I am writing a function that will take a string variable and work with a column with the name of this variable, but i can't figure out how to write variable in select
I tried this where test is QString variable with value company, but it didnt work like if there was company without variable
QString test = "company";
QSqlQuery password = db->exec("SELECT password FROM '"+test+"'");
Worked with deleted '' of the variable.
QSqlQuery password = db->exec("SELECT password FROM "+test+"");
Related
I'm using Bcrypt to encode the password when the user resets it. The encode is working but in the database the encode changes and the password is not valid, so the user can no longer login.
$options = [ 'cost' => 13 ];
$encodedPassword = password_hash($newPassword, PASSWORD_BCRYPT, $options);
$em->getConnection()->executeUpdate( 'UPDATE User SET password = ? WHERE id = ?',array($encodedPassword, $user->getId()));
$em->flush();
the column option in the database is a varchar(70) with character set utf8 and collation utf8_unicode-ci.
I'm checking here https://bcrypt.online/#bcrypt-hash-validator-verifier that the hash is valid with the result of $encodedPassword but when I check it for what it is in the database I get the result "The plain text does not match the supplied hash."
EDIT
I notice the problem is not with the hash. The problem is the function is running twice and the second time it hashes a null reference and inserting in the database, and that's why the user cannot login.
The problem is that I don't know why the render method ends calling the function __destruct() in the classes.php files multiple times and somehow it executes again the function.
I'm trying to create users with a Function in Postgres. PostGres does not allow me to set a user's password with a parameter.
I've tried casting the parameter to all kinds of different types. Quoting literal on it. Nothing works.
Code:
CREATE OR REPLACE FUNCTION
userlogic_add_user(user_password text)
ALTER USER user_name WITH user_password;
The error msg I receive is Syntax related. But it has something to do with user_password.
The entire code obviously looks a bit different, but these are the parts of interest.
I guess you can always try executing a dynamic command:
EXECUTE ('ALTER USER ' || quote_ident(user_name) || ' WITH PASSWORD ' || quote_ident(user_password) || ';')
I'm using PostgreSQL as DBMS, in my current report I need an optional String parameter to get records by Id, which is a String field.
So I set the Default Value Expression to:
($P{Param} == null || $P{Param}.equals("")) ? "" : "AND id='" + $P{Param} + "'"
When the field is empty the report is created without issues, but when I enter a valid Id the compiler complains:
Caused by: org.postgresql.util.PSQLException: ERROR: syntax error at or near "160E0" Position: 3126
Just like if I was adding double quotes after and before the value I'm passing. Somebody know how to handle this problem when using String values?
I guess, you've created one Parameter, named Param and in your query you have $P!{Param}. Thing is, default value is set only when parameter stays NULL after prompting, so when you input your ID, ${Param} value is passed into query as it was inputed by user (without AND id=' part).
Try creating second parameter, lets name it $P{input}; set its default value to your expression, "Use as a prompt" value to false. Pass it to your query ($P!{input}). Now, you have your ${Param} for prompting and when it's value is set to the desired ID, $P{input} is set to your query condition.
this should be a simple thing but I've spent hours to no avail. Basically, I need to look up a salesrep # in a SQL database using the user's Window's user id. The format of the user id is
"Norstar\kjones" and I need the "kjones" portion of it.
using the split function, I am able to pull just the 'kjones' part out:
split(User!UserID,"\").GetValue(1)
I've created a parameter called SlsmnNum and created a dataset to be used to look up the salesrep # using the user id (the slsm_num field is a varchar, not an integer):
select slsm_num from Salesman_Msid where slsm_msid = ''' + split(User!UserID,"\").GetValue(1) + '''
However, I get no results. How can I get the select to work?
alternatively, I tried the following:
in parameter SlsmnNum, I set the default to an expression using:
split(User!UserID,"\").GetValue(1) and this returns 'kjones', as expected.
I created a SECOND parameter (which is positioned BELOW the SlsmnNum parameter), SlsmnNum2, that has a default (and an available) value using a query, which is a dataset containing the following select statement:
select slsm_num from Salesman_Msid where slsm_msid = (#SlsmnNum)
When I run the query on the Data tab, when I type in 'kjones' into the parameter box, it returns '1366', the salesrep # I'm expecting.
But, when I Preview the report, all I get in SlsmnNum2 box is Select a Value and nothing is there (it should return '1366').
Any help would be greatly appreciated!
Try your first approach with Query Text as
="select slsm_num from Salesman_Msid where slsm_msid = '" & split(User!UserID,"\").GetValue(1) & "'"
I currently want to get a value from a form to set it in an SQL query I make in a module under Access using VBA. I tried to use
value = Forms![NameOfForm]![NameOfTextbox]
sqlquery = "...." & value & "....."
It make an error (2450) saying it cannot found the specified form. How can I get the value of this textbox so I could use it in my module?
Thx
Modify your VBA code to ensure the form is open.
DoCmd.OpenForm "NameOfForm"
That should prevent error #2450.
Afterwards, you don't need to store the value of [NameOfTextbox] to a variable, then use that variable to build your SQL statement. You can use its value directly.
sqlquery = "SELECT * FROM YourTable " & _
"WHERE some_field = '" & Forms![NameOfForm]![NameOfTextbox] & "';"
Or embed a reference to the textbox itself (instead of the textbox's value) in the query.
sqlquery = "SELECT * FROM YourTable " & _
"WHERE some_field = Forms![NameOfForm]![NameOfTextbox];"
I assumed some_field is a text data type field, so enclosed the textbox value with single quotes in the first query example. Notice the second example doesn't need the quotes because it refers to the textbox by name rather than its value.
However, should you continue with your original approach (storing the textbox value to a variable), don't name your variable "value" because value can be confused with a property of many objects.