How I convert this sql query :
Select ID, first_name, last_name, phone_number, room_type, room_floor, room_number, break_fast, lunch, dinner, cleaning, towel, s_surprise, supply_status, food_bill
from reservation
where check_in = '" + "True" + "' AND supply_status= '" + "False" + "'"
into LINQ
You can try something similar to this:
var rows = from r in reservation
where r.check_in == "True" && r.supply_status == "False"
select r;
Related
Im trying to avoid using native query. I have this query that uses the filter function, how could I rewrite this to not use that and work in regular jpql?
#Query(
"SELECT time_bucket(make_interval(:intervalType), d.time) as groupedDate, " +
"CAST(d.team_Id as varchar) as teamId, CAST(d.service_Id as varchar) as serviceId, CAST(d.work_id as varchar) as workId, " +
"ROUND(CAST(count(d.value) filter ( where d.type = 'A') AS numeric) /" +
" (CAST(count(d.value) filter ( where d.type = 'B') AS numeric)), 4) as total " +
"FROM datapoint d " +
"WHERE d.team_Id = :teamId and d.service_id in :serviceIds and d.work_id = :workspaceId and d.type in ('A', 'B') " +
"AND d.time > :startDate " +
"GROUP BY groupedDate, d.team_Id, d.service_Id, d.workspace_Id " +
"ORDER BY groupedDate DESC",
nativeQuery = true
)
in the FROM statement you have to use the DAO object instead of the table name
I'm executing this query
String innerQueryWithProductVersion = "select test_suite_name, max(m.date) as date "
+"from master_table_test_runs m "
+"INNER JOIN processed_jenkins_runs pdup "
+"ON m.id=pdup.test_run_id where m.date < "
+"(select max(date) from master_table_test_runs "
+"where product_version =:productVersion) "
+"and m.test_type!='CLOVER' and m.product = :product "
+"and m.test_suite_name in "+missingSuites
+" and m.branch like "+filters.branch
+" and m.deployment_mode like "+filters.deploymentMode
+" and pdup.jenkins_server like "+filters.jenkinsInstance
+" group by m.test_suite_name";
String queryWithProductVersion = "select t.number_tests, "
+"t.number_failure, t.number_skip, t.number_errors, t.test_type, "
+"t.product_version, t.date, t.test_suite_name, "
+"t.branch, p.job_url "
+"from master_table_test_runs t INNER JOIN "
+"(" +innerQueryWithProductVersion+") as x "
+"INNER JOIN processed_jenkins_runs p ON t.id=p.test_run_id "
+"where t.test_suite_name = x.test_suite_name "
+"and t.date = x.date and t.test_suite_name "
+"in "+missingSuites+" and product = :product "
+"and p.jenkins_server like "+filters.jenkinsInstance
+" and t.branch like "+filters.branch
+" and t.deployment_mode like "+filters.deploymentMode+"";
This query its working fine in mysql, but in PostgreSQL its giving syntax errors at "where" and "and"
syntax error at or near 'and'
Can anyone help me figure out the problem?
one of "+missingSuites, "+filters.branch etc is not defined, look at sample:
t=# select true where 'a' like '' and true;
bool
------
(0 rows)
t=# select true where 'a' like /*missed value*/ and true;
ERROR: syntax error at or near "and"
LINE 1: select true where 'a' like /*missed value*/ and true;
I have done that before, but in this case I have an insert into table query where value of the column of the target table comes as a result from another query. Having that, I'm not sure if my parametarized query is formatted the right way.
Here is an original query without before Sql Injection fix:
cmd.CommandText += "insert into controlnumber (controlnumber, errorid)
values ('" + ControlNumber + "', (select errorid from error where
errordescription = '" + ErrorDescription + "' and errortype = '" +
ErrorType + "' + and applicationid = " + ApplicationID + " and statusid =
" + StatusID + " and userid = " + UserID + " and errortime = '" +
ErrorTime + "');";
This is the query after I tried to fix Sql Injection:
cmd.CommandText = "insert into ControlTable(ControlNumber, ErrorID)
values (#ControlNum, (select errorid from error where errordescription =
#ErrorDescription and errortype = #errorType and applicationid =
#ApplicationID and statusid = #StatusID and userid = #UserID and
errortime = #ErrorTime)"
This is where I add parameters:
.....
command.CommandType = CommandType.Text
command.Parameters.AddWithValue("#ErrorDescription ", ErrorDesc);
command.Parameters.AddWithValue("#ControlNum", cntNumber);
command.Parameters.AddWithValue("#errorType",ErrorType);
command.Parameters.AddWithValue("#ApplicationID",AppID);
command.Parameters.AddWithValue("#StatusID",StatusID);
command.Parameters.AddWithValue("#UserID",UserID);
....
I'm just wondering if my CommandText is formatted the right way.
Thank's
try this:
cmd.CommandText = "insert into ControlTable(ControlNumber, ErrorID)
select #ControlNum, errorid from error where errordescription =
#ErrorDescription and errortype = #errorType and applicationid =
#ApplicationID and statusid = #StatusID and userid = #UserID and
errortime = #ErrorTime)"
When using INSERT INTO SELECT FROM, you do not use keyword VALUES. The syntax is:
INSERT INTO TABLE(columns) SELECT ... FROM TABLE2
I have a sub form with staff records on it within a main form. I am trying to allow the user to select a record from the sub form and add it to a table, here is my code which, to me, looks correct. However it gives me an error saying "Syntax error in INSERT INTO"
Private Sub Command3_Click()
Dim dbs As Database
Dim sqlstr As String
Set dbs = CurrentDb
Forename = Nz(Forms!frm_Capex_Submission!frm_staffSub.Form.shy_forename, "")
Surname = Nz(Forms!frm_Capex_Submission!frm_staffSub.Form.shy_surname, "")
emp_no = Nz(Forms!frm_Capex_Submission!frm_staffSub.Form.shy_empno, "")
CAP_ID = Forms!frm_Capex_Submission!CAP_ID
sqlstr = "INSERT INTO tbl_CapexStaff ( Forename, Surname, EmployeeID, CAP_ID) )" _
& " SELECT '" & Nz(Me!shy_forename, "") & "' AS Expr1, '" & Nz(Me!shy_surname, "") & "' AS Expr2, '" & Nz(Me!shy_empno, "") & " AS Expr3, " & Forms!frm_Capex_Submission.CAP_ID & " as expr4, """
dbs.Execute (sqlstr)
tbl_CapexStaff.Requery
End Sub
There is an extra ")" in your query
INSERT INTO tbl_CapexStaff ( Forename, Surname, EmployeeID, CAP_ID) )
i'm having a problem with a select statement.
It looks like:
myda = new SqlDataAdapter("Select * FROM tblAgenda WHERE tAgUsrId ='" + Session["usrId"] + "' AND tAgTBD = '" + Session["username"] + "' OR tAgTBD = '" + DBNull.Value + "' ", myconn);
But I have no idea how to make that DBNull.Value work. I also tried with just using "" instead, but it also doesn't work.
Any ideas on how to rewrite this statement please? Thank you.
Assuming that your session values have already been sanitised, then you can do the following:
myda = new SqlDataAdapter("Select * FROM tblAgenda WHERE tAgUsrId ='" +
Session["usrId"] + "' AND tAgTBD = '" +
Session["username"] + "' OR tAgTBD is null", myconn);
The above assumes that you want all rows where tAgTBD are null. If you want to keep the restriction the to the user ID, you'll want to add brackets around the two ORed conditions:
myda = new SqlDataAdapter("Select * FROM tblAgenda WHERE tAgUsrId ='" +
Session["usrId"] + "' AND (tAgTBD = '" +
Session["username"] + "' OR tAgTBD is null)", myconn);
If the session values haven't been sanitised, then you need to read up on SQL injection, and look at using an SqlCommand with parameters instead of constructing a string; although you may prefer to go this route anyway - it's a better habit to acquire, long term, and then you don't need to consider whether the values have been sanitised.