I am a total newbie. I have a database with a table called OUTPUTS where all columns are of type integer. I am trying to insert a row into OUTPUTS with the following ruby script:
require 'rubygems'
require 'sqlite3'
...
db=SQLite3::Database.new("development.sqlite3")
db.execute( "INSERT into OUTPUTS (user_id,eac,pac,vac,iac,epv,ppv,vpv) VALUES (10,#eac,#pac,#vac,#iac,#epv,#ppv,#vpv);" )
Upon running this script, I do get a new row and the user_id column has a 10 in it as expected, but the rest of the columns are empty even though I verified that all of the variables (#eac, #pac, etc) do indeed contain values. What is wrong with my syntax?
You're sending the names of the variables to sqlite, not their values. This is what you want:
db.execute( "INSERT into OUTPUTS (user_id,eac,pac,vac,iac,epv,ppv,vpv)
VALUES (10,#{#eac},#{#pac},#{#vac},#{#iac},#{#epv},#{#ppv},#{#vpv});" )
But even better would be to use variable binding like this:
db.execute( "INSERT into OUTPUTS (user_id,eac,pac,vac,iac,epv,ppv,vpv)
VALUES (10,?,?,?,?,?,?,?)",
#eac,#pac,#vac,#iac,#epv,#ppv,#vpv)
(I may have messed up my count there).
Check out How do I use placeholders in an SQL statement? for some more details.
Related
As far as i have seen the documentation on some statements dynamic operations are not allowed like if i want to execute the statement
res = conn.exec_params('CREATE DATABASE $1',[dbname])
i am getting this error
Error: ERROR: syntax error at or near "$1"
LINE 1: CREATE DATABASE $1
while if i use select statement SELECT * FROM pg_database WHERE datname = $1 this statement is successful.
While the above issue was not there with dbd/pg gem but it seems it hasnt been released from past 2010 which translate the dynamic paramters into native pg and with latest ruby and pg gem dbd/pg is not working.
My question is do we have any way with native PG gem to perform dynamic replacement of variables with create database, insert into like statements. OR is there any alternative for dbd/pg which offers same functionality?
Placeholders (i.e. $1, $2, ...) are for values. A database name (or table name, column name, ...) is an identifier. This is similar to the difference between a variable name and the value the variable holds in Ruby.
If you need to dynamically insert an identifier in some SQL then you need to use string interpolation and the special purpose quote_ident method to make sure you quote it properly. So something more like this:
db_name = conn.quote_ident(db_name)
res = conn.exec("CREATE DATABASE #{db_name}")
I am trying to insert values into a table on a db2 db, and its inputting single quotes.. argggh
So I am able to insert values using
insert into table abc.house (house_name, is_active) values ('Treasure', 1);
however when selecting the value in the table is 'Treasure' which I don't want those lovely quotes.
If I try to use:
insert into table abc.house (house_name, is_active values (Treasure, 1);
I get an error
com.ibm.db2.jcc.am.SqlSyntaxErrorException: DB2 SQL Error: SQLCODE=-206, SQLSTATE=42703, SQLERRMC=TREASURE, DRIVER=4
Any solutions? Thanks, JT
so i learned that the sql UI that was set up, was done so that for Varchar values single quotes are part of the return from a query. The UI shows 'Treasure', whereas if I query on the command line the return is simply Treasure
Good to go. using insert statement with single quotes around the value is good syntax.
That's correct. We MUST put single quotes across char/varchar/blob data.
I'm trying to update my database in Delphi, but I'm not getting it right.
What I want is simple. This is my code:
form1.ADOQuery1.SQL.Clear;
form1.ADOQuery1.SQL.Add('Update Table1 set mark=' +Form1.Edit4.Text);
form1.ADOQuery1.ExecSQL;
So basically, what I want is the Text written in the Edit to go into my database with the UPDATE function, where my database table is table1 and the field is named mark.
There is not enough information in your question to provide a definitive answer. However, I can make an estimated guess.
What you have shown would only work successfully if mark is defined as an ordinal or boolean field, and the user is entering appropriate numeric/boolean values into the TEdit.
But, if the mark field is defined as a textual field instead, you need to wrap the Text value in quote characters, otherwise you will produce invalid SQL syntax.
Imagine you entered a Text value of 'hello world'. Your original SQL statement would end up being the following, which is invalid syntax:
Update Table1 set mark=hello world
You need to wrap text values in quote characters instead:
Update Table1 set mark='hello world'
Or:
Update Table1 set mark="hello world"
For example:
form1.ADOQuery1.SQL.Add('Update Table1 set mark=' + QuotedStr(Form1.Edit4.Text));
Or:
form1.ADOQuery1.SQL.Add('Update Table1 set mark=' + AnsiQuotedStr(Form1.Edit4.Text, #34));
It is important to use a function like (Ansi)QuotedStr() to avoid SQL injection attacks. This is done by ensuring any embedded quote characters in the input text are escaped property. Otherwise, if you just did something like this instead:
form1.ADOQuery1.SQL.Add('Update Table1 set mark="' + Form1.Edit4.Text + '"');
The user could enter a text value like '"; <arbitrary SQL here>' and really reek havoc with your database.
The safer approach is to use a parameterized query instead, and let ADO handle any necessary SQL formatting for you (make sure TADOQuery.ParamCheck is true):
form1.ADOQuery1.SQL.Clear;
form1.ADOQuery1.SQL.Add('Update Table1 set mark=:Mark');
form1.ADOQuery1.Parameters.ParamByName('Mark').Value := Form1.Edit4.Text;
form1.ADOQuery1.ExecSQL;
Is it possible to update 2 columns in an Update statement that are in different tables? - The reason for the"scripted":
Where "Scripted" will be the "flag" so the formula does not run again on the same records if this field is filled in.
MERGE INTO arinvt_lot_docs ALD
USING
(SELECT arinvt.id,arinvt.class,fgmulti.in_date fgmulti.cuser3 FROM arinvt,fgmulti
WHERE arinvt.class LIKE 'CP%'
OR arinvt.class LIKE 'FG%'
OR arinvt.class LIKE 'IN%'
OR arinvt.class LIKE 'LA%'
OR arinvt.class LIKE 'PK%') Classes
ON (ALD.arinvt_id = classes.id
AND to_date(in_date) = '31-Dec-2015') --just picked a date to validate
WHEN MATCHED THEN
UPDATE SET non_conform_id = '21', fgmulti.cuser3 = 'SCRIPTED' --this text "Scripted" will fill in a field that will tell us in our reports if this was set by the script
I would like to join the tables using the arinvt.id field that is present in all 3 tables ARINVT_LOT_DOCS, FGMULTI & obviously ARINVT. ARINVT_LOT_DOCS & FGMULTI contain the NON_CONFROM_ID field that needs to be changed to '21'. The FGMULTI table also contains the CUSER3 field that would have "SCRIPTED" entered in it. The ARINVT table contains the Class of the inventory item which reflects in the conditions mentioned.
You cannot update two tables in one query in Oracle and other DBMS such as SQL Server but you can use transaction to achieve similar result.
This oracle community answers exactly that, if you try to join two tables, you will get this error
ORA-01776: cannot modify more than one base table through a join view
You can use transactions to update two tables in batch-like statement.
This https://stackoverflow.com/a/2044520 shows how to do it but for SQL Sever though. You need similar statement in Oracle.
<-------PeopleCode------>
Hi,
I have a SQL query that i have tried executing using both SQLEXEC and SQL.fetch() but the problem is, when I am passing the values to parameters (:1,:2...) it does not return a row but when I hardcode the values in the where clause of the query itself, it retrieves the correct value.
Can anybody help?
My query looks similar to the following sample query :
Select * from PS_rec1 where emplid=:1 and plan_type=:2
it returns no data till i hardcode the values.
I have checked the values at the back end and some data is there to be fetched. Moreover, the same query retrieves data when ran in TOAD.
Have you tried outputting your binds to a log file just before you use them in your SQL statement?
If the binds aren't working, but literals are, then perhaps your binds don't contain the values that you expect them to.
You could also try explicitly setting the binds to the values that you're expecting just before the SQL statement. This will prove that the way you're passing in the binds is working correctly.
It required another update to the same record to get the values fetched in SQL exec.
M not sure what was the problem but i guess it might be that the previous update did not write the changes to the db even after an explicit commit.
Ok, you need to put your exact SQLExec statement in the question.
But, do you really have "Select * ..." in a SQLExec? How many columns are in your table? Since you mention the where clause, is your statement
SQLExec("select * from PS_rec where emplid=:1 and plan_type=:2", &var1, &var2, &vartocontainthewholerow);
Which will work in a SQL tool (toad) but probably does not work in AE or any type of Peoplecode program.
Now if your table has three columns, should you not have something like this:
SQLExec("select emplid, plan_type, column3 from PS_rec where emplid = :1 and plan_type=:2", &emplidIn, &plan_typeIn, &emplidOut, &plan_typeOut, &column3Out);
Notice that with three columns in the table that emplid and plan_type are two of them, you need to list all the columns you want, not asterisks '*'. Kind of silly to select the emplid and plan_type though.