I am new to SQL Server and I am unable to debug the Procedures.
The firewall ports aren't open for Debugging.
I am working on someone else's code and didn't understand this where clause. I didnt even think it was possible
WHERE SS_CC.FirstName + SS_CC.LastName + CONVERT(varchar(15),SS_CC.CustomerID) + RF_AS.EventType + SS_CC.AddressLine1 + SS_CC.AddressLine2 + SS_CC.City + SS_CC.[State] + SS_CC.ZipCode +
This where clause is missing something at it's right. It could be something like this:
WHERE (SS_CC.FirstName + SS_CC.LastName + CONVERT(varchar(15),SS_CC.CustomerID) + RF_AS.EventType + SS_CC.AddressLine1 + SS_CC.AddressLine2 + SS_CC.City + SS_CC.[State] + SS_CC.ZipCode
-- added part
)='something'
Related
if (conpassedt.text = '') or (regpassedt.text = '') or (regaccedt.text = '') or (regpassedt.text <> conpassedt.text) then
begin
showmessage('Please fill in all fields for input and confirm passwords match');
end else
begin
DM.qryDB.sql.clear;
DM.qrydb.sql.add('INSERT INTO tblUsers(AccountName, Password) ');
DM.qrydb.sql.add('VALUES ("'+ regaccedt.text +'", "' + THashMD5.GetHashString(regpassedt.text) + '")');
DM.qrydb.ExecSQL;
end;
Most likely, your DB requires single quotes instead of double quotes on string literals, eg:
DM.qrydb.sql.add('INSERT INTO tblUsers(AccountName, Password) ');
DM.qrydb.sql.add('VALUES (''' + regaccedt.text + ''', ''' + THashMD5.GetHashString(regpassedt.text) + ''')');
In which case, you should use QuotedStr() instead to handle quoting and escaping for you (which will better help you avoid SQL Injection attacks properly), eg:
DM.qrydb.SQL.Add('INSERT INTO tblUsers (AccountName, Password) ');
DM.qrydb.SQL.Add('VALUES (' + QuotedStr(regaccedt.text) + ', ' + QuotedStr(THashMD5.GetHashString(regpassedt.text)) + ')');
Though, you really should use a parameterized query instead, and let the DB engine work out any necessary quoting and escaping that it needs, eg:
DM.qrydb.SQL.Add('INSERT INTO tblUsers (AccountName, Password) ');
DM.qrydb.SQL.Add('VALUES (:PAccountName, :PPassword)');
DM.qrydb.ParamByName('PAccountName').AsString := regaccedt.text;
DM.qrydb.ParamByName('PPassword').AsString := THashMD5.GetHashString(regpassedt.text);
Modern versions of Delphi with Firedac have overloaded versions of various SQL methods to allow removal of a lot of the boilerplate in your question. Also as already mentioned in comments use parameters vs constructing a string.
FDQuery1.ExecSQL('INSERT INTO tblUsers(AccountName, Password) VALUES (:AccountName, :Password);',
[regaccedt.text,THashMD5.GetHashString(regpassedt.text)],
[ftWideString,ftWideString]);
I am trying to come up with a the correct path for my Crystal report to pick the correct .pdf files. Here is what I have on SQL:
CASE
WHEN pd.pdCode like 'CUST%'
THEN 'Y:\300 ORDER PROCESSING\Majid Ahmadi\' + CAST(ord.ordPONumber as nvarchar(25)) + '_Custom' + '.pdf' --Added 2018-05-23 by MA
ELSE Null
END AS imageFilePath
And results:
Y:\300 ORDER PROCESSING\Majid Ahmadi\53244_Custom.pdf
Problem is I have multiple files that I want to pick. Like:
enter image description here
(picture in the link)
Any suggestion to modify my path?
Could use change the THEN to
THEN 'Y:\300 ORDER PROCESSING\Majid Ahmadi\' + CAST(ord.ordPONumber as nvarchar(25)) + '_' + pd.pdCode + '.pdf'
I have a query that I made that pulls data from a form that is being submitted by my drivers
SELECT DRIVER, POWER
,VARCHAR(SUBSTR(CAST(BODY AS VARCHAR(100)),LOCATE('FIELD:002',CAST(BODY AS VARCHAR(100))) + 9, (LOCATE('#FIELD:003',CAST(BODY AS VARCHAR(100))) - (LOCATE('FIELD:002',CAST(BODY AS VARCHAR(100))) + 11))),10) AS TRAILER
,VARCHAR(SUBSTR(CAST(BODY AS VARCHAR(100)),LOCATE('FIELD:003',CAST(BODY AS VARCHAR(100))) + 9, (LOCATE('#FIELD:004',CAST(BODY AS VARCHAR(100))) - (LOCATE('FIELD:003',CAST(BODY AS VARCHAR(100))) + 11))),10) AS REASON
,VARCHAR(SUBSTR(CAST(BODY AS VARCHAR(100)),LOCATE('FIELD:004',CAST(BODY AS VARCHAR(100))) + 9, (LENGTH(CAST(BODY AS VARCHAR(100))) - (LOCATE('FIELD:004',CAST(BODY AS VARCHAR(100))) + 10))),50) AS DESCRIPTION
FROM VMC_RETNO2 WHERE MESSAGE_ID = '21021590' WITH UR
and this is how it looks in my data base!
#FIELD:001
#FIELD:002
#FIELD:003 5-Other
#FIELD:004
This query works great however when I try to manipulate the query so it pulls data for another form nothing returns, can you guys help me out? Thanks in advance
This is how the data looks that I need
Freight Bill:99095648
Master BOL#1:1111111111
Master BOL#2:2222222222
Master BOL#3:3333333333
Weight:10464
MSF:736.234
SET #SQLSTATEMENT = 'INSERT INTO #MAX_STORAGE
SELECT MAX(A.[ROW])
FROM
(SELECT *
FROM [DATABASE].[dbo].[Refined_Est_Probability_09_MODIFIED]
WHERE
[FIPST_ENT] = ' + #FIPST_ENT + '
AND [FIPCNTY_ENT] = ' + #FIPCNTY_ENT + '
AND [SIC_ENT] = ' + #SIC2_ENT + '
AND [FMSZ_ENT] = ' + #FMSZENT_ENT + '
AND [ESTABLISHMENTS_AVAILABLE_FMSZEST <= ' + #MAXIMUM_FMSZEST+'] > 0) A'
EXEC(#SQLSTATEMENT)
I was running the dynamic SQL query above as part of a stored procedure I had written and got the following error:
Msg 207, Level 16, State 1, Line 7
Invalid column name 'A'.
I then changed my query so that it looked like this (eliminated the alias A):
SET #SQLSTATEMENT =
'INSERT INTO #MAX_STORAGE
SELECT
MAX([ROW])
FROM
(SELECT *
FROM [DATABASE].[dbo].[Refined_Est_Probability_09_MODIFIED]
WHERE [FIPST_ENT] = ' + #FIPST_ENT + '
AND [FIPCNTY_ENT] = ' + #FIPCNTY_ENT + '
AND [SIC_ENT] = ' + #SIC2_ENT + '
AND [FMSZ_ENT] = ' + #FMSZENT_ENT + '
AND [ESTABLISHMENTS_AVAILABLE_FMSZEST <= ' + #MAXIMUM_FMSZEST + '] > 0)'
EXEC(#SQLSTATEMENT)
But I still ran into an error (this time different):
Msg 102, level 15, state 1, line 9
Incorrect syntax near ')'
I declared the following variables earlier in the procedure with their respective data types/lengths seen next to them:
#FIPST_ENT CHAR(2)
#FIPCNTY_ENT CHAR(3)
#SIC2_ENT CHAR(2)
#FMSZENT_ENT CHAR(1)
#MAXIMUM_FMSZENT CHAR(1)
#SQLSTATEMENT VARCHAR(MAX)
Before this dynamic SQL statement was reached in the stored procedure, the temporary table #MAX_STORAGE was already created and contains only one column of datatype int.
Am I missing something I'm doing wrong? Any help would be greatly appreciated.
Thanks.
At bare minimum, you need to enclose string fields in escaped-single-quotes within the Dynamic SQL. The adaptation I show below is based on this comment on the Question:
FIPST_ENT is numeric in nature (i.e. 01-50) but cast as a character. Likewise with the other FIPCNTY_ENT and SIC2_ENT. FMSZENT is cast as a character but is sometimes numeric (i.e. 1-9) and other times non-numeric (i.e. A-C).
So it seems that only FMSZENT needs the escaped-single-quotes.
Also, using a derived query requires an alias. So whatever the initial problem was, you then introduced a new parse error by removing the alias ;-).
SET #SQLSTATEMENT =
'INSERT INTO #MAX_STORAGE
SELECT MAX(tmp.[ROW]) FROM
(SELECT * FROM [DATABASE].[dbo].[Refined_Est_Probability_09_MODIFIED]
WHERE [FIPST_ENT] = '+#FIPST_ENT+'
AND [FIPCNTY_ENT] = '+#FIPCNTY_ENT+'
AND [SIC_ENT] = '+#SIC2_ENT+'
AND [FMSZ_ENT] = '''+#FMSZENT_ENT+'''
AND [ESTABLISHMENTS_AVAILABLE_FMSZEST<='+#MAXIMUM_FMSZEST+'] > 0) tmp;'
Now, when it comes to debugging Dynamic SQL, the first step should be looking at what SQL you actually constructed, as it might not be what you think it should be:
PRINT #SQLSTATEMENT;
I'm querying my Access table with this query:
SELECT (VIN&' '&Make&' '&Model&' '&CarYear&' '&ExColor&' '&InColor&' ')as CarDescript
FROM TestTable
WHERE (WorkOrderNumber='$workorder')
GROUP BY AssignedEmp;
But a similar type of query works just fine in this SQL Fiddle
Even if I replace the long (VIN&' '&....) with VIN it still doesn't work.
EDIT: Schema of the table is
WorkOrderNumber - Priority - JobStage - WorkItem - AssignedEmp - DueDate - VIN - Make - ... - InColor
In general use + instead of & for SQL. (Access will allow this however).
In a group by you need to pick which one in the group to use (if you are using mysql like your example it just picks a random one, see this fiddle) so to fix this in the general case for your example:
SELECT (max(VIN) + ' ' + max(Make) + ' ' + max(Model) + ' ' + max(CarYear) + ' ' + max(ExColor) + ' ' + max(InColor) + ' ')
as CarDescript
FROM TestTable
WHERE WorkOrderNumber='$workorder'
GROUP BY AssignedEmp;