My table contain only two row. When i am giving empid and password of another row stil login is done. This is my procedure
CREATE OR REPLACE PROCEDURE prco_LoginCheck(Emp_Id IN number,
Cpassword In varchar2,
cur_out out Types.cursor_type) AS
BEGIN
open cur_out for
select count(*) from TBL_REGISTRATION a
where a.confirm_password= Cpassword and a.emp_id=Emp_Id;
END prco_LoginCheck;
Aside from the fact that storing a password in a table is a horribly insecure design (you should only be storing a hash of the password plus some random salt), and the fact that it doesn't make a lot of sense to define your own weak ref cursor type rather than using the built-in sys_refcursor (unless you really need to work with ancient versions of Oracle), and that returning a cursor from a procedure seems like a really odd way to do a login rather than writing a function that returns a boolean or some indicator, the problem is one of naming conventions.
When you write the SQL statement
select count(*)
from TBL_REGISTRATION a
where a.confirm_password= Cpassword
and a.emp_id=Emp_Id;
I assume that your intention is to compare the emp_id column in tbl_registration to the emp_id parameter. That is not actually what is happening, however. Your unqualified emp_id is resolved as a column in the table not the parameter. Normally, people use a naming convention to ensure that parameter names don't match column names. I, for example, generally use a p_ prefix for parameters and l_ for local variables. That would look something like
CREATE OR REPLACE PROCEDURE prco_LoginCheck(p_Emp_Id IN number,
p_password In varchar2,
p_cur_out out Types.cursor_type) AS
BEGIN
open p_cur_out for
select count(*)
from TBL_REGISTRATION a
where a.confirm_password= p_password
and a.emp_id=p_Emp_Id;
END prco_LoginCheck;
It is also possible to use your existing parameter names and just fully qualify the emp_id to force it to resolve to the parameter name
CREATE OR REPLACE PROCEDURE prco_LoginCheck(Emp_Id IN number,
Cpassword In varchar2,
cur_out out Types.cursor_type) AS
BEGIN
open cur_out for
select count(*)
from TBL_REGISTRATION a
where a.confirm_password= Cpassword
and a.emp_id=prco_LoginCheck.Emp_Id;
END prco_LoginCheck;
Related
I have created a trigger.
In this trigger I would like to have the login user name returned, among other things.
create or replace trigger trg_form_submitted
after insert or delete or update on tbl1
for each ROW
declare
v_user varchar2(30);
v_date varchar2(30);
begin
select v('&APP_USER'), to_char(sysdate, 'DD/MON/YYYY HH24:MI:SS' ) into v_user,v_date from dual;
if INSERTING THEN
....
However this unfortunately does not work I do not get the login name.
Can anyone help?
That's probably because you misused it.
Correct syntax is
v ('APP_USER')
(remove the ampersand & sign).
While #Littlefoot s' answer is 100% correct, there is a more performant option available now. The V is a function that has to be executed every time. A faster way to get the same data outside of your apex application is to use SYS_CONTEXT('APEX$SESSION','APP_USER') which is instant.
Also Note that you don't have to do SELECT INTO to assign variables. Your trigger will be a bit more efficient (one less call to the sql engine) if you just assign the variables:
create or replace trigger trg_form_submitted
after insert or delete or update on tbl1
for each ROW
declare
v_user varchar2(30);
v_date varchar2(30);
begin
v_user := SYS_CONTEXT('APEX$SESSION','APP_USER');
v_date := to_char(sysdate, 'DD/MON/YYYY HH24:MI:SS' );
if INSERTING THEN
....
A couple more tips
A good naming convention is to start the trigger name with the table name and add a suffix, like tbl1_aiud (aiud stands for "after insert update delete"). That way the object name indicates it is related to "tbl1". Naming it "trg" is like naming your work document "Word document xyz.doc"...
Storing a date in a variable or column of datatype VARCHAR2 is a bad idea in 99% of the cases. The datatype DATE is extremely powerful - use that if the data is a date.
I am preparing Oracle SQL program for my team to use. This can eventually used by other teams as well by changing few where conditions. We all are using Toad for Oracle to run the query. So I added variables in the query. See the example code below.
DECLARE v_lob VARCHAR(2);BEGIN v_lob := 't' ;END;
select :v_lob as Test from dual
My issue is when Toad has a pop-up window option to bind the variable. Since my team is using v_lob := 't' any way, I prefer them not to have enter it each time when they query. How can I remove the pop-up window option and use the value 't' for the variable as in the code?
You might want to use a CONTEXT for holding a large number of session variables. This solution should work with any IDE.
One user, one time, must create the context and create a package for setting the context values (based on this oracle-base article):
--Create a package on a shared schema.
create or replace package context_api is
procedure set_parameter(p_name varchar2, p_value varchar2);
end;
/
create or replace package body context_api is
procedure set_parameter(p_name varchar2, p_value varchar2) is
begin
dbms_session.set_context('my_context', p_name, p_value);
end;
end;
/
--Create a context on a shared database.
--(Note that contexts are global objects and don't belong to a specific schema.)
create or replace context my_context using context_api;
Each user then needs code like this in their worksheets:
--At the top of the worksheet, set the variables like this:
begin
context_api.set_parameter('v_lob', 'asdf');
end;
/
--Call the variables with SYS_CONTEXT:
select sys_context('my_context', 'v_lob') as test from dual;
TEST
----
asdf
I have wrote simple stored procedure in Oracle SQL Developer but found, attached ,error on execution/run step.
Here is my code:
CREATE OR REPLACE PROCEDURE EMP_NAME (EMP_ID_IN IN VARCHAR2,
EMP_NAME_OUT OUT VARCHAR2)
AS
BEGIN
SELECT first_name
INTO EMP_NAME_OUT
FROM employee
WHERE emp_id = EMP_ID_IN;
END EMP_NAME;
It also shows this error
The procedure itself seems to be OK. However, its execution is somewhat strange.
I suggest you to run it from the Worksheet itself, such as
declare
l_out employee.first_name%type;
begin
emp_name(100, l_out);
dbms_output.put_line('Result = ' || l_out);
end;
/
Though, why is it a procedure? Wouldn't a function be a better choice? E.g.
create or replace function emp_name (emp_id_in in varchar2)
return employee.first_name%type
is
retval employee.first_name%type;
begin
select first_name
into retval
from employee
where emp_id = emp_id_in;
return retval;
end;
/
You'd run it in a simple manner, as
select emp_name(100) from dual;
There's something wrong with your data dictionary. edit: you're on DB 10g, I'm guessing object_id isn't in the all arguments view. When we go to execute a stored procedure, we ask the database for some information about your code.
SELECT data_type, argument_name name
FROM all_arguments a, all_objects o
WHERE a.object_id=o.object_id
AND o.object_name=? and o.owner=? and a.package_name is NULL
order by position
The error about an invalid object_id - that's coming from this query. What version Oracle Database are you running? Can you see your PL/SQL object in ALL_OBJECTS and do your arguments show up in ALL_ARGUMENTS?
I've taken your code and modified it for the HR.EMPLOYEES table.
It works as expected.
We run some code to be able to show you the two parameters.
I put in a value of '101' for employee number or ID, and hit OK.
Then the OUT parameter is displayed below in the Log panel.
If you open your log panel (view -> log), you'll see a 'Statements' page as well. It's there that you can see ALL the code we execute on the database. That's where I went to get the SQL that's failing for you on the OBJECT_ID. Go look at that, and walk the code and confirm what's not working.
To fix this, go find an OLD copy of SQLDev that supports 10g..like maybe 2.1, OR upgrade your DB to at least 11.2.0.4.
I have an oracle stored procedure that is called from a third party reporting tool. The stored procedure is not returning any rows when it's executing.
I know for a fact the query returns results, it's just something is going wrong in the where clause with the parameters being passed from the website.
I'm trying to see the query that is being executed but the logs do not show the query, only that it's calling the stored procedure. I don't have access to the website code to do a response write and display the stored procedure or the parameters. Can you please provide guidance on how I can view the sys_refcursor from the stored procedure below? I'm using TOAD and when I use the toad script runner I don't see any results
Code
create or replace procedure dolphin.report_four
( p_1 char,
P_2 date,
p_recordset out sys_refcursor)
AS
Begin
Select
column_1,
column_2,
column_3
from dolphin.tank
where
column_1 = 'BAIT' and
column_2 = 'p_2'
end report_four;
Create a table for logging this procedure calls, and add INSERT statement within the procedure to add a row with parameters passed. Remember to COMMIT; after that.
Set the procedure query to:
select /*+ monitor MY_KEY_765746573*/
f1, f2, ...
from ...
Make the app to invoke the procedure.
Then run
select sql_id, sql_fulltext from v$sql where sql_fulltext like '%MY_KEY_'||'765746573%';
Then place SQL_ID found into the call:
select dbms_sqltune.report_sql_monitor('YOUR SQL_ID HERE') from dual;
I hope logging table records along with SQL monitor report give you a clue.
"The stored procedure is not returning any rows when it's executing."
The code as posted executes a select statement but does not pass anything to the REF CURSOR. If this was a real procedure it would through an error when you attempted to run it. Presumably you've made a bish of editing the source for publication on StackOverflow so it's hard to tell whether this situation is a reflection of your actual code, but it ought to do something like this:
create or replace procedure dolphin.report_four
( p_1 char,
P_2 date,
p_recordset out sys_refcursor)
AS
Begin
open p_recordset for
Select
column_1,
column_2,
column_3
from dolphin.tank
where
column_1 = p_1 and
column_2 = p_2;
end report_four;
Opening the REF CURSOR associates the parameter with the query result set.
Hello I am a php developer, trying to get going with Oracle. So I need to pass a collection of variables into an Oracle stored procedure. So as a basic try, I am trying to access a procedure which would accept three parameters, out of which two would be varrays, but when I pass the declared varrays, I am getting an error. I am pretty sure, it is something to do with a little syntax, but i am not able to figure out that thing.
Below is my table schema and stored procedure:
create table emails (
user_id varchar2(10),
friend_name varchar2(20),
email_address varchar2(20));
create or replace type email_array as varray(100) of varchar2(20);
/
show errors
create or replace type friend_array as varray(100) of varchar2(20);
/
show errors
create or replace procedure update_address_book(
p_user_id in varchar2,
p_friend_name friend_array,
p_email_addresses email_array)
is
begin
delete from emails where user_id = p_user_id;
forall i in indices of p_email_addresses
insert into emails (user_id, friend_name, email_address)
values (p_user_id, p_friend_name(i), p_email_addresses(i));
end update_address_book;
Now, below pasted is my the way I am trying to access this procedure from an anonymous block.
declare
type email_list is varray(100) of varchar2(20);
type friend_list is varray(100) of varchar2(20);
emails email_list;
friends friend_list;
begin
emails :=email_list('khwaja#gmail.com','sayya#gmail.com','mayya#gmail.com');
friends := friend_list('kwaja','sayya','mayya');
execute update_address_book('1',emails,friends);
end;
The error I am getting is near the execute, I think I am not supposed to execute a procedure inside a declare block, but I am unable to understand how would I work around.
You don't need the keyword EXECUTE to call the procedure from within a PL/SQL block. Just remove that word.
But it would be helpful if you showed the actual error(s) you're getting as there could be something else wrong. For example, you also have the parameters to the update_address_book() call in the wrong order, and you're recreating new types inside your block instead of using the ones declared earlier.
This will run:
declare
emails email_array;
friends friend_array;
begin
emails := email_array('khwaja#gmail.com','sayya#gmail.com','mayya#gmail.com');
friends := friend_array('kwaja','sayya','mayya');
update_address_book('1',friends,emails);
end;
/