I have used this query for fullname seach.When using this query throwing error"Array to string conversion"
Please help me out sometime I receive error "BadValue $or/$and/$nor entries need to be full objects" when remove array from [$search]
$user=USER::whereRaw("concat(first_name, ' ', last_name) like '%?%', [$search] ")
Related
I have a JPA/Springboot application backed by a Postgres database. I need to get a records that is equal to a substring passed back to the server.
For example:
Select * from dp1_attachments where TRIM(RIGHT(dp1_submit_date_dp1_number::text, 5)) ='00007'
This query works in PgAdmin, but not in the JPA #Query statement.
#Query("SELECT a.attachmentsFolder as attachmentsFolder, a.attachmentNumber as attachmentNumber, a.attachmentName as attachmentName, a.dp1SubmitDateDp1Number as dp1SubmitDateDp1Number,a.attachmentType as attachmentType, a.attachmentDate as attachmentDate, a.attachmentBy as attachmentBy "
+ "FROM DP1Attachments a WHERE TRIM(SUBSTRING(a.dp1SubmitDateDp1Number::text, 5 )) = :dp1Number")
I've also tried CASTing the parameter like this:
#Query("SELECT a.attachmentsFolder as attachmentsFolder, a.attachmentNumber as attachmentNumber, a.attachmentName as attachmentName, a.dp1SubmitDateDp1Number as dp1SubmitDateDp1Number,a.attachmentType as attachmentType, a.attachmentDate as attachmentDate, a.attachmentBy as attachmentBy "
+ "FROM DP1Attachments a WHERE TRIM(SUBSTRING(CAST(a.dp1SubmitDateDp1Number as string, 5 ))) = :dp1Number")
but the application won't even run, and returns an error that the query isn't valid.
If I make no attempt to cast it, I get an error that function pg_catalog.substring(numeric, integer) does not exist
UPDATE
I've also tried creating a native query instead but that also doesn't seem to work.
List<DP1AttachmentsProjection> results = em.createNativeQuery("Select * FROM dp1_attachments WHERE TRIM(RIGHT(CAST(dp1_submit_date_dp1_number as varchar),5)) =" + dp1Number).getResultList();
In place of varchar I have also tried string and text.
Errors come back similar to ERROR: operator does not exist: text = integer. Its like the CAST is being ignored and I'm not sure why.
I also tried the following as a native query:
em.createNativeQuery("Select * FROM dp1_attachments WHERE TRIM(RIGHT(dp1_submit_date_dp1_number::varchar),5)) =" + dp1Number).getResultList();
and get ERROR: syntax error at or near ":"
FINAL SOLUTION
Thanks to #Nenad J I altered the query to get the final working solution:
#Query(value = "SELECT a.attachments_Folder as attachmentsFolder, a.attachment_Number as attachmentNumber, a.attachment_Name as attachmentName, a.dp1_Submit_Date_Dp1_Number as dp1SubmitDateDp1Number,a.attachment_Type as attachmentType, a.attachment_Date as attachmentDate, a.attachment_By as attachmentBy FROM DP1_Attachments a WHERE TRIM(RIGHT(CAST(a.dp1_Submit_Date_Dp1_Number as varchar ), 5 )) = :dp1Number", nativeQuery = true)"
Default substring returns a string, so substring(integer data,5) returns a string. Thus no need for the cast.
#Query("SELECT * FROM DP1Attachments a WHERE TRIM(SUBSTRING(a.dp1SubmitDateDp1Number, 5)) = :dp1Number")
But I recommend in this case use native query like this:
Put this code in your attachment repository.
#Query(value="SELECT * FROM DP1Attachments AS a WHERE TRIM(SUBSTRING(a.dp1SubmitDateDp1Number, 5 )) = :dp1Number", nativeQuery=true)
Be careful with the column's name.
I am facing a issue to load a csv resulting froma query that encryts a text.
This is the query I run:
select
id,
encode(encrypt_iv(raw_address::bytea, '<aes_key>', '<iv>', 'aes-cbc/pad:pkcs'), 'base64') raw_address
from some_table;
But I got a multiline text as result for raw_address column. So I tried:
select
id,
encode(encrypt_iv(replace(raw_address, chr(92), chr(47))::bytea, '<aes_key>', '<iv>', 'aes-cbc/pad:pkcs'), 'base64') raw_address
from some_table;
This because I just wanted to make this \ into this / (to avoid \n)
This is the result example:
But got the same result. Then I found this answer and realize that + char was present, so I tried:
select
id,
replace(encode(encrypt_iv(replace(raw_address, chr(92), chr(47))::bytea, '<aes_key>', '<iv>', 'aes-cbc/pad:pkcs'), 'base64'), chr(10), '')
from, some_table;
Then I got one line:
But I don't know if I am modifing the original value, I can not decrypt the value. I tried:
select encode(decrypt_iv('55WHZ7tyGAlQxTIM0fPfY5tOKpbYzwdXCsemIgYV5TRG+h45IW1nU/zCqZbkIeiXQ3OXZSlHo0RPgq5wcgJ0xQ==', '<aes_key>', '<iv>', 'aes-cbc/pad:pkcs'), 'base64') ;
But I got:
ERROR: decrypt_iv error: Data not a multiple of block size
Any suggestion will be appreciated.
Thanks in advance!
I have the following query on cloudwatch logs
fields replace(path,'%20',' ') as pathz
|parse pathz /^(?<url1>.*) [!A-Z0-9-]*(?<url2>[ˆ!].*)$/
| fields concat(url1, url2) as url
| display coalesce(url,pathz) as furl
3 sample pathz parsed are:
/v1/routing/pega-public/prweb/api/v1/assignments/ASSIGN-WORKLIST GNR-AUTO-WORK ST-4102!RACCOLTADATIPRELIMINARI_FLOW
/v1/routing/pega-public/prweb/api/DeviceInfoPackage/v1/SetInitialCaseInfomation
/v1/routing/pega-public/prweb/api/v1/cases/GNR-AUTO-WORK 43FFC9776C00474388A664A8A3E24B68
The desired output is removing the data:
/v1/routing/pega-public/prweb/api/v1/assignments/ASSIGN-WORKLIST GNR-AUTO-WORK RACCOLTADATIPRELIMINARI_FLOW
/v1/routing/pega-public/prweb/api/DeviceInfoPackage/v1/SetInitialCaseInfomation
/v1/routing/pega-public/prweb/api/v1/cases/GNR-AUTO-WORK
but I can't manage to get it
Third line is empty
this is because concat output doesn't return 'null' which could be skipped by coalesce
but it returns an empty string that is matched
I digged in the doc and in few examples on the internet but there is no way to get this working properly
solved with this:
fields #timestamp, status, replace(path,'%20',' ') as pathx
|parse pathx /(?<a1>^[^ ]+ *[A-Z-]*)( (?<a2>[A-Z0-9-]+){1,2}(?<a3>.*))*/
|filter
|display concat(a1,a3) as cleanurl
I try to create advanced search to my database.
I want to do something like that: if the user type for search = overf**w
and I have in my database an cloumn that his value = overflow - show him.
this my code:
$name = str_replace('*', '_', $name);
SELECT name FROM table WHERE name LIKE CONCAT('%', ?, '%')
its not working, I dont know what the problem.
You can't use LIKE in this situation, you need to use REGEXP() to do a wildcard search. Replace * or ** with .*. To only return names that starts with the given value use ^ at the beginning of the regular expression
SELECT name
FROM actors
WHERE name REGEXP('^overf.*w')
I don't know php but your $name parameter should be set like this (in pseudo code)
$name = '^' + replace($name, '**', '.*')
I'm doing a little application for the work and it includes a form. When the person using the form doesn't put a value in a data type "numeric" (lets say a PIN number) or even a date in one of my "date" Data Type fields (lets say his anniverssary), it returns me with the errors as follow:
Error Type – Type d'erreur
_Microsoft OLE DB Provider for ODBC Drivers (0x80004005)_
ERROR: invalid input syntax for type numeric: ""; Error while executing the query
Error Type – Type d'erreur
_Microsoft OLE DB Provider for ODBC Drivers (0x80004005)_
ERROR: syntax error at or near ")"; Error while executing the query
So it seems that when the person using the form enters nothing, it returns the string "empty" that is "".
Why can't the numeric type and data type read that as a NULL entry? These fields are not mandatory and so I need to have them be sometimes blank.
How can I make it possible? Is their a way to keep using "numeric" and "date" type so that when the user enters nothing in those fields, the table fills with a blank case insted of giving me this error?
Here is my sql statement :
trsConn.EXECUTE "INSERT INTO ""TRS"".employeetbl ( "& _
"""firstName"", " & _
"""lastName"" , " & _
"""detContract"", " & _
"sle, " & _
"""posNumber"" "& _
") VALUES (" & _
"'" & Request.Form("empFirst") & "', " & _**
"'" & Replace(Request.Form("empLast"), "'", "`") & "', " & _
"'" & Request.Form("dateContract") & "', " & _
"'" & Request.Form("sle") & "', " & _
"'" & Request.Form("posNum") & "');"
(The posNum and dateContract are both respectivly of type "numeric" and "date"
Thanks so much for the help. Looking forward for hearing what you geniuses have to say.
The concept of NULL in SQL is pretty muddled and inconsistent ... but it's very clear that '' is distinct from NULL.
'' isn't NULL, it's '', the empty string. You can't convert it to a date, number, etc:
regress=# SELECT CAST('' AS DATE);
ERROR: invalid input syntax for type date: ""
LINE 1: SELECT CAST('' AS DATE);
^
regress=# SELECT CAST('' AS NUMERIC);
ERROR: invalid input syntax for type numeric: ""
LINE 1: SELECT CAST('' AS NUMERIC);
^
Some products - notably Microsoft Access and old versions of MySQL - are confused about that matter. NULL is NULL, '' is the empty string; they aren't the same thing. You can't convert one to the other.
So it seems that when the person using the form enters nothing, it
returns the string "empty" that is "". Why can't the numeric type and
data type read that as a NULL entry? These fields are not mandatory
and so I need to have them be sometimes blank.
That's your application's job. When your app it sees the empty string come in on a form field for a numeric, date, or similar, it should send NULL to the database, not ''. That's normally a routine part of converting data from user input before it's supplied to the database. It is vital that you do such conversion; you should never just send values from the user straight to the database.
A quick search suggests that asp classic uses null or undefined as its null values; you should be able to pass them into your prepared statements when something is null.
The fact that you get a syntax error after the error about '' suggests that you're building your SQL statements as strings, not using prepared statements with placeholders. (Thanks JayC for the SO question ref). This is begging for SQL injection; in other words your application is critically insecure. Imagine what happens if the user enters the "date":
2012-01-01'); DROP SCHEMA public;--
and your app happily turns that into
INSERT INTO sometable (blah, blah, blah) VALUES (1, 2, DATE '2012-01-01'); DROP SCHEMA public;--');
The DROP SCHEMA then merrily executes and whoops, splat, there goes your database. That's just the dumbest, simplest kind of SQL injection attack too.