In COBOLDB2 program, what value will be stored in the host variable after getting -811 sqlcode. (i.e multiple rows returned by the query).
No data will be fetched to your host variable because SQLCODE < 0 means there is an error. Please refer to this link: IBM SQL Tutorial
You can use statements of this kind to retrieve single rows of data into host variables. The single row can have as many columns as desired. If a query produces more than one row of data, the database server cannot return any data. It returns an error code instead.
Indeed, no data can be fetched if you just use a query like that. In this case, you can use a CURSOR and the FETCH statement. This way, you can read into the host variable the returned lines one by one.
In short, this goes like this:
declare cursor curs_name for select .... from....where .....
open curs_name
fetch curs_name into host_var
close curs_name
All these instructions are enclosed between EXEC SQL ........... END EXEC. Of course, you have to fetch once for each line. You can check the SQLCODE to see if you reached the end of the cursor. You look for SQLCODE 100.
Related
I'm relatively new to DB2 for IBMi and am wondering the methods of how to properly cleanse data for a dynamically generated query in PHP.
For example if writing a PHP class which handles all database interactions one would have to pass table names and such, some of which cannot be passed in using db2_bind_param(). Does db2_prepare() cleanse the structured query on its own? Or is it possible a malformed query can be "executed" within a db2_prepare() call? I know there is db2_execute() but the db is doing something in db2_prepare() and I'm not sure what (just syntax validation?).
I know if the passed values are in no way effected by the result of user input there shouldn't be much of an issue, but if one wanted to cleanse data before using it in a query (without using db2_prepare()/db2_execute()) what is the checklist for db2? The only thing I can find is to escape single quotes by prefixing them with another single quote. Is that really all there is to watch out for?
There is no magic "cleansing" happening when you call db2_prepare() -- it will simply attempt to compile the string you pass as a single SQL statement. If it is not a valid DB2 SQL statement, the error will be returned. Same with db2_exec(), only it will do in one call what db2_prepare() and db2_execute() do separately.
EDIT (to address further questions from the OP).
Execution of every SQL statement has three stages:
Compilation (or preparation), when the statement is parsed, syntactically and semantically analyzed, the user's privileges are determined, and the statement execution plan is created.
Parameter binding -- an optional step that is only necessary when the statement contains parameter markers. At this stage each parameter data type is verified to match what the statement text expects based on the preparation.
Execution proper, when the query plan generated at step 1 is performed by the database engine, optionally using the parameter (variable) values provided at step 2. The statement results, if any, are then returned to the client.
db2_prepare(), db2_bind_param(), and db2_execute() correspond to steps 1, 2 and 3 respectively. db2_exec() combines steps 1 and 3, skipping step 2 and assuming the absence of parameter markers.
Now, speaking about parameter safety, the binding step ensures that the supplied parameter values correspond to the expected data type constraints. For example, in the query containing something like ...WHERE MyIntCol = ?, if I attempt to bind a character value to that parameter it will generate an error.
If instead I were to use db2_exec() and compose a statement like so:
$stmt = "SELECT * FROM MyTab WHERE MyIntCol=" . $parm
I could easily pass something like "0 or 1=1" as the value of $parm, which would produce a perfectly valid SQL statement that only then will be successfully parsed, prepared and executed by db2_exec().
I am getting this error running an insert query for a single record:
DB2 SQL Error: SQLCODE=-302, SQLSTATE=22001, SQLERRMC=null,
DRIVER=3.62.56
Exception: org.springframework.dao.DataIntegrityViolationException
I looked this up on IBM's help site, but there being no parameter index, I am stuck. The SQL state also seems to specify it is other than a value being too big.
The format of the query is INSERT INTO [[TABLE_NAME]] VALUES (?,?,?,...) using Spring's JdbcTemplate.update(String sql, Object... params).
This being for work, I cannot post schema nor query. I am looking for general advice into debugging this issue. I already know using Arrays.toString(Object[]) does not print out in SQL format.
To find the explanation for SQLCODE -302 in the manual you need to search for SQL0302N (the general rule for DB2 SQLCODE values is this: "SQL" plus four digits, padded if necessary with zeros on the left, plus "N" for "negative" because -302 is a negative number).
If you have the DB2 command line processor installed, you can also use it to look up error codes:
db2 ? sql302
which would produce something like this:
SQL0302N The value of a host variable in the EXECUTE or OPEN
statement
is out of range for its corresponding use.
Explanation:
The value of an input host variable was found to be out of range for
its use in the SELECT, VALUES, or prepared statement.
In other words, one of the bind variables in your INSERT is too large for the target column. You'll need to compare the table column definitions with the actual values you're trying to insert.
In addition to mustaccio's answer you can also get the info from sql with SYSPROC.SQLERRM. Example:
values SYSPROC.SQLERRM ('SQL302', '', '', 'en_US', 0)
SQL0302N The value of a host variable in the EXECUTE or OPEN statement
is out of range for its corresponding use.
Explanation:
...
I am calling one stored procedure from another, and the procedure I am calling has an output parameter. I am then piping the output value into a local variable. That's all well and good, but the problem is that this procedure also has a select statement in it, so when I exec, the results of the procedure are being returned in the final results set.
Is there a way to simply get the value of the output parameter, and ignore everything else?
While technically yes, you shouldn't do it. The engine consumes resources to produce the result set you ignore. You may also produce unnecessary contention. If you don't need the result set, you need another procedure that should only produce the output you desire.
I'm sure there are some tricks for doing this - but the obvious solution that springs to mind is:
INSERT INTO #my_rubbish_temp_table_that_i_CREATEd_earlier
EXEC dbo.mySproc #a, #b, #c OUTPUT
...as per Remus' response, this is a waste of CPU, I/O, etc.
If you can add an additional parameter to your stored procedure that allows the suppression of the resultset, that'd be grand.
I get the following error when running an sqr report on DB2:
SQL0100W - No row was found for FETCH, UPDATE or DELETE; or the result of a query is an empty table. SQLSTATE=02000
The sql in question runs correctly when I paste it into RapidSQL, replacing the parameters. The sql in question is an insert-select. No rows are returned by the select, and this is fine... I expect the report to be blank for my parameters.
Any idea how I can get around this?
DB2 returns always an SQL0100 warning (this is a warning, not an error - errors would have negative values) when no rows are returned. That's the way it is.
I don't know peoplesoft at all - so I can't give you any pointers with that. Back when I was programming for DB2 we ignored those SQL0100 warnings.
If SQR can't gracefully handle a NOT_FOUND SQL0100 return, then code a preliminary query to return a count of the number of rows that satisfy the conditions of the actual query. Check the result of the count in an if-then block in SQR to run the actual query if and only if the row count returned by the preceding query was not zero.
Turns out to be an environment setup issue. Got resolved with no change from me after a couple of builds....
Strange :-/
if you delete delete more than one record using logic operation like delete from tabname where columnnmae=deleterecord and columnnmae=deleterecord then they show this type error.machine an
Here’s the scenario:
You load a page, which renders based on the data in the database (call these the “assumptions”)
Someone changes the assumptions
You submit your page
ERROR!
The general pattern to solve this problem is this (right?):
In your save proc, inside a begin and commit transaction, you validate your assumptions first. If any of them changed, you should return a graceful error message, something like an XML list of the ID’s you had problems with, that you handle in the page rather than let it be handled by the default error handling infrastructure.
So my question is what is the best way to do that?
Return the xml list and an error flag in out parameters that are unset and 0 if it completes correctly?
Use an out parameter to return an error status, and the result of the proc be either the error list or the valid results of the proc?
Something else? (I should note that raiseerror would cause the proc to be in error, and get picked up by the default error handling code)
Update: I would like to return a maniplatable list of IDs that failed (I plan to highlight those cells in the application). I could return them in CSV format in RAISEERROR, but that seems dirty.
I agree - I like RAISEERROR:
-- Validate #whatever
IF #whatever >= '5'
BEGIN
RAISERROR ('Invalid value for #whatever - expected a value less than 5, but received %s.', 10, 1, #whatever)
RETURN 50000
END;
Use the RAISERROR function with the appropriate severity and/or wait level. If you use a low severity this does not necessarily cause an exception, as you contend, and with .Net at least its pretty simple to retrieve these messages. The only downside is that with the StoredProcedure command type in .Net messages are only pumped in groups of 50.
Stored procedures can return multiple result sets. Based on your update, you could also insert errored ids into a temporary table, and then at the end of your procedure select the records from that table as an additional result set you can look at.
I would do an output parameter with a message, the return will already have something which is not 0 if there is an error
also be careful with doomed transaction and check with xact_error, see Use XACT_ABORT to roll back non trapable error transactions