Joining SQL result with string - sql

I have a MSSQL 2005 database with a lot of records that were added since last backup. I want to make another SQL script that puts result values into string representing INSERT statement that I will save for later use.
Something like:
SELECT 'Insert INTO tabname columns VALUES("+Column1"',')' FROM XY
Or simple example:
Column A,Row1=5
SELECT A+"BLAH" FROM X
should return "BLAH5"
Thank you

I'm not sure i understand, if you want to build a script (lets say PHP) just run over the records and either print out or to file something like:
echo 'INSERT INTO tablename (field1,field2) VALUES('.$row['field1'].','.$row['field2'].');';
if you want that string in the result directly from the SQL you could use CONCAT:
SELECT CONCAT('INSERT INTO...VALUES(',field1,',',field2,')') FROM yourtable;
Hope that helps...

You should really mention what SQL database system you're using.
For MySQL, what you want is the CONCAT function.
SELECT CONCAT('INSERT INTO table (columns) VALUES ("', column1, '");') FROM xy;

what version of sql?
for ms sql, you can use + for concatenation and single quotes for strings
for mysql/oracle, use concat(column, 'string')

Related

Using Regex to determine what kind of SQL statement a row is from a list?

I have a large list of SQL commands such as
SELECT * FROM TEST_TABLE
INSERT .....
UPDATE .....
SELECT * FROM ....
etc. My goal is to parse this list into a set of results so that I can easily determine a good count of how many of these statements are SELECT statements, how many are UPDATES, etc.
so I would be looking at a result set such as
SELECT 2
INSERT 1
UPDATE 1
...
I figured I could do this with Regex, but I'm a bit lost other than simply looking at everything string and comparing against 'SELECT' as a prefix, but this can run into multiple issues. Is there any other way to format this using REGEX?
You can add the SQL statements to a table and run them through a SQL query. If the SQL text is in a column called SQL_TEXT, you can get the SQL command type using this:
upper(regexp_substr(trim(regexp_replace(SQL_TEXT, '\\s', ' ')),
'^([\\w\\-]+)')) as COMMAND_TYPE
You'll need to do some clean up to create a column that indicates the type of statement you have. The rest is just basic aggregation
with cte as
(select *, trim(lower(split_part(regexp_replace(col, '\\s', ' '),' ',1))) as statement
from t)
select statement, count(*) as freq
from cte
group by statement;
SQL is a language and needs a parser to turn it from text into a structure. Regular expressions can only do part of the work (such as lexing).
Regular Expression Vs. String Parsing
You will have to limit your ambition if you want to restrict yourself to using regular expressions.
Still you can get some distance if you so want. A quick search found this random example of tokenizing MySQL SQL statements using regex https://swanhart.livejournal.com/130191.html

Is there any SQL query character limit while executing it by using the JDBC driver [duplicate]

I'm using the following code:
SELECT * FROM table
WHERE Col IN (123,123,222,....)
However, if I put more than ~3000 numbers in the IN clause, SQL throws an error.
Does anyone know if there's a size limit or anything similar?!!
Depending on the database engine you are using, there can be limits on the length of an instruction.
SQL Server has a very large limit:
http://msdn.microsoft.com/en-us/library/ms143432.aspx
ORACLE has a very easy to reach limit on the other side.
So, for large IN clauses, it's better to create a temp table, insert the values and do a JOIN. It works faster also.
There is a limit, but you can split your values into separate blocks of in()
Select *
From table
Where Col IN (123,123,222,....)
or Col IN (456,878,888,....)
Parameterize the query and pass the ids in using a Table Valued Parameter.
For example, define the following type:
CREATE TYPE IdTable AS TABLE (Id INT NOT NULL PRIMARY KEY)
Along with the following stored procedure:
CREATE PROCEDURE sp__Procedure_Name
#OrderIDs IdTable READONLY,
AS
SELECT *
FROM table
WHERE Col IN (SELECT Id FROM #OrderIDs)
Why not do a where IN a sub-select...
Pre-query into a temp table or something...
CREATE TABLE SomeTempTable AS
SELECT YourColumn
FROM SomeTable
WHERE UserPickedMultipleRecordsFromSomeListOrSomething
then...
SELECT * FROM OtherTable
WHERE YourColumn IN ( SELECT YourColumn FROM SomeTempTable )
Depending on your version, use a table valued parameter in 2008, or some approach described here:
Arrays and Lists in SQL Server 2005
For MS SQL 2016, passing ints into the in, it looks like it can handle close to 38,000 records.
select * from user where userId in (1,2,3,etc)
I solved this by simply using ranges
WHERE Col >= 123 AND Col <= 10000
then removed unwanted records in the specified range by looping in the application code. It worked well for me because I was looping the record anyway and ignoring couple of thousand records didn't make any difference.
Of course, this is not a universal solution but it could work for situation if most values within min and max are required.
You did not specify the database engine in question; in Oracle, an option is to use tuples like this:
SELECT * FROM table
WHERE (Col, 1) IN ((123,1),(123,1),(222,1),....)
This ugly hack only works in Oracle SQL, see https://asktom.oracle.com/pls/asktom/asktom.search?tag=limit-and-conversion-very-long-in-list-where-x-in#9538075800346844400
However, a much better option is to use stored procedures and pass the values as an array.
You can use tuples like this:
SELECT * FROM table
WHERE (Col, 1) IN ((123,1),(123,1),(222,1),....)
There are no restrictions on number of these. It compares pairs.

Replacing values with wildcards (parsing text data)

I have rows which contains HTML tags. e.g.
<b>Abc</b> <strong>Bca</strong>
So I need to cut it out. As I suggest I need to find something like '%<%>%' and make a REPLACE to ''.
How can I do it? Interested for both solutions - MS SQL & Oracle also.
Assuming table is called yourtable and field is called htmltag.
In SQL Server:
SELECT
SUBSTRING(substring(htmltag,charindex('>',htmltag)+1,250),0,CHARINDEX('<',
substring(htmltag,charindex('>',htmltag)+1 ,250),0))
FROM yourtable
SQL FIDDLE
In Oracle
SELECT regexp_replace(htmltag, '<[^>]+>', '') htmltag
FROM yourtable
SQL FIDDLE

Select table for insert/update statement in Oracle?

I wanted to throw this out there for some ideas. I'm writing a program to generate insert/update statements, and I want the table that I insert/update to come from the results of a query. So something like (please forgive the syntax):
INSERT INTO (SELECT TBL_NAME FROM MYTABLES WHERE A=B) VALUES ('A', 'B', 'C');
I have to do this in Oracle, but I'm not too familiar with their declare statements or syntax. I'm guessing the best way to go about it is to declare a variable that is the result of the SELECT, but then can I use that variable as the table name for the INSERT?
I also want to keep the code in SQL.
Thanks for any ideas.
I think you may want to look into Dynamic SQL, you may find your answer (or at least a decent starting path) there.
How about something like this:
SELECT 'INSERT INTO ' || TBL_NAME || ' VALUES (''A'', ''B'', ''C'');' cmd
FROM MYTABLES WHERE A=B
;
Run this select, then run the results of the select (which is insert statements).
Don't forget to "commit".
Regards,
Roger
All views are mine ...

How can I store sql statements in an oracle table?

We need to store a select statement in a table
select * from table where col = 'col'
But the single quotes messes the insert statement up.
Is it possible to do this somehow?
From Oracle 10G on there is an alternative to doubling up the single quotes:
insert into mytable (mycol) values (q'"select * from table where col = 'col'"');
I used a double-quote character ("), but you can specify a different one e.g.:
insert into mytable (mycol) values (q'#select * from table where col = 'col'#');
The syntax of the literal is:
q'<special character><your string><special character>'
It isn't obviously more readable in a small example like this, but it pays off with large quantities of text e.g.
insert into mytable (mycol) values (
q'"select empno, ename, 'Hello' message
from emp
where job = 'Manager'
and name like 'K%'"'
);
How are you performing the insert? If you are using any sort of provider on the front end, then it should format the string for you so that quotes aren't an issue.
Basically, create a parameterized query and assign the value of the SQL statement to the parameter class instance, and let the db layer take care of it for you.
you can either use two quotes '' to represent a single quote ' or (with 10g+) you can also use a new notation:
SQL> select ' ''foo'' ' txt from dual;
TXT
-------
'foo'
SQL> select q'$ 'bar' $' txt from dual;
TXT
-------
'bar'
If you are using a programming language such as JAVA or C#, you can use prepared (parametrized) statements to put your values in and retrieve them.
If you are in SQLPlus you can escape the apostrophe like this:
insert into my_sql_table (sql_command)
values ('select * from table where col = ''col''');
Single quotes are escaped by duplicating them:
INSERT INTO foo (sql) VALUES ('select * from table where col = ''col''')
However, most database libraries provide bind parameters so you don't need to care about these details:
INSERT INTO foo (sql) VALUES (:sql)
... and then you assign a value to :sql.
Don't store SQL statements in a database!!
Store SQL Views in a database. Put them in a schema if you have to make them cleaner. There is nothing good that will happen ever if you store SQL Statements in a database, short of logging this is categorically a bad idea.
Also if you're using 10g, and you must do this: do it right! Per the FAQ
Use the 10g Quoting mechanism:
Syntax
q'[QUOTE_CHAR]Text[QUOTE_CHAR]'
Make sure that the QUOTE_CHAR doesnt exist in the text.
SELECT q'{This is Orafaq's 'quoted' text field}' FROM DUAL;