I'm trying to select some rows from a table (PostgreSQL) using the following code:
my $kadadbh = DBI->connect(
"dbi:Pg:dbname=$dbname;host=$host",
$dbuser,
$dbpasswd
);
my $subject_nar_sel= $kadadbh->prepare(
'SELECT * FROM subject WHERE SUBSTRING(CAST(id AS text),1,6) = "?";'
);
$nar=605812;
$subject_nar_sel->execute($nar);
But I get an error:
called with 1 bind variables when 0 are needed at ...
I get the same error when I swap the single and double quotes:
"SELECT * FROM subject WHERE SUBSTRING(CAST(id AS text),1,6) = '?';"
How can I fix this?
You current query is testing whether SUBSTRING(CAST(id AS text),1,6) matches the literal string suspiciously-named quoted identifier "?". So don't quote the ?, even when the bind parameter has a string type:
SELECT * FROM subject WHERE SUBSTRING(CAST(id AS text),1,6) = ?
Related
I have a JPA/Springboot application backed by a Postgres database. I need to get a records that is equal to a substring passed back to the server.
For example:
Select * from dp1_attachments where TRIM(RIGHT(dp1_submit_date_dp1_number::text, 5)) ='00007'
This query works in PgAdmin, but not in the JPA #Query statement.
#Query("SELECT a.attachmentsFolder as attachmentsFolder, a.attachmentNumber as attachmentNumber, a.attachmentName as attachmentName, a.dp1SubmitDateDp1Number as dp1SubmitDateDp1Number,a.attachmentType as attachmentType, a.attachmentDate as attachmentDate, a.attachmentBy as attachmentBy "
+ "FROM DP1Attachments a WHERE TRIM(SUBSTRING(a.dp1SubmitDateDp1Number::text, 5 )) = :dp1Number")
I've also tried CASTing the parameter like this:
#Query("SELECT a.attachmentsFolder as attachmentsFolder, a.attachmentNumber as attachmentNumber, a.attachmentName as attachmentName, a.dp1SubmitDateDp1Number as dp1SubmitDateDp1Number,a.attachmentType as attachmentType, a.attachmentDate as attachmentDate, a.attachmentBy as attachmentBy "
+ "FROM DP1Attachments a WHERE TRIM(SUBSTRING(CAST(a.dp1SubmitDateDp1Number as string, 5 ))) = :dp1Number")
but the application won't even run, and returns an error that the query isn't valid.
If I make no attempt to cast it, I get an error that function pg_catalog.substring(numeric, integer) does not exist
UPDATE
I've also tried creating a native query instead but that also doesn't seem to work.
List<DP1AttachmentsProjection> results = em.createNativeQuery("Select * FROM dp1_attachments WHERE TRIM(RIGHT(CAST(dp1_submit_date_dp1_number as varchar),5)) =" + dp1Number).getResultList();
In place of varchar I have also tried string and text.
Errors come back similar to ERROR: operator does not exist: text = integer. Its like the CAST is being ignored and I'm not sure why.
I also tried the following as a native query:
em.createNativeQuery("Select * FROM dp1_attachments WHERE TRIM(RIGHT(dp1_submit_date_dp1_number::varchar),5)) =" + dp1Number).getResultList();
and get ERROR: syntax error at or near ":"
FINAL SOLUTION
Thanks to #Nenad J I altered the query to get the final working solution:
#Query(value = "SELECT a.attachments_Folder as attachmentsFolder, a.attachment_Number as attachmentNumber, a.attachment_Name as attachmentName, a.dp1_Submit_Date_Dp1_Number as dp1SubmitDateDp1Number,a.attachment_Type as attachmentType, a.attachment_Date as attachmentDate, a.attachment_By as attachmentBy FROM DP1_Attachments a WHERE TRIM(RIGHT(CAST(a.dp1_Submit_Date_Dp1_Number as varchar ), 5 )) = :dp1Number", nativeQuery = true)"
Default substring returns a string, so substring(integer data,5) returns a string. Thus no need for the cast.
#Query("SELECT * FROM DP1Attachments a WHERE TRIM(SUBSTRING(a.dp1SubmitDateDp1Number, 5)) = :dp1Number")
But I recommend in this case use native query like this:
Put this code in your attachment repository.
#Query(value="SELECT * FROM DP1Attachments AS a WHERE TRIM(SUBSTRING(a.dp1SubmitDateDp1Number, 5 )) = :dp1Number", nativeQuery=true)
Be careful with the column's name.
With code like this:
string strCommand = "SELECT * FROM \"MyDataBase\".\"vwUsers\" "
strCommand += "WHERE name LIKE '%' || :name || '%' ";
strCommand += "ORDER BY name ASC LIMIT :page_limit OFFSET :row_offset";
NpgsqlCommand cCommand = new NpgsqlCommand(strCommand);
cCommand.Parameters.Add(new NpgsqlParameter("name", NpgsqlDbType.Text));
cCommand.Parameters[0].Value = strName;
cCommand.Parameters.Add(new NpgsqlParameter("page_limit", NpgsqlDbType.Integer));
cCommand.Parameters[1].Value = nPageAmount;
cCommand.Parameters.Add(new NpgsqlParameter("row_offset", NpgsqlDbType.Integer));
cCommand.Parameters[2].Value = nRowOffset;
Is there a way to get the full text of the command string with all the parameters plugged into it?
Nope. The reason for this is that since Npgsql 3.0 parameters aren't simply substituted in the string; Npgsql actually sends your SQL with parameter placeholders, and transmits the parameters in a separate message and in binary encoding. In other words, there's no point anywhere at which the SQL query is available as text with the parameters.
(Note: in Npgsql 2.2 client-side parameter binding was done for non-prepared messages, so this was in theory possible).
try this cCommand.CommandText
reference Npgsql.NpgsqlCommand
I am using Dollar quote (i.e. $xx$) for my query and getting Exception when the input has a hash character(#) inside.
select * from tbl_abc where col_x = $xx$#$xx$
^
The Exception is:
Internal Exception: org.postgresql.util.PSQLException: The column index is out of range: 1, number of columns: 0.
Error Code: 0
Call: select * from tbl_abc where col_x = $xx$?
bind => [1 parameter bound]
I can see there a ? character in the error message, but I didn't have that in my query. Here is my java code:
String query = "select * from tbl_abc where col_x = $xx$#$xx$";
Query nativeQuery = em.createNativeQuery(query, Abc.class);
List<Abc> abcList = nativeQuery.getResultList();
FYI: it works smoothly when I use '#' instead of $xx$#$xx$. Also my query runs nicely from the postgres console.
How can I escape that # character for Dollar quote from JPA?
I am using Java with Eclipselink and the database is Postgres.
I keep getting errors when attempting to use placeholders in my perl script for a Mysql routine.
Code :
use DBI;
my $driver = "mysql";
my $database = "database";
my $user = "exxxxxx";
my $password = "xxxxx";
my $dsn = "DBI:mysql:$database;mysql_local_infile=ON";
my $dbh = DBI->connect($dsn,$user,$password);
$dbh->do("SET \#tempc5 = (SELECT temp FROM day5 WHERE time = '00:00') ");
my $inter1 = i24;
$sth = $dbh->prepare( "SET \#sumadd5 = (SELECT ? FROM humid WHERE temp=\#tempc5) " );
$sth->bind_param( 1, $inter1 );
$sth->finish();
$dbh->disconnect();
This produces the following error:
Global symbol "$sth" requires explicit...
If I add a my $sth I get the following error:
Scalar found where operator expected...
Note that I am have no objection in trying this with $dbh->do("SET"
if possible.
The placeholders are not allowed for column names according to MySQL Manual for mysql_stmt_prepare() which is the function behind prepare.
The markers are legal only in certain places in SQL statements. For
example, they are permitted in the VALUES() list of an INSERT
statement (to specify column values for a row), or in a comparison
with a column in a WHERE clause to specify a comparison value.
However, they are not permitted for identifiers (such as table or
column names), or to specify both operands of a binary operator such
as the = equal sign. The latter restriction is necessary because it
would be impossible to determine the parameter type. In general,
parameters are legal only in Data Manipulation Language (DML)
statements, and not in Data Definition Language (DDL) statements.
If you think about it, it would not make sense to prepare a statement where you can change a column. Preparation of statement includes execution plan, but you can't plan execution of a statement where you don't know if given column has or doesn't have an index on it.
You can't use a placeholder there.
When you call prepare, all structural information about your tables is baked into the query, waiting for you to pass in data values to replace placeholders when you execute the query.
But you're trying to use a placeholder for a column name, which is part of the table's structure.
If you fix the Perl syntax to be:
my $inter1 = 'i24';
my $sth = $dbh->prepare( "SET \#sumadd5 = (SELECT ? FROM humid WHERE temp=\#tempc5) " );
$sth->execute($inter1);
it should run, but the ? will be treated as a data value rather than a column name (structural information). So you'll get the results of the SQL query
SET #sumadd5 = (SELECT 'i24' FROM humid WHERE temp=#tempc5)
instead of
SET #sumadd5 = (SELECT i24 FROM humid WHERE temp=#tempc5)
The subquery will return the literal value "i24" for each matching row rather than the value found in column i24.
You didn't quoted the vaule of $inter1. Change $inter1 = i24; to $inter1 = 'i24';. Just edited in your code, this will not give you syntax error.
use warnings;
use strict;
use DBI;
my $driver = "mysql";
my $database = "database";
my $user = "exxxxxx";
my $password = "xxxxx";
my $dsn = "DBI:mysql:$database;mysql_local_infile=ON";
my $dbh = DBI->connect($dsn,$user,$password);
$dbh->do("SET \#tempc5 = (SELECT temp FROM day5 WHERE time = '00:00') ");
my $inter1 = 'i24';
my $sth = $dbh->prepare( "SET \#sumadd5 = (SELECT ? FROM humid WHERE temp=\#tempc5) " );
$sth->bind_param( 1, $inter1 );
$sth->finish();
$dbh->disconnect();
For my UPDATE statement on PostgreSQL (from Perl via DBI and DBD::Pg) I want to bind a value like this:
my $sql = 'UPDATE mytable SET foo = % WHERE id = 42';
my $foo_value = 23;
$dbh->do($sql, {}, $foo_value);
This gives the following error in the do() line:
DBD::Pg::db do failed: called with 1 bind variable when 0 are needed at...
I tried other syntaxes for placeholders, $1 and ?. Both fail with
DBD::Pg::db do failed: ERROR: invalid input syntax for type numeric: "" at...
What is the correct syntax?
The ? character is the correct placeholder.
my $sql = 'UPDATE mytable SET foo = ? WHERE id = 42';
my $foo_value = 23;
$dbh->do($sql, undef, $foo_value);