I use postgreSQL/pentaho CDE. I need to transmit parameter as schema prefix in my query. I need to run this query: select * from peredelkino_public.protocol
I used custom parameter in Pentaho (named 'selector_par'), in properties named 'Javascript code' i wrote 'peredelkino_public.protocol'.
Then I changed sql query in component 'sql over sqlJndi' like this: select * FROM (${selector_par})
But this query doesn't work! I get message 'Error processing component'. How I can transmit schema prefix in my query?
Check the Replace variables in script.
Note: if the parameter selector_par does not exists or is misspelled, you may get a hard to understand error message.
You cannot.
CDE can only use JDBC parameters and those cannot be used in the from clause.
If you absolutely need to do that, you should use a Kettle datasource in CDE, as PDI allows any variable to be used in any part of a SQL query.
But make sure you sanitize your inputs. Variable replacements such as that one are a gold mine for hackers.
Related
Hello for demonstration purposes I trimmed out my actual sql query.
I have a SQL query
SELECT *
FROM dbdev.training.courses
where dbdev is my DEV database table name. When I migrate to TEST env, I want my query to dynamically change to
SELECT *
FROM dbtest.training.courses
I tried using input parameters like {env: p('db_name')} and using in the query as
SELECT * FROM :env.training.courses
or
SELECT * FROM (:env).training.courses
but none of them worked. I don't want my SQL query in properties file.
Can you please suggest a way to write my SQL query dynamically based on environment?
The only alternative way is to deploy separate jars for different environments with different code.
You can set the value of the property to a variable and then use the variable with string interpolation.
Warning: creating dynamic SQL queries using any kind of string manipulation may expose your application to SQL injection security vulnerabilities.
Example:
#['SELECT * FROM $(vars.database default "dbtest").training.courses']
Actually, you can do a completely dynamic or partially dynamic query using the MuleSoft DB connector.
Please see this repo:
https://github.com/TheComputerClassroom/dynamicSQLGETandPATCH
Also, I'm about to post an update that allows joins.
At a high level, this is a "Query Builder" where the code that builds the query is written in DataWeave 2. I'm working on another version that allows joins between entities, too.
If you have questions, feel free to reply.
One way to do it is :
Create a variable before DB Connector:
getTableName - ${env}.training.courses
Write SQL Query :
Select * from $(getTableName);
I have simple SQL Query and need to get the input from parameter. I am getting the when i click parameter button. Please let me know how to get the parameter if i have declare statement in my scripts.
Note :OLEDB connection manager used for connection
You can't use parameters in an OLEDB Source if your command contains DECLARE, or anything other than a single SELECT statement.
The way to do what you want is to use build your entire SQL Command into a single SSIS variable, and use the "SQL Command from variable" option in the OLEDB source.
EDIT based on comments:
If you have to handle a SQL Command over 4000 characters, the only way to do it is in a Script Component. The SQL Command in a script component can be any length. Here is an example.
To proceed with a Database validation, I am having a need of comparing a record in the DB along with a data which is dynamically generated in the previous REST response, using SoapUI.
I have already captured the property value using a Property Transfer step and stored the required value in a custom property in Test-Case successfully i.e., using property expansion, say ${TestCase#customerId}
My intention is to use that particular value stored in the custom properties to query the result I am expecting, in the JDBC Request test step.
The query which I have drafted with the parameter is as below :
Select *
From ABC.SEC_CUST
Where ABC.SEC_CUST.CUSTOMER_ID = ${TestCase#customerId}
The response I receive after executing is as below.
Error getting response; java.sql.SQLSyntaxErrorException : ORA-00911: Invalid character.
But, when I run the query without the parameterized value it executes perfectly. Where, I tend the conclusion as there is a syntax issue in the way I have mentioned the parameter in the query.
But, I am unable to find the correct way to mention the parameter in the query in SoapUI.
Can anyone with experience in SoapUI, please assist me on this?
That is not working because of the use of property expansion which is only known to SoapUI, but not for the SQL query.
In order to get it work for the same, you need to define the variables in the top for all the parameters that are going to be used in the sql query.
Here the screen shot which explains how to use the same:
You forgot a '#'
Select *
From ABC.SEC_CUST
Where ABC.SEC_CUST.CUSTOMER_ID = ${#TestCase#customerId}
Try this.
Select * From ABC.SEC_CUST
Where ABC.SEC_CUST.CUSTOMER_ID = :customerId
I have a custom SQL expression with some parameters.
I've added it to Field Explorer correctly.
But I couldn't find an example of syntax for using pre-defined parametrized SQL command with my own non-default parameters.
For example, there is a SQL expression like this (it's body of SQL command):
select count(*) from table A where A.col1 > {?param}
I want to create a set of fields with different parameters.
What should I to do?
Is it possible?
Version of CR is 11, SQL syntax is Oracle SQL.
Thank in advance.
You can't use parameter field in a SQL-expression field.
You can, however, use a parameter field with a Command object (assuming that the parameter was defined in the Command object)
SSIS 2008. Very simple task. I want to retrieve a System Variable and use it in an SQL INSERT. I want to retrieve the value of System:MachineName and use it in an insert statement.
Using the statement INSERT INTO MYLOG (COL1) SELECT #[System::MachineName] gives the error Error: ..failed to parse. Must declare the scalar variable "#"
Using the statements SELECT #System::MachineName or SELECT ##[System::MachineName] gives the error 'Error Incorrect systax near '::'
I am not trying to pass a parameter to the query. I have searched for a day already but couldn't find how to do this one simple thing!
Here is one way you can do this. The following sample package was created using SSIS 2008 R2 and uses SQL Server 2008 R2 as backend.
Create a sample table in your SQLServer database named dbo.PackageData
Create an SSIS package.
On the SSIS, add an OLE DB connection manager named SQLServer to connect to your database, say to an SQL Server database.
On the Control flow tab, drag and drop an Execute SQL Task
Double-click on the Execute SQL task to bring the Execute SQL Task Editor.
On the General tab of the editor, set the Connection property to your connection manager named SQLServer.
In the property SQLStatement, enter the insert statement INSERT INTO dbo.PackageData (PackageName) VALUES (?)
On the Parameter Mapping tab, click Add button, select the Package variable that you would like to use. Change the data type accordingly. This example is going to insert the PackageName into a table, so the Data Type would be VARCHAR. Set the Parameter Name to 0, which indicates the index value of the parameter. Click OK button.
Execute the package.
You will notice a new record inserted into the table. I retained the package name as Package. That's why the table
Hope that helps.
Per my comment against #ZERO's answer (repeated here as an answer so it isn't overlooked by SSIS newcomers).
The OP's question is pretty much the use case for SSIS property expressions.
To pass SSIS variables into the query string one would concatenate it into an expression set for the SqlStatementSource property:
"INSERT INTO MYLOG (COL1) SELECT " + #[System::MachineName]
This is not to suggest the accepted answer isn't a good pattern, as in general, the parameterised approach is safer (against SQL injection) and faster (on re-use) than direct query string manipulation. But for a system variable (as opposed to a user-entered string) this solution should be safe from SQL injection, and this will be roughly as fast or faster than a parameterised query if re-used (as the machine name isn't changing).
I never use it before but maybe you can check out the use of expression in Execute SQL task for that.
Or just put the whole query into an expression of a variable with evaluateAsExpression set to true. Then use OLE DB to do you insert
Along with #user756519's answer, Depending on your connection string, your variable names and SQLStatementSource Changes