an identifier.
The problem with your query is that the server has no way to know at the time it prepares the statement whether the placeholder represents a string literal or a column identifier. Without that information, the preparation cannot be done, and your prepare will fail.
If you have some flexibility over the value you're using in :flagids you could use find_in_set():
SELECT * FROM flagIt WHERE find_in_set(flagIt_id, :flagids)
where a variable containing, for example, 'ID1,ID2,ID3' is bound to :flagids.
This will be fine for small lists, but will be slow for a large list.
MySQL reference for find_in_set()
In my table I have a field with data such as 1,61,34, and I need to see if a variable is in that.
So far I have this
SELECT id, name FROM siv_forms WHERE LOCATE(TheVariable, siteIds) > 0
Which works, with the exception that if the siteIds were 2,61,53, and TheVariable was 1, it would return the row as there is a 1 in 61. Is there anyway around this using native MySql, or would I need to just loop the results in PHP and filter the siteIds that way?
I've looked through the list of string functions in MySql and can't see anything that would do what I'm after.
Try with find_in_set function.
SELECT id, name FROM siv_forms WHERE find_in_set(TheVariable, siteIds);
Check Manual for find_in_set function.
I need to update a bunch of records in my database that store a slug in an article table. I mistakenly set the slugs to end in "-html" rather than ".html" and I need a query that will fix this.
I don't really understand how to use variables, so I'm hoping someone here can help.
Would someone please write for me a SQL query that's something like:
UPDATE table
SET table.slug = '%.html%'
WHERE table.slug LIKE '%-html%'
Obviously, that's not correct, but I don't know the correct way to write it.
Here's a quick-and-dirty example using REPLACE()
UPDATE table
SET slug = REPLACE(slug, '-html', '.html')
WHERE slug LIKE '%-html'
Just be warned that this will replace any occurrence of -html, even if it's not at the end of the string.
A more comprehensive approach might be
UPDATE table
SET slug = CONCAT(TRIM(TRAILING '-html' FROM slug), '.html')
WHERE slug LIKE '%-html'
Mine will only replace the last '-html', and append '.html'by CONCAT:
UPDATE table
SET slug = CONCAT(SUBSTRING(slug, 1, LENGTH(slug) - 5), '.html')
WHERE slug LIKE '%-html'
You have to make use of replace command.
UPDATE Table Tablename
SET MyColumnname = REPLACE(MyColumnname, '-html', '.html')
WHERE MyColumnname LIKE '%-html%'
I'd make use the the TRIM and CONCAT functions:
Something like this:
UPDATE `table` t
SET t.slug = CONCAT(TRIM(TRAILING '-html' FROM t.slug),'.html')
WHERE t.slug LIKE '%-html'
Note that the TRIM(TRAILING '-html' will remove all occurrences of that specified string from the end of the column value, so if I had (for example) a column value of 'foo-html-bar-html-html', that would return 'foo-html-bar'.
I use the CONCAT function to append '.html'.
The WHERE clause guarantees that I will only be modifying rows that have a column value ending in '-html'.
http://dev.mysql.com/doc/refman/5.5/en/string-functions.html
I have the following query:
INSERT INTO insertlog (Inforamtion) VALUES (
concat("Row Was Inserted",curdate());
MySQL is returning an error, but I cannot figure out why. My google searches do not show examples on how to perform something like this.
use it simpler like that
INSERT INTO insertlog (Inforamtion)
SELECT concat("Row Was Inserted ",curdate()) ;
be sure if your column is Information or Inforamtion
your query also works but you missed ) in the end . here demo with both solutions :
Demo to try here
I think you are missing one closing )
Moreover as Bill pointed, you may have spelled your column name incorrectly - information