|
holdorf wrote:
I have a SQL query that is returning From where?
This looks weird like this; where did the rest of the question go?
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Hi all, I have a function that receives a column name and it will return this column name when the function is called, if the column name is not null.
This function will be called in a stored proc inside of the Select statement. The function will return the name of a column entered as input and it will be used inside of the Select statement.
The following is my function
Create function GetName(@C nvarchar(50))
Returns nvarchar(50)
As
Begin
Declare @Col_Name nvarchar(50)<br />
IF (@Col IS NOT null)
Begin
Set @ColumName = @Col<br />
END
Return @Col_Name
End
I expect this function to return any input a user enters but it doesn't return anything and I'm not getting any errors. Also how do I call this function in my stored proc so that the column name is added to the select statement automatically. Any help is great, thanks.
modified 29-Apr-15 10:34am.
|
|
|
|
|
|
Hi, thank you all for responding. I decided to use a stored proc instead of a function and used Dynamic SQL to write my query.
Create Porocedure GetName
(
@column nvarchar(50)
@columnData nvarchar(50)
)
As
Begin
Declare @MyQuery nvarchar(300)
set @column= IF (@column IS NOT null AND @column ='TableA.SomeColumn')
Begin
Set @MyQuery = N'Select'+ TableA.[@column] + 'from dbo.TableA
(where TableA.Column1 LIKE' + @columnData + '+ ''%'' OR' + @columnData + 'IS null)'
END
End
EXEC sp_executesql;
I get no errors but it does not work. Any help will be greatly appreciated, thanks.
modified 29-Apr-15 19:53pm.
|
|
|
|
|
The statement "EXEC sp_executesql;" should include your variable (@MyQuery)
Mongo: Mongo only pawn... in game of life.
|
|
|
|
|
Try this:
CREATE PROC dbo.GetName
(
@column sysname,
@columnData nvarchar(50)
)
As
BEGIN
DECLARE @MyQuery nvarchar(max), @RealColumnName nvarchar(130);
SET NOCOUNT ON;
SELECT
@RealColumnName = QuoteName(name)
FROM
sys.columns
WHERE
object_id = OBJECT_ID('dbo.TableA')
And
name = @column
;
If @RealColumnName Is Null
BEGIN
RAISERROR('Invalid column name: "%s"', 16, 1, @column);
Return;
END;
SET @MyQuery = N'SELECT ' + @RealColumnName + N' FROM dbo.TableA WHERE (' + @RealColumnName + N' Like @columnData + N''%'' Or @columnData Is Null)';
EXEC sp_executesql @MyQuery, N'@columnData nvarchar(50)', @columnData = @columnData;
END
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Now that is a good explination
Mongo: Mongo only pawn... in game of life.
|
|
|
|
|
You made a typo in your explanation code, at least I hope it is not in your actual function.
@Col_Name is not defined. @ColumName is.
Mongo: Mongo only pawn... in game of life.
|
|
|
|
|
Hi, thanks for replying. I caught that error and my query now runs but it returns nothing
|
|
|
|
|
Hello,
Is it possible to start a SSIS 2012 DTSX-package via DTEXEC.exe (classic method in command shell) or Integration Services Catalogs (SQL Server 2012) without validating it?
I have several very big packages and the validations take several minutes causing performance problems because I have to run the packages every XX minutes and the validations take too much time.
I read the documentation of DTEXEC.exe and found a parameter that can be used in order to validate a package without executing it, but I need the opposite thing: just execute without validate it!
Thanks for any advices!
Best wishes,
Miroslav
|
|
|
|
|
|
Dim cn As String
con.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\surendera\Documents\student.accdb"
cn = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\surendera\Documents\student.accdb"
con = New OleDbConnection(cn)
cmd.Connection = con
con.Open()
cmd.CommandText = "INSERT into user_acnt(user_name,pas_word) values('" + login.TextBox1.Text + "' ," + login.TextBox2.Text.ToString + ")"
cmd.ExecuteNonQuery()
MsgBox("record successfully saved", vbInformation)
con.Close()
what is the problem in this code...when i run this code it says no value given for some parameter. this code is written within a vb clas named class1 and table name is useracnt
plz suggest me the solution
surendera singh
|
|
|
|
|
There seems to be some confusing code there; you have the connection string twice. You are also using string concatenation in your INSERT statement which leaves you open to SQL injection attacks, and the loss or destruction of your database. You are also displaying the message "record successfully saved" without checking that it actuallky has been, so leading to other errors that you will not know about. I suggest getting hold of some learning materials before going any further.
|
|
|
|
|
In addition to the SQL Injection[^] vulnerability, you're also storing passwords in plain text. You should only ever store a salted hash of the user's password.
You should also wrap the connection and command objects in Using blocks, to ensure that their resources are properly cleaned up.
You should also give your controls proper names, so that their meaning is obvious. Using the default names (TextBox1 , TextBox2 , etc.) will only confuse you when you come back to this code later.
To fix the immediate problem, use a parameterized query:
Using con As New OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=C:\Users\surendera\Documents\student.accdb")
Using cmd As New OleDbCommand("INSERT into user_acnt (user_name, pas_word) values (?, ?)", con)
cmd.Parameters.AddWithValue("p0", login.UserNameTextBox.Text)
cmd.Parameters.AddWithValue("p1", login.PasswordTextBox.Text)
con.Open()
cmd.ExecuteNonQuery()
End Using
End Using
Then, go and read the following articles, and change your database design to store the passwords securely:
Secure Password Authentication Explained Simply[^]
Salted Password Hashing - Doing it Right[^]
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Trying to install MySQL on Windows 7/64 Pro.
It was probably installed and removed a year or so ago. I do use the MySQL Query Browser and the Workbench for remote databases and do not want to remove them.
I do need to be able to test MySQL on my Windows machine so need the Server.
When I download and install any recent MySQL Windows installer the installer does come up but Server is not listed. It did update workbench.
The MySQL bin folder is NOT in program files or program files (x86).
MySQL is not in either Services or Control Panel Uninstall a Program.
How can I get MySQL Server installed and running on my WIn 7????
What am I doing wrong or how do I fix it?
|
|
|
|
|
Did you check your registry?
In Word you can only store 2 bytes. That is why I use Writer.
|
|
|
|
|
Hello all,
How to change the length of a column in a SQL Server table...
Thank you..
|
|
|
|
|
Balaji Naidu wrote: oralce table
Balaji Naidu wrote: SQL Server table
Which is it - Oracle, or SQL Server?
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
|
|
I'm using this,
"Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & m_path & "; Extended Properties=dBASE IV"
for accessing dbf files in Account Mate DOS
Is there an Order By, to sort the records by date?
Or do I have to do a sort on the structure that I stored the values in
|
|
|
|
|
|
Interesting.
I used a DataTable in my RDLC report generator class. Forget that I can sort in the report RDLC Tablix.
So I passed a structure to my database class, to load a DataTable in the report class, to pass to the RDLC.
Guess I should take the DataTable straight to the database function to populate it.
I wrote this early last summer, sort of forgot how it worked.
But good call David on the DataTable.
|
|
|
|
|
I'm trying to find a better way of matching an address. So I was thinking, the credit card processors use the street address 1 and zip or postal code to do a AVS match, and perhaps I should just copy that idea.
I wrote this, sort of copied it and made some edits
But I can't get it right. I can't figure out where to place my input to match against.
DECLARE @PostalCode VarChar(12), @CustomerID Int, @StreetAddress1 VarChar(80);
SET @PostalCode = '92648';
SET @CustomerID = 5;
SET @StreetAddress1 = '18751 Park Haven Lane';
SELECT *
FROM CUSTOMER_SHIPPING_ADDRESS
WHERE LEFT(@StreetAddress1, 5) IN (
SELECT LEFT(StreetAddress1, 5)
FROM CUSTOMER_SHIPPING_ADDRESS
GROUP BY LEFT(StreetAddress1, 5 )
HAVING COUNT(*) > 1
)
AND PostalCode = @PostalCode
AND CustomerID = @CustomerID
|
|
|
|
|
Oh I think I get it now, should of had a cup of coffee this morning
DECLARE @PostalCode VarChar(12), @CustomerID Int, @StreetAddress1 VarChar(80);
SET @PostalCode = '92648';
SET @CustomerID = 5;
SET @StreetAddress1 = '18751 Park Haven Lane';
SELECT *
FROM CUSTOMER_SHIPPING_ADDRESS
WHERE PostalCode = @PostalCode
AND CustomerID = @CustomerID
AND LEFT(StreetAddress1, 5) = LEFT(@StreetAddress1, 5)
|
|
|
|