When exporting some data from MS SQL Server using Python, I found out that some of my data looked like computer \xa0systems which is causing encoding errors. Using SQL Management Studio the row simply appears to be double spaced: computer systems. It seems that this is the code for : how can I query MS SQL Server within management studio to find all instances of this? things like WHERE ColumnName LIKE % % are not working, nor are querying on nbsp; or \\xa0
I used WHERE ColumnName LIKE '%' + CHAR(160) + '%'
160 is the ascii for "non breaking space".. which is 0xA0 in hex as per your \xao
Related
I have built the following query: (snippet)
SELECT *
FROM OPENJSON (#JSON, '$.records[' + CAST(#arrayNr AS VARCHAR(10)) + ']')
Variable #arrayNr is used within a cursor so every loop it has a different value to loop through all records arrays in my json.
Now, this query works excellent, and gives no errors in Management Studio.
When I paste the query into Visual Studio to add the stored procedure to source control, it gives me the following error:
SQL46010: Incorrect syntax near +
Which is the first + before the CAST function.
I am using Azure SQL Database (SQL Server 2017) and the Visual Studio settings are also set to that (tried others with no success).
Have I found a bug in SSDT? I have set the build action to none and it will remove the error, but I really want to build the stored procedure. Any tips?
Incase anyone else is having this error... I made a workaround by putting the entire query within a variable and using EXEC(#variable) to execute the query.
Looks like this:
SET #sqlCMD = 'SELECT *
FROM OPENJSON ('''+#JSON+''', ''$.records[' + CONVERT(VARCHAR(10),#arrayNr) + ']'')'
Basically trying to use a wildcard SQL to select and fields that hold the data from txtclass in the homework column of the database. But for some reason what i have done is causing an error. (im am using VB.net)
The standard wildcard character is the % not the *. It seems that you have taken this query directly from the designer of MS-Access (and perhaps the * is supported by this database system also from ADO.NET).
However there is a bigger problem
The wildcard should be part of the string to match against the LIKE not outside the single quotes
... LIKE '%" + txtclass.Text + "'))";
Said that you should start immediately to use a parameterized query instead of string concatenation if you want to avoid Sql Injection and parsing problems
Use like=* '%txtClass.text%' instead of like=' &txtClass.text&'
Try your SQL statement as:
SELECT tblQuiz.QuizID, tblQuiz.Classhomework FROM tblQuiz WHERE
tblQuiz.Classhomework LIKE '%' + pupilclass + '%';
I am working with Damn Vulnerable Web App against a Microsoft SQL Server. My question is actually quite straight forward, but can be mis-interpreted quite easily. Basically. This is my query:
+AND+1=convert(int,
(select+
top+1+
user+
from+
TBL-Users
)
)--
Now my question is simple. This is the query to extract data from the columns. How do I craft it so that it allows me to extract data from this column? Because apparently, it does not like that I am using the '-' character in this query (but that's the table name).
According to this error:
[Microsoft][ODBC SQL Server Driver][SQL Server]Line 1: Incorrect
syntax near '-'.
How can I work around this, and get the data from the column assuming that the '-' character is in the table name?
In SQL-Server you can basically use most of the reserved words and special characters inside []:
select * from [TBL-Users]
I wrote a stored procedure which on several declared variables uses regular expression.
Example:
IF #value_criteria like '%[^0-9]%'
SET #having_clause = 'HAVING value_criteria <=' + #value_criteria
....to my latter disappointment it runs on SQL Server 2000 which does not seem to "know" reg. ex. (unless extra DLL is installed which I cannot do.)
Is there an alternative to this statement which would work for SQL Server 2000 ?
Thanks
Your expression:
IF #value_criteria like '%[^0-9]%'
SET #having_clause = 'HAVING value_criteria <=' + #value_criteria;
is standard like syntax (for SQL Server). This structure for the pattern is support in SQL Server 2000. It does not require regular expressions.
The SQL Server 2000 documentation for like explains the support for this type of pattern.
I have a simple query but am running into problems using LIKE in VBA. My SQL string in VBA is:
stsql1 = "Select Top 25 data.* from data where data.Description Like ('*') "
When I run this sql string in my VBA code I get no records returned, but if I copy/paste the same string into a query in SQL View in MS Access, the query returns the values I expect. Is there a trick to using the "Like" syntax in VBA?
I can provide additional code and a small version of the database if that would help.
For SQL, the database engine will accept either single or double quotes as text delimiters. So either of these 2 WHERE clauses will work.
WHERE some_field Like '*'
WHERE some_field Like "*"
VBA however only accepts double quotes as text delimiters, so you would have to use the second form.
Two other points about your SELECT statement:
Select Top 25 data.* from data where data.Description Like ('*')
TOP [number] is arbitrary without an ORDER BY clause
You don't need parentheses surrounding your Like pattern ... you can use Like "*"
If your VBA code is using ADO with that SELECT statement, you must change the wild card character from * to % ...
WHERE data.Description Like '%'
In ADO/VBA, you have to use % instead of * as the wildcard. I ran into this a couple times in the past ....
Realize that there are at least 2 (yes two!) LIKE operators here.
One is the LIKE operator of VBA.
The other is the LIKE operator of the SQL of the database you are attached to.
The usual wildcards in SQL are % (for any # of any characters) and _ (for one of any character).
Know also that MS Access can open databases that aren't Access; it could be Microsoft SQL Server, or Oracle or IBM DB2. (BTW, the database that is normal for Access is called Microsoft JET.) You may be sheltered from that truth when you create a Query object in Access - in that circumstance, you are using JET SQL even when it's a linked table you are querying.
However, under VBA, when using either DAO or ADO, you're talking directly to whatever the database system happens to be, in which case you MUST use the SQL of that specific system.
OK, short answer: Use % like cularis said.
I can't add a comment, but I think it would be worth noting that you have to use % even if you are querying MS Access.
(example: Outlook VBA runs query on an Access database. The proper query is select * where user like '%bob%', even though this query would not work if plugged directly into an MS Access query).