I want to update/assign a user an empID in Users table. My Update below update all rows/users with the empID and not just the selected user(cbArea.Text).
string update = "Update Users set First= '" + this.txtFirst.Text + "', empID =(SELECT DISTINCT ID from Employer where area= '" + this.cbArea.Text + "') WHERE First= '" + this.txtFirst.Text + "'" ;
First= '" + this.txtFirst.Text already in WHERE clause. When removed from set it works fine.
Related
I use below query in my jsp page. but I'm not sure Is it true to use this query in jsp page.
int i = st.executeUpdate("'BEGIN TRANSACTION DECLARE #id [int] SELECT #id = SCOPE_IDENTITY() INSERT INTO Viewer(Reserve_ID, F_Name, L_Name, Competition_ID, City, Phone, [E-mail]) VALUES (#id, '" + fname + "','" + lname + "','" + 30 + "','" + city + "','" + phone + "','" + email + "' ) INSERT INTO Reservation_Inf(Reservation_Date, Competition_ID, NumberOfTicket, Position_ID) VALUES ('" + dNow + "','" + 30 + "','" + 1 + "','" + 8 + "' ) COMMIT TRANSACTION '" );
if (i > 0) {
response.sendRedirect("Success.jsp");
} else {
response.sendRedirect("Fail.jsp");
}
It gives this error :
Incorrect syntax near 'BEGIN TRANSACTION DECLARE #id [int] SELECT #id = SCOPE_IDENTITY() INSERT INTO Viewer(Reserve_ID, F_Name, L_Name, Competition_ID,'.
I am tying to read the values in SQl.
I am creating one purchase order If suppose any body has updated the price for the inventory then I am first checking that price is available or not.
If that price is not available then I am First Inserting that price into the datbase & then map new price with the inventory.
I have already achieved this functionality but I have wrote five inline query for this now i need to
change the code & replace with the single stored procedure. & how I can write the logic into the SQL
Here is my code with the explanation
//Checking that Buying Price Is Exist or not
//string CheckingIBM = "select * from RS_Inventory_Buying_Master where buying_price ='" + UpdatedPrice + "'";
//cm.TableConnect(CheckingIBM);
//If Buying Price is Exist then Update PIIM table with new buying_product_id
if (cmIS_Price_Exist.rs.Read())
{
//If Buying Price is Exist then Update PIIM table with new buying_product_id
common cm1 = new common();
string BuyingProductId = cmIS_Price_Exist.rs["buying_product_id"].ToString();
string UpdatePIIM = "update RS_Purchase_Invoice_Info_Master set buying_product_id = '" + BuyingProductId + "', qty = '" + UpdatedQuantity + "',tax_id ='" + TaxDetails + "',picreated = 1 where purchase_order_no = '" + PO + "' and product_id = '" + ProductId + "'";
cm1.TableInsert(UpdatePIIM);
cm1.con.Close();
}
//If Buying Price does not Exist then first Insert the price & then Update the other tables
else
{
//If Price is not exist then firsrt insert the price
common cm2 = new common();
string InsertBuyingPrice = "insert into RS_Inventory_Buying_Master (buying_price,latest) values ('" + UpdatedPrice + "','0')";
cm2.TableInsert(InsertBuyingPrice);
cm2.con.Close();
//After inserting the price find the buying product Id of that price
common cm3 = new common();
string FindingUpdatedPrice = "select * from RS_Inventory_Buying_Master where buying_price ='" + UpdatedPrice + "'";
cm3.TableConnect(FindingUpdatedPrice);
//Now finallly after finding the buying price id by using the inserted Price. Now update the buying product id of PIIM
if (cm3.rs.Read())
{
string BuyingProductId = cm3.rs["buying_product_id"].ToString();
//Now finallly after finding the buying price id. Now update the buying product id of PIIM
common cm4 = new common();
string UpdatePIIM = "update RS_Purchase_Invoice_Info_Master set buying_product_id = '" + BuyingProductId + "', qty = '" + UpdatedQuantity + "',tax_id ='" + TaxDetails + "',picreated = 1 where purchase_order_no = '" + PO + "' and product_id = '" + ProductId + "'";
cm4.TableInsert(UpdatePIIM);
cm4.con.Close();
}
cm3.con.Close();
}
Any suggesion will be appreciated.
declare #BuyingProductId varchar(50)
set #BuyingProductId = (select isnull(buying_product_id, '') from RS_Inventory_Buying_Master where buying_price = #UpdatedPrice)
if(#BuyingProductId <> '')
begin
--your update query
update RS_Purchase_Invoice_Info_Master set buying_product_id = #BuyingProductId ,
qty = #UpdatedQuantity ,tax_id = #TaxDetails ,picreated = 1
where purchase_order_no = #PO
and product_id = #ProductId ;
end
else
begin
--your insert query
insert into RS_Inventory_Buying_Master (buying_price,latest)
values (#UpdatedPrice,'0')
set #BuyingProductId = (SELECT ##IDENTITY)
update RS_Purchase_Invoice_Info_Master set buying_product_id = #BuyingProductId ,
qty = #UpdatedQuantity ,tax_id = #TaxDetails ,picreated = 1
where purchase_order_no = #PO
and product_id = #ProductId ;
end
Check with this query. Please make sure to create new sp and provide all the value like #UpdatedQuantity etc.
When adding rows to a table I am getting Error: column does not exist and I am not sure why. I know the table does and it is fairly straight forward. Here is what I have to add and here is what the table looks like. Any help would be great and let me know if you have any questions. Thanks!
Whatever value I have in emailField it is giving me the error that emailfield column does not exist
final String addemployee = "insert into employee values ('" + name_field.getText() + "', '" + usersSuper.getText() + "', '" + true + "' , md5('" + passwordField.getText() + "') , " + emailField.getText() + ");";
Here is the table
CREATE TABLE employee
(
name text NOT NULL,
manageremail text,
isadmin boolean NOT NULL,
userpassword text NOT NULL,
email text NOT NULL,
CONSTRAINT "user_Email" PRIMARY KEY (email)
)
Try
final String addemployee = "insert into employee values ('" + name_field.getText() + "', '" + usersSuper.getText() + "', '" + true + "' , md5('" + passwordField.getText() + "') , '" + emailField.getText() + "');";
You've missed quotes around emailField.getText()? it should be '" + emailField.getText() + "'
I have a form that users can use to edit data in my database. The database is structured like this:
If a user wants to edit both a FAVE_COLOR and a FAVE_FOOD, how would I go about doing that in my SQL statement? I can think of this, but is there a way to do this in one statement?
string sql1 = "UPDATE MYTABLE " +
"SET PROP_VALUE = '" + form["color"] + "' " +
"WHERE ID = " + form["id"] + " " +
"AND PROP_NAME = 'FAVE_COLOR'"
string sql2 = "UPDATE MYTABLE " +
"SET PROP_VALUE = '" + form["food"] + "' " +
"WHERE ID = " + form["id"] + " " +
"AND PROP_NAME = 'FAVE_FOOD'"
string sql = "UPDATE MYTABLE " +
"SET PROP_VALUE = CASE " +
"WHEN PROP_NAME = 'FAVE_COLOR' THEN '" + form["color"] + "' " +
"WHEN PROP_NAME = 'FAVE_FOOD' THEN '" + form["food"] + "' " +
"END " +
"WHERE ID = " + form["id"] + " " +
"AND PROP_NAME IN ('FAVE_COLOR', 'FAVE_FOOD')"
But beware of SQL injection! You really should be using prepared statements, into which you pass your variables as parameters that do not get evaluated for SQL. If you don't know what I'm talking about, or how to fix it, read the story of Bobby Tables.
You can use case statements:
UPDATE MYTABLE
SET PROP_VALUE = (
CASE favefood
WHEN PROP_NAME = 'FAVE_FOOD'
THEN 'PIZZA'
CASE favecolor
WHEN PROP_NAME = 'FAVE_COLOR'
THEN 'BLUE'
WHERE ID = #myIdValue
For MS SQL Server you can use an UPDATE FROM which will update two properties at the same time, like this:
CREATE TABLE MYTABLE (
ID INT,
PROP_NAME VARCHAR(20),
PROP_VALUE VARCHAR(20));
go
INSERT INTO MYTABLE VALUES (1, 'A','B')
go
INSERT INTO MYTABLE VALUES (1, 'C', 'D')
go
UPDATE MYTABLE
SET PROP_VALUE = X.PROP_VALUE
FROM MYTABLE MT JOIN (
SELECT 'A' AS PROP_NAME, 'F' AS PROP_VALUE
UNION
SELECT 'C' AS PROP_NAME, 'G' AS PROP_VALUE) AS X ON MT.PROP_NAME = X.PROP_NAME
WHERE ID = 1
For other SQL DB server the solution should be similar if not identical.
the UPDATE gives ???? if the updater field was written in Arabic and this is my query:
UPDATE students
SET first_name = 'الاسم' , last_name = 'الاسم الاخير' ,
father_name = 'الاسم الاخير' , mother_name = '',
birth_date = '1/1/1990 12:00:00 AM' , education_level = '' ,
address = '' , notes = ''
WHERE student_id = 33
And here is the result of the update:
student_id first_name last_name mother_name father_name birth_date
33 ????? ????? ?????? ??????????? 1990-01-01
//the answer is great and thank you people, another question is that I am using this UPDATE syntax in my C# program
command.CommandText = "UPDATE students SET " +
"first_name = " + "'" + first_name + "'" + " , last_name = " + "'" + last_name + "'" +
" , father_name = " + "'" + father_name + "'" + " , mother_name = " +
"'" + mother_name + "'" + ", birth_date = " + "'" + birth_date + "'" +
" , education_level = " + "'" + education_level + "'" +
" , address = " + "'" + address + "'" + " , notes = " + "'" + notes + "'" +
" WHERE student_id = " + id ;
//how to use the character N
You have forgotten the N prefix before your string literals which is required so they will be treated as nvarchar rather than varchar
SET first_name = N'الاسم' etc.
without that the text is coerced into whatever characters the code page of your default collation can deal with.
Create the database with this collation Arabic_CI_AS, you won't need to put N before the Arabic characters.