Hey all I have the following SQL query:
Class.forName("oracle.jdbc.driver.OracleDriver");
PreparedStatement stmt = con.prepareStatement("SELECT " +
"DECODE(MAX(ID), NULL, 'NO', 'YES') BOOL_VAL " +
"FROM " +
"MASTERNICSDB " +
"WHERE " +
"FTAG = ? " +
"AND " +
"BADGENUM IS ?");
stmt.setString(1, System.getenv("COMPUTERNAME").toUpperCase());
stmt.setNull(2, Types.VARCHAR);
ResultSet rs = stmt.executeQuery();
rs.next();
The issue with the above is that it keeps throwing:
ORA-00908: missing NULL keyword
I have tried all of the following:
stmt.setNull(2, Types.VARCHAR);
stmt.setString(2, "NULL");
stmt.setNull(2, oracle.jdbc.OracleTypes.VARCHAR);
stmt.setObject(2, null);
None of which seem to work. They all get the same error as above.
However, if I place the values inside the query all is fine - but I don't want to do that due to SQL injection and all that fun stuff.
I am getting missing right parenthesis error on executing the below inline query in oracle:
" select * from ( "+
" SELECT P.SZ_PARAM_CODE id, P.SZ_PARAM_DESC cap "+
" FROM prm_vew_parameter P, PRM_PARAMETER_AVAIBILITY A, RULE_PARAMETER_ASSOCIATION X "+
" WHERE P.SZ_PARAM_CODE=A.SZ_PARAM_CODE "+
" AND A.SZ_PROG_SERVICE_CODE='RULE_PARAMS' "+
" AND P.SZ_ORGID=X.ORGID "+
" AND P.SZ_PARAM_CODE=X.PARAMCD "+
" AND X.RULECD='ND_APTDEV' "+
" --AND X.ORGID='' "+
" AND X.INOUT='I' "+
" UNION "+
" select T.PARAMCD id, L.SZDESCRIPTION cap "+
" from RULE_PARAMETER_ASSOCIATION t, CMN_VEW_CENTRAL_LOOKUP L "+
" WHERE T.PARAMCD=L.SZCODE " +
" AND L.SZLOOKUPEFINEDFOR='L_RSK_OUTPUT_PARAM' "+
" AND L.SZ_ORGID=T.ORGID "+
" AND T.RULECD='ND_APTDEV' "+
" AND T.INOUT='O' "+
" --AND T.ORGID=':ORGID:' "+
" AND L.SZAPP_ID='RISK' "+
" AND L.SZGROUP_ID='Rule_type' "+
" UNION "+
" SELECT T.SZ_TEMPPARAM_CODE id, T.SZ_TEMPPARAM_CODE cap "+
" from RLMGR_M_RULE_TEMPPARAM T "+
" WHERE T.SZ_RULESET_CODE='RULE_PARAMS' "+
" --AND T.SZ_ORGID=':ORGID:' "+
" ORDER BY cap )"+" where rownum <= 1 ";
Any help / suggestions on this will be grateful.
Thanks in advance.
I am working on a project that require me to join four tables. I have written this code but it's taking forever to finish. Please help. Ohhh I have about 121 000 entries in the Db
PortfolioCollectionDataContext context = null;
context = DataContext;
var Logins = from bkg in context.EnquiryBookings
where bkg.Paid == true
from log in context.Logins
where log.LoginID == bkg.LoginID
from enq in context.Enquiries
where enq.EnquiryID == bkg.EnquiryID
from estb in context.Establishments
where enq.EstablishmentID == estb.EstablishmentID
select new
{
log.LoginID,
log.FirstName,
log.LastName,
log.CountryOfResidence,
log.EmailAddress,
log.TelephoneNumber,
bkg.TotalPrice,
estb.CompanyName
};
string str = "";
foreach (var user in Logins)
{
str += ("[Name: " + user.LastName + " " + user.FirstName + " - Country: " + user.CountryOfResidence + " - Phone: " + user.TelephoneNumber + " - Email: " + user.EmailAddress + " - Booked From: " + user.CompanyName + " - Spent: " + user.TotalPrice.ToString() + "]");
}
return str;
Use following query on LINQ
PortfolioCollectionDataContext context = null;
context = DataContext;
var Logins = from bkg in context.EnquiryBookings
join log in context.Logins
on log.LoginID equals bkg.LoginID
&& bkg.Paid == true
join enq in context.Enquiries
on enq.EnquiryID equals bkg.EnquiryID
join estb in context.Establishments
on enq.EstablishmentID == estb.EstablishmentID
select new
{
str = "[Name: " + log.LastName + " " + log.FirstName + " - Country: " + log.CountryOfResidence + " - Phone: "
+ log.TelephoneNumber + " - Email: " + log.EmailAddress + " - Booked From: "
+ estb.CompanyName + " - Spent: " + bkg.TotalPrice.ToString() + "]"
};
string output = string.Join(", ", Logins.ToList());
return output;
Check your query by taking cursor on Logins and paste that query here. Then check an estimated execution plan of your query and paste here.
If using SQL Server, to get execution plan of your query using Sql server management studio, click on an icon highlighted in an image below.
Right now I am using the following code to generate the WHERE clause in my query. I have a parameter for the search column (searchColumn) plus another parameter from a checked listbox that I use.
If no item is checked there is no WHERE clause at all.
Is it possible to put this into a parameterized query? For the second part there's most likely a way like searchColumn NOT IN ( ... ) where ... ist the data from an array. Though I am not sure how to handle the case when there's nothing checked at all.
Any thoughts or links on this?
strWhereClause = "";
foreach (object objSelected in clbxFilter.CheckedItems)
{
string strSearch = clbxFilter.GetItemText(objSelected);
if (strWhereClause.Length == 0)
{
strWhereClause += "WHERE (" + searchColumn + " = '" + strSearch + "' "
+ "OR " + searchColumn + " = '" + strSearch + "') ";
}
else
{
strWhereClause += "OR (" searchColumn " = '" + strSearch + "' "
+ "OR " + searchColumn + " = '" + strSearch + "') ";
}
}
It sounds like you're just trying to dynamically build a parameterized query string using C#. You're halfway there with your code - my example below builds up a dictionary with paramter names and parameter values, which you can then use to create SqlParamters. One thing I'm not 100% sure about is where searchColumn is coming from - is this generated from user input? That could be dangerous, and parameterizing that would require using some dynamic SQL and probably some validation on your part.
strWhereClause = "";
Dictionary<string, string> sqlParams = new Dictionary<string, string>();
int i = 1;
string paramName= "#p" + i.ToString(); // first iteration: "#p1"
foreach (object objSelected in clbxFilter.CheckedItems)
{
string strSearch = clbxFilter.GetItemText(objSelected);
if (strWhereClause.Length == 0)
{
strWhereClause += "WHERE (thisyear." + strKB + " = #p1 OR " + searchColumn + " = #p1) ";
sqlParams.Add(paramName, strSearch);
i = 2;
}
else
{
paramName = "#p" + i.ToString(); // "#p2", "#p3", etc.
strWhereClause += "OR (" searchColumn " = " + paramName + " "OR " + searchColumn + " = " + paramName + ") ";
sqlParams.Add(paramName, strSearch);
i++;
}
}
Then, when parameterizing your query, just loop through your dictionary.
if (sqlParams.Count != 0 && strWhereclause.Length != 0)
{
foreach(KeyValuePair<string, string> kvp in sqlParams)
{
command.Parameters.Add(new SqlParamter(kvp.Name, SqlDbType.VarChar) { Value = kvp.Value; });
}
}
For reference only:
string strWhereClause;
string searchColumn;
string strKB;
SqlCommand cmd = new SqlCommand();
private void button1_Click(object sender, EventArgs e)
{
strWhereClause = "";
int ParmCount = 0;
foreach (object objSelected in clbxFilter.CheckedItems)
{
string strSearch = clbxFilter.GetItemText(objSelected);
ParmCount += 1;
string strParamName = "#Param" + ParmCount.ToString(); //Param1→ParamN
cmd.Parameters.Add(strParamName, SqlDbType.NVarChar);
cmd.Parameters[strParamName].Value = strSearch;
if (strWhereClause.Length == 0)
{
strWhereClause += "WHERE (thisyear." + strKB + " = " + strParamName + " "
+ "OR " + searchColumn + " = " + strParamName + ") ";
}
else
{
strWhereClause += "OR (thisyear." + strKB + " = " + strParamName + " "
+ "OR " + searchColumn + " = " + strParamName + ") ";
}
}
}
my problem is that i have 5 tables and need inserts and selects.
what i did is for every table a class and there i wrote the SQL Statements like this
public class Contact
private static String IDCont = "id_contact";
private static String NameCont = "name_contact";
private static String StreetCont = "street_contact";
private static String Street2Cont = "street2_contact";
private static String Street3Cont = "street3_contact";
private static String ZipCont = "zip_contact";
private static String CityCont = "city_contact";
private static String CountryCont = "country_contact";
private static String Iso2Cont = "iso2_contact";
private static String PhoneCont = "phone_contact";
private static String Phone2Cont = "phone2_contact";
private static String FaxCont = "fax_contact";
private static String MailCont = "mail_contact";
private static String Mail2Cont = "mail2_contact";
private static String InternetCont = "internet_contact";
private static String DrivemapCont = "drivemap_contact";
private static String PictureCont = "picture_contact";
private static String LatitudeCont = "latitude_contact";
private static String LongitudeCont = "longitude_contact";
public static final String TABLE_NAME = "contact";
public static final String SQL_CREATE = "CREATE TABLE IF NOT EXISTS " + TABLE_NAME + "(" +
IDCont + "INTEGER not NULL," +
NameCont + " TEXT not NULL," +
StreetCont + " TEXT," +
Street2Cont + " TEXT," +
Street3Cont + " TEXT," +
ZipCont + " TEXT," +
CityCont + " TEXT," +
CountryCont + " TEXT," +
Iso2Cont + " TEXT," +
PhoneCont + " TEXT," +
Phone2Cont + " TEXT," +
FaxCont + " TEXT," +
MailCont + " TEXT," +
Mail2Cont + " TEXT," +
InternetCont + " TEXT," + //website of the contact
DrivemapCont + " TEXT," + //a link to a drivemap to the contact
PictureCont + " TEXT," + //a photo of the contact building (contact is not a person)
LatitudeCont + " TEXT," +
LongitudeCont + " TEXT," +
"primary key(id_contact)" +
"foreign key(iso2)";
and my insert looks like this
public boolean SQL_INSERT_CONTACT(int IDContIns, String NameContIns, String StreetContIns,
String Street2ContIns, String Street3ContIns, String ZipContIns,
String CityContIns, String CountryContIns, String Iso2ContIns,
String PhoneContIns, String Phone2ContIns, String FaxContIns,
String MailContIns, String Mail2ContIns, String InternetContIns,
String DrivemapContIns, String PictureContIns, String LatitudeContIns,
String LongitudeContIns) {
try{
db.execSQL("INSERT INTO " + "contact" +
"(" + IDCont + ", " + NameCont + ", " + StreetCont + ", " +
Street2Cont + ", " + Street3Cont + ", " + ZipCont + ", " +
CityCont + ", " + CountryCont + ", " + Iso2Cont + ", " +
PhoneCont + ", " + Phone2Cont + ", " + FaxCont + ", " +
MailCont + ", " + Mail2Cont + ", " + InternetCont + ", " +
DrivemapCont + ", " + PictureCont + ", " + LatitudeCont + ", " +
LongitudeCont + ") " +
"VALUES (" + IDContIns + ", " + NameContIns +", " + StreetContIns + ", " +
Street2ContIns + ", " + Street3ContIns + ", " + ZipContIns + ", " +
CityContIns + ", " + CountryContIns + ", " + Iso2ContIns + ", " +
PhoneContIns + ", " + Phone2ContIns + ", " + FaxContIns + ", " +
MailContIns + ", " + Mail2ContIns + ", " + InternetContIns + ", " +
DrivemapContIns + ", " + PictureContIns + ", " + LatitudeContIns + ", " +
LongitudeContIns +")");
return true;
}
catch (SQLException e) {
return false;
}
}
i have a DBAdapter class there i created the database
public class DBAdapter {
public static final String DB_NAME = "mol.db";
private static final int DB_VERSION = 1;
private static final String TAG = "DBAdapter"; //to log
private final Context context;
private SQLiteDatabase db;
public DBAdapter(Context context)
{
this.context = context;
OpenHelper openHelper = new OpenHelper(this.context);
this.db = openHelper.getWritableDatabase();
}
public static class OpenHelper extends SQLiteOpenHelper
{
public OpenHelper(Context context) {
super(context, DB_NAME, null, DB_VERSION);
}
#Override
public void onCreate(SQLiteDatabase db) {
// TODO Auto-generated method stub
db.execSQL(Contact.SQL_CREATE);
db.execSQL(Country.SQL_CREATE);
db.execSQL(Picture.SQL_CREATE);
db.execSQL(Product.SQL_CREATE);
db.execSQL(Project.SQL_CREATE);
}
#Override
public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
// TODO Auto-generated method stub
Log.w(TAG, "Upgrading database from version "
+ oldVersion + " to " + newVersion
+ ", which will destroy all old data");
db.execSQL(Contact.SQL_DROP);
db.execSQL(Country.SQL_DROP);
db.execSQL(Picture.SQL_DROP);
db.execSQL(Product.SQL_DROP);
db.execSQL(Project.SQL_DROP);
onCreate(db);
}
i found so many different things and tried them but i didn't get anything to work...
i need to know how can i access the database in my activity
and how i can get the insert to work
and is there sth wrong in my code?
thanks for your help
thats how i tried to get it into my activity
public class MainTabActivity extends TabActivity {
private Context context;
#Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.maintabactivity);
TabHost mTabHost = getTabHost();
Intent intent1 = new Intent().setClass(this,MapOfLight.class);
//Intent intent2 = new Intent().setClass(this,Test.class); //Testactivity
//Intent intent2 = new Intent().setClass(this,DetailView.class); //DetailView
Intent intent2 = new Intent().setClass(this,ObjectList.class); //ObjectList
//Intent intent2 = new Intent().setClass(this,Gallery.class); //Gallery
Intent intent3 = new Intent().setClass(this,ContactDetail.class);
mTabHost.addTab(mTabHost.newTabSpec("tab_mol").setIndicator(this.getText(R.string.mol), getResources().getDrawable(R.drawable.ic_tab_mol)).setContent(intent1));
mTabHost.addTab(mTabHost.newTabSpec("tab_highlights").setIndicator(this.getText(R.string.highlights),getResources().getDrawable(R.drawable.ic_tab_highlights)).setContent(intent2));
mTabHost.addTab(mTabHost.newTabSpec("tab_contacts").setIndicator(this.getText(R.string.contact),getResources().getDrawable(R.drawable.ic_tab_contact)).setContent(intent3));
mTabHost.setCurrentTab(1);
SQLiteDatabase db;
DBAdapter dh = null;
OpenHelper openHelper = new OpenHelper(this.context);
dh = new DBAdapter(this);
db = openHelper.getWritableDatabase();
dh.SQL_INSERT_COUNTRY("AT", "Austria", "AUT");
}
}
i tried it with my country table because it has only 3 columns
public class Country {
private static String Iso2Count = "iso2_country";
private static String NameCount = "name_country";
private static String FlagCount = "flag_image_url_country";
public static final String TABLE_NAME = "country";
public static final String SQL_CREATE = "CREATE TABLE IF NOT EXISTS " + TABLE_NAME + "(" +
Iso2Count + " TEXT not NULL," +
NameCount + " TEXT not NULL," +
FlagCount + " TEXT not NULL," +
"primary key(iso2_country)";
public boolean SQL_INSERT_COUNTRY(String Iso2CountIns, String NameCountIns, String FlagCountIns) {
try{
db.execSQL("INSERT INTO " + "country" +
"(" + Iso2Count + ", " + NameCount + ", " + FlagCount + ") " +
"VALUES ( " + Iso2CountIns + ", " + NameCountIns +", " + FlagCountIns + " )");
return true;
}
catch (SQLException e) {
return false;
}
}
another question is it better to put the insert and select from each table into a separate class, so i have 1 class for each table or put them all into the DBAdapter class?
EDIT: I'm not sure you have shown all your code and therefore I'm not sure my answer is helpful. Where do you declare the variables IDCont, NameCont, StreetCont ... ? I assume they are constants defining the names of your fields. In which case my answer is not correct as that should form a valid INSERT statement.
Can you add the error messages you are seeing as well as being more specific on the DB server you are using?
Your INSERT statement will not work because you are inserting the values of the variables passed to the function, instead of specifying the names of the columns.
The first part of the statment should be all one string:
"INSERT INTO contact (IDCont, NameCont, StreetCont, Street2Cont, Street3Cont, ZipCont," +
"CityCont, CountryCont, Iso2Cont, PhoneCont, Phone2Cont, FaxCont, MailCont, " +
"Mail2Cont, InternetCont, DrivemapCont, PictureCont, LatitudeCont, LongitudeCont) "
"VALUES ("IDContIns + ", " + NameContIns +", " + StreetContIns + ", " +
Street2ContIns + ", " + Street3ContIns + ", " + ZipContIns + ", " +
CityContIns + ", " + CountryContIns + ", " + Iso2ContIns + ", " +
PhoneContIns + ", " + Phone2ContIns + ", " + FaxContIns + ", " +
MailContIns + ", " + Mail2ContIns + ", " + InternetContIns + ", " +
DrivemapContIns + ", " + PictureContIns + ", " + LatitudeContIns + ", " +
LongitudeContIns +")"
I would also question your table design, why are most of the fields TEXT and not a more appropriate data type?