sql updating data problem with index - sql

I am updating the data by the following method
class xxxxxx
{
public static string updatepersonformData(string staffID, string Firstname, string Lastname, string Address1,
string Address2,string Address3, string Town, string County, string Postcode, string HomePhone, string Mobile,
string PersonalEmail, string Reference, string BookingName, string Position_Id, string Role_Id, string Gender,
string Dob, string WorkPhone, string WorkEmail, formMain mf)
{
string result = xxxxxx.InsertData(string.Format(#"update staff set staff_Reference='{2}' staff_Firstname = '{3}',staff_Lastname='{4}' ,
staffPosition_Id='{5}',staffRole_Id='{6}', staff_Dob='{7}',staff_Gender='{8}' staff_Address1 = '{9}',
staff_Address2='{10}',staff_Address3 ='{11}' staff_Town ='{12}',staff_County = '{13}',staff_Postcode='{14}',staff_HomePhone='{16}',
staff_WorkPhone ='{17}',staff_Mobile ='{18}',staff_PersonalEmail ='{19}',staff_WorkEmail='{20}',staff_BookingName='{21}',WHERE staff_Id ={0}",
staffID, Reference, Firstname, Lastname, Position_Id, Role_Id, Dob, Gender, Address1, Address2, Address3, Town, County, Postcode, HomePhone, WorkPhone,
Mobile, PersonalEmail, WorkEmail, BookingName), mf);
return result;
}
}
I am calling this function in main form by using this below
xxxxxx.updatepersonformData(tbCStaffHiddenId.Text, tbFirstname.Text, tbLastname.Text, tbAddress1.Text, tbAddress2.Text, tbAddress3.Text, tbTown.Text,
tbCounty.Text, tbPostcode.Text, tbHomePhone.Text, tbMobile.Text, tbPersonalEmail.Text, tbReference.Text, tbBookingName.Text, selectTextToId(cbPosition, aaPositions),
selectTextToId(cbRole, aaRoles), cbGender.Text, tbDob.Text.ToString(), tbWorkPhone.Text, tbWorkEmail.Text, mf);
But when I am updating this one I got the error like this......
Error: "Index (zero based)
must be greater than or equal to zero
and less than the size of the argument
list.
Make sure your method arguments are in
right form.
When converting a string to date time,
parse the string to take the date
before putting each variable into the
date time object.
Can anyone help on this ...

You're passing 20 arguments to string.Format, but your format placehorlders go from 0 to 21 (so presumably you need 22 arguments, or you've misindexed the thing - e.g. I don't see a {15} in there). Recheck your string and arguments until that formatting error is resolved.
And you have a syntax error in your query. The should not be a , before the WHERE keyword.
(And please use bind variables if they are available on whatever system/language it is you are using, and sanitize your data, otherwise bad things will happen - google for "sql injection".)

Sorry, User682417, but this is all kinds of messy.
I'm pretty sure you've got the indexing of the parameters wrong - you set
staff_Reference='{2}'
but it's at index 1 - is it possible you need to decrement each of the indices?
Also, SQL injection. But others have said that already.
Also, in the unlikely event you're passing the date of birth in correctly, you're assuming your client and your database have the same date formatting - but Europeans usually enter dd/mm/yyyy, whilst Americans often enter mm/dd/yyyy. Great source of comedy bugs, that one.

Related

ActiveRecord (SQL) query multiple columns only if search string not empty

Using a PG database filled with registered voters.
Trying to set it up so I can search by first name, last name, zip or city. I want to be able to find all voters that match all of the entered params, but having trouble dealing with empty search fields.
where("zip LIKE ? OR city LIKE ? OR last_name LIKE ? OR first_name LIKE ?",
"#{params[:zip]}","#{params[:city]}","#{params[:last_name]}","#{params[:first_name]}")
Is there a better way to build it out so that it matches ALL entered parameters, but ignores empty string parameters? Right now if I enter a first and last name 'John Smith' I will get 'John Jones' and 'Jane Smith'.
This can do the trick:
attrs_name_to_search = %w( zip city last_name first_name )
fitlered_params = params.slice(*attrs_name_to_search).select { |_,v| v.present? }
sql_cond = filtered_params.map { |k,_| "#{k} LIKE :#{k}" }.join(' OR ')
YourModel.where(sql_cond, filtered_params)
But it should return all the records if no zip/city/last_name/first_name is given.

How to insert nvarchar value in a query string

I have a query string which is
var projectid = sqlConn.Query<int>("insert into project (name,customer_id, service_id,user_id) values (#name,#customerid,#serviceid,#userid);SELECT SCOPE_IDENTITY(); ", new { name = Name, customerid = Customer, serviceid = Service, userid = userId }).Single();
where name is a nvarchar field. Now I know I need to use 'N' character and I have tried the followings
'N#name'
N'#name'
but it doesn't seem to work. Can anyone help me with this please?
You don't need to use N prefix with variables.
It is needed only with explicitly typed strings (string constants) like insert into ... values(N'some text', ...)
If your name variable contains unicode string - then no special actions are required.

Apex parse error when creating SQL query with sql function

I have the following function:
CREATE OR REPLACE FUNCTION calc_a(BIDoctor number) RETURN number
IS
num_a number;
BEGIN
select count(NAppoint)
into num_a
from Appointment a
where BIDoctor = a.BIDoctor;
RETURN num_a;
END calc_a;
What we want is adding a column to a report that shows us the number of appointments that doc have.
select a.BIdoctor "NUM_ALUNO",
a.NameP "Nome",
a.Address "Local",
a.Salary "salary",
a.Phone "phone",
a.NumberService "Curso",
c.BIdoctor "bi",
calc_media(a.BIdoctor) "consultas"
FROM "#OWNER#"."v_Doctor" a, "#OWNER#"."Appointment" c
WHERE a.BIdoctor = c.BIdoctor;
and we got this when we are writing the region source on apex.
But it shows a parse error, I was looking for this about 2 hours and nothing.
Apex shows me this:
PARSE ERROR ON THE FOLLOWING QUERY
This is probably because of all your double quotes, you seem to have randomly cased everything. Double quotes indicate that you're using quoted identifiers, i.e. the object/column must be created with that exact name - "Hi" is not the same as "hi". Judging by your function get rid of all the double quotes - you don't seem to need them.
More generally don't use quoted identifiers. Ever. They cause far more trouble then they're worth. You'll know when you want to use them in the future, if it ever becomes necessary.
There are a few more problems with your SELECT statement.
You're using implicit joins. Explicit joins were added in SQL-92; it's time to start using them - for your future career where you might interact with other RDBMS if nothing else.
There's absolutely no need for your function; you can use the analytic function, COUNT() instead.
Your aliases are a bit wonky - why does a refer to doctors and c to appointments?
Putting all of this together you get:
select d.bidoctor as num_aluno
, d.namep as nome
, d.address as local
, d.salary as salary
, d.phone as phone
, d.numberservice as curso
, a.bidoctor as bi
, count(nappoint) over (partition by a.bidoctor) as consultas
from #owner#.v_doctor a
join #owner#.appointment c
on d.bidoctor = a.bidoctor;
I'm guessing at what the primary keys of APPOINTMENT and V_DOCTOR are but I'm hoping they're NAPPOINT and BIDOCTOR respectively.
Incidentally, your function will never have returned the correct result because you haven't limited the scope of the parameter in your query; you would have just counted the number of records in APPOINTMENT. When you're naming parameters the same as columns in a table you have to explicitly limit the scope to the parameter in any queries you write, for instance:
select count(nappoint) into num_a
from appointment a
where calc_a.bidoctor = a.bidoctor; -- HERE

How to remove blank Space in rdlc

I am working with Rdlc report. I have these fields:
First name : fn_data
Address1 : add1_Data
Address2 : add2_data
City, state, zip : city_data
If any one of these fields is empty, it should not show the blank space. For example (expected output)
First name,
Address1,
City, state, zip
But, as show in the above image, I am getting this:
First name,
Address1,
........................<-(blankspace is showing here)
City, state, zip
I tried changing Visiblity -> Expression -> ==IIF(IsNothing(Fields!add2_data.Value),False,True)
How can I remove this Blanck Space??
In Visibility.Hidden property you have to specify if the object must be hide or not.
So you can use:
=IIf(IsNothing(Fields!YourData.Value), True, False)
If you're using Table/Tablix you have to set Visibility property of your TABLEROW.

Linq to sql - get value from db function and not directly from the db field (while mapping properties)

When you map a table to an object, every property created corresponds to one db column.
I want to execute a db function on a column before it gets mapped to the property, so the property gets the value returned by the db function, and not the column
I was trying to achieve that by Expression property of ColumnAttribute (as in the example below), so instead of BirthDate the usrFn_UTCToLocalTime(BirthDate) is returned
but it does not seem to be working and still gets pure value of the column.
[global::System.Data.Linq.Mapping.ColumnAttribute(Storage = "_BirthDate", DbType = "DateTime", UpdateCheck = UpdateCheck.Never, Expression = "dbo.usrFn_UTCToLocalTime(BirthDate)")]
public System.Nullable<System.DateTime> BirthDate
{
get
{
return this._BirthDate;
}
}
I have also modified the DBML XML as in:
other post on stackoverflow
but also without result.
Is that possible by using LINQ or do I have to overwrite a getter which costs roundtrip to the server?
According to the Remarks section on this MSDN page, the Expression property of the ColumnAttribute is used when calling CreateDatabase, so it won't work the way you intend unless you created your database with Linq to Sql.
You can create a Linq query that selects the various columns and calls the db function in one statement like this (based on MSDN example):
var qry = from person in db.Persons
select new {
FirstName = person.FirstName,
LastName = person.LastName,
BirthDate = person.BirthDate,
Dob = db.usrFn_UTCToLocalTime(person.BirthDate)
};
This projects into an anonymous type, but you could use a non-anonymous type as well. For the sake of the example, I've got a table named Person with FirstName, LastName, and BirthDate columns, and a user defined scalar function named usrFn_UTCToLocalTime. The sql statement sent to the server is:
SELECT [t0].[FirstName], [t0].[LastName], [t0].[BirthDate], CONVERT(DateTime,[dbo].[usrFn_UTCToLocalTime]([t0].[BirthDate])) AS [Dob]
FROM [dbo].[Person] AS [t0]
As I was suggesting in the question, for now I have overwritten the get method so I have:
get
{
using (var context = DB.Data.DataContextFactory.CreateContext())
{
return context.usrFn_UTCToLocalTime(_BirthDate);
}
//return this._BirthDate;
}
But with every access to the property, roundtrip is made - which is not my intention but gives a proper result.
I leave the question still open