I have a SQL Statement like this :
$queryBuilder0 = "
SELECT molecule.molecule, molecule.cas, molecule.statutvlep8h, molecule.statutvlepct,
molecule.vlep8hMg, molecule.vlepctMg,molecule.unitevlep, IDENTITY(prelevement.laboratoire)
FROM AppBundle:Molecule molecule
INNER JOIN AppBundle:Prelevement prelevement
WHERE prelevement.molecule= molecule.id
";
I want to concat to this statement LIKE in SQL. So I write :
$queryBuilder0 = $queryBuilder0.'WHERE molecule.cas LIKE '%$data->value%' ';
But I got symfony error when I try to do :
$this->_em->createQuery($queryBuilder0)->getResult();
How can I do ?
You have used single speech marks for your string and in your extended query. It is all about your use of delimiting your strings.
Simple fix would be to use double speech marks
$queryBuilder0 =$queryBuilder0." WHERE molecule.cas LIKE '%$data->value%' ";
Or escape you quotes
$queryBuilder0 =$queryBuilder0.' WHERE molecule.cas LIKE \'%$data->value%\' ';
Or just append the xtra bit without restating the variable;
$queryBuilder0 .= " WHERE molecule.cas LIKE '%$data->value%' ";
Related
I am using RODBC to connect to a database. I would love for a user to be able to define wildcard strings to lookup in the SQL as part of a function. I cannot use CONTAINS as the database is not full-text indexed.
The SQL I want to create is
"SELECT *
FROM mydataTable
WHERE (ItemNM LIKE '%CT%' OR ItemNM LIKE '%MRI%' OR ItemNM LIKE '%US%')"
The user should be able to define as many wildcards as they like, all from the ItemNM field and all separated by OR.
myLookup<-function(userdefined){
paste0("SELECT *
FROM mydataTable
WHERE ( LIKE '",userdefined,"')")
}
If I vectorise the userdefined (ie userdefined<-c("US","MRI")) then I end up with separate SQL strings which is no good. How can I get the output as above but for any length of user defined string where they are just defining the wildcard?
You could use :
myLookup <- function(userdefined) {
paste0('SELECT * FROM mydataTable WHERE (',
paste0('ITENM LIKE %', userdefined, '%', collapse = " OR "), ')')
}
userdefined<-c("US","MRI")
myLookup(userdefined)
#[1] "SELECT * FROM mydataTable WHERE (ITENM LIKE %US% OR ITENM LIKE %MRI%)"
We can use glue
library(glue)
mylookup <- function(userdefined){
as.character(glue('SELECT * FROM mydataTable WHERE (',
glue_collapse(glue("ItemNM LIKE '%{userdefined}%'"), sep=" OR "), ')'))
}
mylookup(userdefined)
#[1] "SELECT * FROM mydataTable WHERE (ItemNM LIKE '%US%' OR ItemNM LIKE '%MRI%')"
I write a code for dynamic search on a database while using lucene.net.
I started creating queries and find the position of the results, It worked great!!
but when I used Proximity Searches, I get an error:
Lexical error at line 1, column 72. Encountered: after : "\" "
my Searching function:
private static List<String> GeneralSearch(string txt, Table type)
{
txt= "10~" + txt;
string newQuery = "";
foreach (var field in fields[type])
{
newQuery += field + ": " + txt + " OR ";
}
newQuery = newQuery.Substring(0, newQuery.Length - 4)+" ";
parser.MultiTermRewriteMethod =
MultiTermQuery.SCORING_BOOLEAN_QUERY_REWRITE;
BooleanQuery bq = new BooleanQuery();
Query query = parser.Parse(newQuery);
bq.Add(query, Occur.MUST);
bq.Add(new TermQuery(new Term("tbl", type.ToString())), Occur.MUST);
TopDocs hits = searcher.Search(bq, reader.MaxDoc);........
The "txt" variable contained a query like that:
txt= "I like to read"
The function create a new query for searching on all the field of specific table
title: 10~"I like to read" OR content: 10~"I like to read"
I think my problem is maybe that the language alignment was right to left.
If you have an idea, it will help me !!
I can't speak to the specific error, however your query is malformed in two ways
The slop (proximity) operator must trail a query not lead the query
Literal phrase queries must be enclosed with double quotes
It's wise to log the result of a query parse with Query.ToString(). Assuming StandardAnalyzer, your query is parsing to something like this:
(text:10~0.5 text:i text:like text:read) +tbl:somevalue
What you think is your slop is parsed as a term query with the default slop value of 0.5
text:10~0.5
and what you thought was a phrase query is in reality parsing to multiple term queries because your phrase is not double quoted:
text:i text:like text:read
You want your raw query to look something like this:
text: "I like to read"~10
Here's a nice guide regarding Lucene query syntax. Good luck!
What is wrong with this query?
select author_num from (henry_author where (contains(author_first,'Albert') > 0))
Keeps giving me an error that is is missing a right parenthesis?
SELECT author_num FROM henry_author WHERE author_first LIKE '%Albert%';
or, probably better to account for data inconsistencies:
SELECT author_num FROM henry_author WHERE UPPER(author_first) LIKE '%ALBERT%';
The % is a wildcard matching zero or more characters. So %ALBERT% means anything can be before or after 'ALBERT', which is effectively what your contains() function is doing.
UPPER is just a function which converts the string into upper case characters, which makes it easier to deal with potential data inconsistencies, ie. someone typed in 'albert' instead of 'Albert', etc.
Since you're using JDBC, you might want to structure your query to use PreparedStatement which will allow you to parameterize your query like so:
final String sqlSelectAuthorNum = "SELECT author_num FROM henry_author WHERE UPPER(author_first) LIKE ?";
final PreparedStatement psSelectAuthorNum = conn.prepareStatement(sqlSelectAuthorNum);
// now execute your query someplace in your code.
psSelectAuthorNum.setString(1, "%" + authorName + "%");
final ResultSet rsAuthorNum = psSelectAuthorNum.executeQuery();
if (rsAuthorNum.isBeforeFirst()) {
while (rsAuthorNum.next()) {
int authorNumber = rsAuthorNum.getInt(1);
// etc...
}
}
$q = 'INSERT INTO MyTable(proddesc, qnty, PriceH, PriceA, PriceL) VALUES(?,?,?,?,?)';
$sth = odbc_prepare($dbConn, $q);
$success = odbc_execute($sth, array(my 5 variables that are not null));
It gives me the above error - [ODBC Microsoft Access Driver] COUNT field incorrect. I know that the query is correct because I ran it in Access and it was fine. I think I may be using the prepare/execute statements incorrectly.
I also encountered this now and the solution I did to fix it is to quote the variables properly.
Try printing your $q and you will see if it needs to be quoted.
You can try these too:
INSERT INTO TABLE -- quote db and table names using (`) "grave accent" character
VALUES( 'Fed''s' ) -- quote the apostrophes
qryreg.SQL.Add('Insert into RegistreerTB');
qryreg.SQL.add('Name , Surname, E-mail, Password)');
qryreg.SQL.Add('Values ('+quotedstr(edtname.Text)+','+quotedstr(edtsname.Text)+','+quotedstr(edtemail.Text)+','+quotedstr(edtpassuse.Text)+')');
qryreg.ExecSQL ;
qryreg.SQL.Text := 'Select * from RegistreerTB';
qryreg.Open ;
This is the code im using atm with delphi im trying to save data to my database from editboxes. The error im getting is EOELeException "Insert into statement"
ty in advance
As oodesigner stated, a better method would be to use parameters. I don't know what text book you are looking at, but the code given isn't really best practice (it isn't worst practice either, at least it uses QuotedStr rather than '''' + edtname.Text + '''' which fails the first time you use something like O'Connell, and allows SQL injection attacks.
Using parameters and assuming SQL Server syntax as per Rob's answe, and assuming TADOQuery (based on the EOLEException) the code would be something like:
qryreg.SQL.Add('Insert into RegistreerTB');
qryreg.SQL.Add('(Name , Surname, [E-mail], Password)'); //SQL Server syntax with square brackets
// OR qryreg.SQL.Add('(Name , Surname, "E-mail", Password)'); //Oracle/Postgres syntax with double quotes
// OR qryreg.SQL.Add('(Name , Surname, `E-mail`, Password)'); //MySQL syntax with grave accent
qryreg.SQL.Add('Values :Name, :Surname, :Email, :Password)');
qryreg.Parameters.ParamByName('Name').Value := edtName.Text;
qryreg.Parameters.ParamByName('Surname').Value := edtSName.Text;
qryreg.Parameters.ParamByName('Email').Value := edtEmail.Text;
qryreg.Parameters.ParamByName('Password').Value := edtPassUse.Text;
qryreg.ExecSQL;
qryreg.SQL.Text := 'Select * from RegistreerTB';
qryreg.Open ;
As John's answer points out, you need to have parentheses around the column names before VALUES. You need to make sure all the column names are valid SQL identifiers. If they aren't, as in the case for E-mail, you need to quote or escape them according to your database's syntax rules. For example, MySQL uses grave accents, Microsoft SQL uses brackets, and Oracle and Postgresql use quotation marks.
Your problem is in the first line. I made the correction below. you need an opening parenthesis.
qryreg.SQL.Add('Insert into RegistreerTB (');
qryreg.SQL.Add('Name , Surname, E-mail, Password)');
qryreg.SQL.Add('Values ('+quotedstr(edtname.Text)+','+quotedstr(edtsname.Text)+','+quotedstr(edtemail.Text)+','+quotedstr(edtpassuse.Text)+')');
qryreg.ExecSQL ;
qryreg.SQL.Text := 'Select * from RegistreerTB';
qryreg.Open ;
see if this works
qryreg.SQL.Add("Insert into RegistreerTB (");
qryreg.SQL.Add("Name , Surname, E-mail, Password)");
qryreg.SQL.Add("Values ('"+edtname.Text+"','"+edtsname.Text +"','"+edtemail.Text+"','"+edtpassuse.Text +"')");
qryreg.ExecSQL ;
qryreg.SQL.Text := "Select * from RegistreerTB";
qryreg.Open ;
May be you have to call qryreg.SQL.Clear before your first line.
Why not to use parameters ?