Embedded Quote in an SQL Statement

How do you embed a double quote in a java string? I'm doing some processing where I need to generate and execute some SQL, but I need to wrap the string in double quotes, something like:
select sysdate "My Column Header" from dual;
I've been using the syntax in java of:
String mySql = "select sysdate from dual";
How do I insert the double-quoted string into a java string? Gotta be simple, but I'm just not seeing it.

Use backslash to escape the quote:
String mySql = "select sysdate \"My Column Header\" from dual";
Brian

Similar Messages

Trouble with SQL Statements

Hello all that can help,
i am programming in Ready to Program to connect to a VideoShop database using SQL statements.
I am having trouble when using single and double inverted commas. eg vs.updateRentTable ("DELETE FROM RentTable WHERE CustId=);
but instead of specifiying the CustId i want to make it a variable id so that i can delete any name i want according to their ID.
also i am wondering if it is possible to write data from a database into a text file? is it possible to use Printwriter?
Looking forward to your help,
Manuking16

Hi Manuking_16,
Your question should be posted on a sql forum, not on a JDBC forum. Anyway. Just looking for answers, right?
1) If your datatype is INT, you do not use either quotes " or single quotes in your SQL statement
DELETE FROM RentTable WHERE CustId= 12345.
To build the SQL String in JAVA just write:
{code}String sqlStatement = "DELETE FROM RentTable WHERE CustId = " + custID; // custID will be casted to String.{code}
2) Use preparedStatement
{code}PreparedStatement pStm = conn.prepareStatement(�DELETE FROM RentTable WHERE CustId = ?");
pStm.setInt(1, customerID);
int numberOfDeletedLines = pStm.execute();3) If you want to enter the real name to do the deletion
DELETE FROM RentTable WHERE CustId IN (select custID FROM Customer WHERE name = "joe bob johnson")
To build the SQL String in JAVA just write: String sqlStatement = "DELETE FROM RentTable WHERE CustId IN (select custID FROM Customer WHERE name = '" + sCustomerName + "' )"; // just copy & pasteHope I got your question right.

PRO*C에서 EMBEDDED SQL STATEMENTS를 사용해서 LOB DATATYPES에 접근하는 예제

제품 : PRECOMPILERS
작성날짜 : 2001-07-12
PRO*C에서 EMBEDDED SQL STATEMENTS를 사용해서 LOB DATATYPES에 접근하는 예제
==========================================================================
Pro*C에서 LOB를 사용하는 방법에는 다음 3가지가 있습니다.
(1) PL/SQL blocks에서 DBMS_LOB package를 이용하는 방법
(2) OCI function을 이용하는 방법
(3) Embedded SQL statements을 이용하는 방법
다음은 (3)번째 방법에 대한 pro*c에서 지원하는 명령어들입니다.
o APPEND: Appends lob value at the end of another LOB.
EXEC SQL LOB APPEND :src TO :dst;
o ASSIGN: Assigns LOB or BFILE locator to another.
EXEC SQL LOB ASSIGN :src TO :dst;
o CLOSE: Close LOB or BFILE.
EXEC SQL LOB CLOSE :src;
o COPY: Copy all or part of LOB value into another LOB.
EXEC SQL LOB COPY :amt FROM :src [AT :src_offset] TO :dst [AT dst_offset];
o CREATE TEMPORARY: Creates a temporary LOB.
EXEC SQL LOB CREATE TEMPORARY :src;
o ERASE: Erase the given amount of LOB data starting from a given offset.
EXEC SQL LOB ERASE :amt FROM :src [AT :src_offset];
o FILE CLOSE ALL: Closes all the BFILES open in the current session.
EXEC SQL LOB FILE CLOSE ALL;
o FILE SET: Set DIRECTORY alias and FILENAME in a BFILE locator.
EXEC SQL LOB FILE SET :file DIRECTORY = :alias, FILENAME = :filename;
o FREE TEMPORARY: Free the temporary space for the LOB locator.
EXEC SQL LOB FREE TEMPORARY :src
o LOAD FROM FILE: Copy all or part of BFIL into an internal LOB.
EXEC SQL LOB LOAD :amt FROM FILE :file [AT :src_offset]
INTO :dst [AT :dst_offset];
o OPEN: Open a LOB or BFILE for read or read/write.
EXEC SQL LOB OPEN :src [ READ ONLY | READ WRITE ];
o READ: Reads all or part of LOB or BFILE into a buffer.
EXEC SQL LOB READ :amt FROM :src [AT :src_offset]
INTO :buffer [WITH LENGTH :buffer];
o TRIM: Truncates the LOB vlaue.
EXEC SQL LOB TRIM :src to :newlen;
o WRITE: Writes contents of the buffer to a LOB.
EXEC SQL LOB WRITE [APPEND] [FIRST | NEXT | LAST | ONE ]
:amt FROM :buffer [WITH LENGTH :buflen] INTO :dst [AT :dst_offset];
o DESCRIBE: Retrieves the attributes from a LOB.
EXEC SQL LOB DESCRIBE :src GET attribute1 [{, attributeN}]
INTO :hv1 [[INDICATOR] :hv_ind1] [{, :hvN [[INDICATOR] :hv_indN] }];
Attributes can be any of the following:
CHUNKSIZE: chunk size used to store the LOB value
DIRECTORY: name of the DIRECTORY alias for BFILE
FILEEXISTS: whether BFILE exists or not
FILENAME: BFILE name
ISOPEN: whether BFILE with this locate is OPEN or not
ISTEMPORARY: whether specified LOB is temporary or not
LENGTH: Length of BLOBs and BFILE in bytes, CLOBs and NCLOBs
in characters.
다음은 LOB를 사용하는 sample을 실행하는 방법입니다.
1. 먼저 scott user에서 다음을 실행합니다. (create directory를 할 수 있는 권한이
있어야 하며, directory는 사용하시는 환경에 맞도록 수정해 주십시요.)
drop table lob_table;
create table lob_table (key number, a_blob BLOB, a_clob CLOB);
drop table lobdemo;
create table lobdemo (key number, a_blob BLOB, a_bfile BFILE);
drop directory dir_alias;
create directory dir_alias as '/users/app/oracle/product/8.1.7/precomp/demo/proc';
insert into lob_table values(1, utl_raw.cast_to_raw('1111111111'), 'aaaaaaaa');
commit;
2. 다음 코드는 out.gif 파일을 위에서 지정한 directory에 만들고 lob_table의
내용에 들어있는 BLOB의 내용을 저장하는 sample입니다.
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sqlda.h>
#include <sqlcpr.h>
/* Define constants for VARCHAR lengths. */
#define UNAME_LEN 20
#define PWD_LEN 40
/* Declare variables. No declare section is
needed if MODE=ORACLE. */
VARCHAR username[UNAME_LEN]; /* VARCHAR is an Oracle-supplied struct */
varchar password[PWD_LEN]; /* varchar can be in lower case also. */
/* The following 3 lines avoid inclusion of oci.h during precompilation
oci.h is needed only during compilation to resolve calls generated by
the precompiler
#ifndef ORA_PROC
#include <oci.h>
#endif
#include <sqlca.h>
OCIBlobLocator *blob;
OCIClobLocator *clob;
FILE *fp;
unsigned int amt, offset = 1;
#define MAXBUFLEN 5000
unsigned char buffer[MAXBUFLEN];
EXEC SQL VAR buffer IS RAW(MAXBUFLEN);
/* Declare error handling function. */
void sql_error(msg)
char *msg;
char err_msg[128];
size_t buf_len, msg_len;
EXEC SQL WHENEVER SQLERROR CONTINUE;
printf("\n%s\n", msg);
buf_len = sizeof (err_msg);
sqlglm(err_msg, &buf_len, &msg_len);
printf("%.*s\n", msg_len, err_msg);
EXEC SQL ROLLBACK RELEASE;
exit(EXIT_FAILURE);
void main()
/* Connect to ORACLE--
* Copy the username into the VARCHAR.
strncpy((char *) username.arr, "SCOTT", UNAME_LEN);
/* Set the length component of the VARCHAR. */
username.len =
(unsigned short) strlen((char *) username.arr);
/* Copy the password. */
strncpy((char *) password.arr, "TIGER", PWD_LEN);
password.len =
(unsigned short) strlen((char *) password.arr);
/* Register sql_error() as the error handler. */
EXEC SQL WHENEVER SQLERROR DO sql_error("ORACLE error--\n");
/* Connect to ORACLE. Program will call sql_error()
* if an error occurs when connecting to the default database.
EXEC SQL CONNECT :username IDENTIFIED BY :password;
printf("\nConnected to ORACLE as user: %s\n", username.arr);
/* Allocate the LOB host variables and select the BLOB value */
EXEC SQL ALLOCATE :blob;
EXEC SQL ALLOCATE :clob;
EXEC SQL SELECT a_blob INTO :blob FROM lob_table WHERE key=1;
/* Open external file to which BLOB value should be written */
fp = fopen("out.gif", "w");
EXEC SQL WHENEVER NOT FOUND GOTO end_of_lob;
amt = 5000;
EXEC SQL LOB READ :amt FROM :blob AT :offset INTO :buffer;
fwrite(buffer, MAXBUFLEN, 1, fp);
EXEC SQL WHENEVER NOT FOUND DO break;
/* Use polling method to continue reading the next pieces */
while (TRUE)
EXEC SQL LOB READ :amt FROM :blob INTO :buffer;
fwrite(buffer, MAXBUFLEN, 1, fp);
end_of_lob:
fwrite(buffer, amt, 1, fp);
printf("\nG'day.\n\n\n");
/* Disconnect from ORACLE. */
EXEC SQL ROLLBACK WORK RELEASE;
exit(EXIT_SUCCESS);
3. 다음 코드는 위에서 만든 out.gif file을 lobdemo에 저장하는 sample입니다.
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sqlda.h>
#include <sqlcpr.h>
/* Define constants for VARCHAR lengths. */
#define UNAME_LEN 20
#define PWD_LEN 40
/* Declare variables. No declare section is
needed if MODE=ORACLE. */
VARCHAR username[UNAME_LEN]; /* VARCHAR is an Oracle-supplied struct */
varchar password[PWD_LEN]; /* varchar can be in lower case also. */
/* The following 3 lines avoid inclusion of oci.h during precompilation
oci.h is needed only during compilation to resolve call generated by
the precompiler
#ifndef ORA_PROC
#include <oci.h>
#endif
#include <sqlca.h>
OCIBlobLocator *blob;
OCIBFileLocator *bfile;
char *alias = "DIR_ALIAS";
char *filename = "out.gif";
unsigned int amt = 50;
unsigned int filelen;
/* Declare error handling function. */
void sql_error(msg)
char *msg;
char err_msg[128];
size_t buf_len, msg_len;
EXEC SQL WHENEVER SQLERROR CONTINUE;
printf("\n%s\n", msg);
buf_len = sizeof (err_msg);
sqlglm(err_msg, &buf_len, &msg_len);
printf("%.*s\n", msg_len, err_msg);
EXEC SQL ROLLBACK RELEASE;
exit(EXIT_FAILURE);
void main()
/* Connect to ORACLE--
* Copy the username into the VARCHAR.
strncpy((char *) username.arr, "SCOTT", UNAME_LEN);
/* Set the length component of the VARCHAR. */
username.len =
(unsigned short) strlen((char *) username.arr);
/* Copy the password. */
strncpy((char *) password.arr, "TIGER", PWD_LEN);
password.len =
(unsigned short) strlen((char *) password.arr);
/* Register sql_error() as the error handler. */
EXEC SQL WHENEVER SQLERROR DO sql_error("ORACLE error--\n");
/* Connect to ORACLE. Program will call sql_error()
* if an error occurs when connecting to the default database.
EXEC SQL CONNECT :username IDENTIFIED BY :password;
printf("\nConnected to ORACLE as user: %s\n", username.arr);
/* Allocate the LOB locator */
EXEC SQL ALLOCATE :blob;
EXEC SQL ALLOCATE :bfile;
/* Initialize the DIRECTORY alias of the BFILE and FILENAME */
EXEC SQL LOB FILE SET :bfile
DIRECTORY = :alias, FILENAME = :filename;
EXEC SQL INSERT INTO lobdemo values (1, EMPTY_BLOB(), :bfile);
EXEC SQL SELECT a_blob, a_bfile INTO :blob, :bfile FROM lobdemo
WHERE key = 1;
EXEC SQL LOB OPEN :bfile;
/* Get the BFILE length */
EXEC SQL LOB DESCRIBE :bfile
GET LENGTH INTO :filelen;
printf("File length is: %d\n", filelen);
amt = filelen;
/* Read BFILE and write to BLOB */
EXEC SQL LOB LOAD :amt FROM FILE :bfile INTO :blob;
EXEC SQL LOB CLOSE :bfile;
printf("\nG'day.\n\n\n");
/* Disconnect from ORACLE. */
EXEC SQL COMMIT WORK RELEASE;
exit(EXIT_SUCCESS);
4. 다음은 실행한 결과 입니다.
첫번째 sample :
Connected to ORACLE as user: SCOTT
G'day.
두번째 sample :
Connected to ORACLE as user: SCOTT
File length is: 10
G'day.

Escaping single quotes in SQL Statement

I am getting SQL Statement error when i tried to have a value with a single quote in it ,inside my SQL Statement.
e.g.
INSERT INTO tblHoldings(Title) VALUES ('Developing Asia�s fibre processing through collaboration');
here the Title to be inserted in the table tblHoldings is "Developing Asia�s fibre processing through collaboration"
i used to trapped the single quote by using its escape character ( \ ) with this method and its fine with MySQL 4 but when I upgraded to MySQL 5.0.22, I now getting the SQL Statement error again.
public String cleanse(String dirty) {
      String clean = dirty.replaceAll("\'", "\\\\'");
      return clean;
}    please help me..how can i trapped/escape single quote in MySQL 5 in Java?
Thanks in advance for your help.

No. Please use PreparedStatements. That is theonly
correct answer to this question.Ok please tell us. how would you use prepare
statement.. no just say USE PREPARE STATE.. givethe
guy the code... or help..What size spoon would you like to be fed with? There
was nothing about gob size in the original post.
http://www.javaalmanac.com
well duffymo.. i think you gave a link, is quite of help, but my friend preparestatement just gave "use preparestatement"..
i think even you when you start coding you needed help... and some one just tell you use preparestatement how do you feel..
There is a level of help. i think it will be (((as much as you can)))

Can someone help me correct this sql statement in a jsp page?

ive been getting the java.sql.SQLException: Incorrect syntax error for one of my sql nested statements. i cant seem to find similar egs online, so reckon if anyone here could help, really appreciate it.
as im putting the nested sql in jsp page, it has to be with lots of " " n crap. very confusing if there are nested.
heres the sql statement without those "" that i want to use:
select top 5 * from(
select top+"'"+offset+"'"+" * from prod where cat=" +"'" cat "'"+"
)order by prodID desc
when i put this in my jsp pg, i had to add "" to become:
String sql = "select top 5 * from("+"select top"+"'"+offset+"'"+" * from prod where cat=" +"'" +cat+ "'"+")order by prodID desc";cat=" +"'" cat "'"+")order by prodID desc";
all those "" are confusing me to no end, so i cant figure out what should be the correct syntax. the error says the syntax error is near the offset.

If offset is, say, 10, and cat is, say, "new", then it looks like you're going to produce the SQL:
select top 5 * from(
select top '10' * from prod where cat='new'
)order by prodID descThat looks exactly like incorrect syntax to me... top almost certainly can't handle a string literal as its operand... you almost certainly would want "top 10" instead of "top '10'"...
If you use PreparedStatement, you don't have to remember what you quote and what you don't and you can have your SQL in a single static final string to boot...

How to handle special characters in SQL statements

How do you handle special charactes in a SQL statement? Here is an example:
update table
set notefield = 'This is Waldo's note'
where keyfield = 7;
Because the database connectivity vi accepts a string datatype wire, the ' in Waldo's note is seen as the end of string and an error is generated.
Is there a way to tell labview that the ' is part of the string and not the string delimiter?
Waldo

If two single quotes don't work, try backslash single quote, like \'
The backslash is often used as an escape character, meaning to treat the next character literally.
- tbob
Inventor of the WORM Global

Which is better - SQL Statement in APEX or as a function returning a type?

Hi
I have a general question about best practices for APEX development.
If we have say a report region based on a SQL statement, is it better (from a performance perspective) to have the SQL statement defined in the region in APEX OR have the actual select statement executed in the backend and have the result set returned in a type to APEX?
As an example:
In APEX region
SELECT col1, col2, col3 FROM table_aOR
In APEX region
select col1, col2, col3 from TABLE(CAST(<my package>.<my proceduere > AS <my type >)) ;<my package>.<my proceduere > would obviously execute the statement
SELECT col1, col2, col3 FROM table_ausing dynamic SQL and return the results to APEX in thy type <my type>.
Apologies if this sounds to be a really stupid thing to ask.
Kind regards
Paul

Denes Kubicek wrote:
You should use a pipelined function only then when you can't use SQL. Otherwise SQL is the way to go.
Denes Kubicek
http://deneskubicek.blogspot.com/
http://www.opal-consulting.de/training
http://apex.oracle.com/pls/otn/f?p=31517:1
------------------------------------------------------------------------------thanks Denes... but does it matter if:
1. The SQL statement is actually defined in the APEX region
or
2: The select statement is stored in a packageD function and returned to APEX?
I seem to recall an article I read stating that it is best for all client applications to call stored procedures and functions rather than have SQL statement embedded in the actual application?
Kind regards
Paul

Using Date objects in SQL statements

Hi, I am wondering if it is possible to use Date objects while trying to retrieve entries from an access database with fields set as "Date/Time" fields, as opposed to "Text"? If so, do I need to reformat it before inserting it into the SQL statement, or can I just leave it as a Date object, and call up the variable name?
For example - "SELECT * FROM database WHERE startDate = ' " + dateObject + ' ". And do i need quotes round this value?
Thanks in advance.

I had some problems by just fetching a date and pushing it back to a MS SQL Database.
I used the following reformating step to fix it:
if (o instanceof Timestamp)
String time = o.toString().substring(8,10)+"."+o.toString().substring(5,7)+"."+o.toString().substring(0,4)+" "+o.toString().substring(11,19);
ht.put(columnName, time);
o is the object i receve from the select statement and ht is a Hashtable where i put my data.
To write the data back i now can use:
UPDATE table SET columnname = 'valueOfColumn'
This means i use the value i created above in Quotes to write it back.
Format of Timestamp.toString() is something like yyyy-mm-dd hh:mm:ss.xx
Format used by MS SQL (and i think by Access to) 'dd.mm.yyyy hh:mm:ss'

Using a number variable in an SQL statement

Hi,
I am trying to use a variable in an sql statement and I have run into problems when the variable is a number. The following line of code works if the variable is a string but not if it is a number.
"SELECT TOP 1 UUT_STATUS FROM UNIT_UUT_RESULT WHERE UnitID = '" + Locals.LocalUnitID + "' ORDER BY START_DATE_TIME DESC"
Is there a difference in the use of the single and double quotes and the + sign for number variables?
Thanks
Stuart
Solved!
Go to Solution.

Hi Stuart,
I am assuming that the UnitID is stored as a numeric in the database? If so, the proper SQL syntax for comparing with numerics should not use a single quote (or any quotes for that matter). The quotes are used only for strings.
So you would want to use:
"SELECT TOP 1 UUT_STATUS FROM UNIT_UUT_RESULT WHERE UnitID = " + Locals.LocalUnitID + " ORDER BY START_DATE_TIME DESC"
This is really more of an SQL question universal to all languages, not just TestStand.
Here is an excellent resource that you can consult:
http://www.w3schools.com/sql/sql_where.asp
Jervin Justin
NI TestStand Product Manager

Odd results from SQL statement in JSP

Hi.
Getting very strange results from my SQL statement housed in my JSP.
the last part of it is like so:
"SELECT DISTINCT AID, ACTIVE, REQUESTOR_NAME, ..." +
"REQUESTOR_EMAIL" +
" FROM CHANGE_CONTROL_ADMIN a INNER JOIN CHANGE_CONTROL_USER b " +
"ON a.CHANGE_CTRL_ID = b.CHANGE_CTRL_ID " +
" WHERE UPPER(REQUESTOR_NAME) LIKE ? ";   I've set the following variables and statements:
String reqName = request.getParameter("requestor_name");
PreparedStatement prepstmt = connection.prepareStatement(preparedQuery);
prepstmt.setString(1, "%" + reqName.trim().toUpperCase() + "%");
ResultSet rslts = prepstmt.executeQuery();
rslts.next();
int aidn = rslts.getInt(1);
int actbox = rslts.getInt(2);     String reqname = rslts.getString(3).toUpperCase();
String reqemails = rslts.getString(4);
String bizct = rslts.getString(5);
String dept = rslts.getString(6);
String loc = rslts.getString(7);
Date datereq = rslts.getDate(8);
String busvp = rslts.getString(9);
AND SO ONSo then I loop it, or try to with the following:
<%
try {
while ((rslts).next()) { %>
<tr class="style17">
    <td><%=reqname%></td><td><%=reqemails %></td><td><%=bizct %></td>td><%=dept %></td>
   <td><%=aidn %></td>
</tr>
<%
rslts.close();
selstmt.close();
catch(Exception ex){
     ex.printStackTrace();
     log("Exception", ex);
%>AND so on, setting 13 getXXX methods of the 16 cols in the SQL statement.
Trouble is I'm getting wildly inconsistent results.
For example, typing 'H' (w/o quotes) will spit out 20 duplicate records of a guy named Herman, with the rest of his corresponding info correct, just repeated for some reason.
Typing in 'He' will bring back the record twice (2 rows of the complete result set being queried).
However, typing in 'Her' returns nothing. I could type in 'ell' (last 3 letters of his name, Winchell) and it will again return two duplicate records, but typing in 'hell' would return nothing.
Am I omitting something crucial from the while statement that's needed to accurately print out the results set without duplicating it and that will ensure returning it?
There's also records in the DB that I know are there but aren't being returned. Different names (i.e. Jennifer, Jesse, Jeremy) won't be returned by typing in partial name strings like Je.
Any insight would be largely appreciated.
One sidenote: I can go to SQL Plus and accurately return a results set through the above query. Having said that, is it possible the JDBC driver has some kind of issue?
Message was edited by:
bpropes20
Message was edited by:
bpropes20

Am I omitting something crucial from the while
statement that's needed to accurately print out the
results set without duplicating it and that will
ensure returning it?Yes.
In this code, nothing ever changes the value of reqname or any of the other variables.
while ((rslts).next()) { %>
<tr class="style17">
    <td><%=reqname%></td><td><%=reqemails %></td><td><%=bizct %></td>td><%=dept %></td>
   <td><%=aidn %></td>
</tr>
<%
} You code needs to be like this:while (rslts.next()) {
reqname = rslts.getString(3).toUpperCase();
reqemails = rslts.getString(4);
bizct = rslts.getString(5);
dept = rslts.getString(6);
loc = rslts.getString(7);
datereq = rslts.getDate(8);
busvp = rslts.getString(9);
%>
<tr class="style17">
    <td><%=reqname%></td><td><%=reqemails %></td><td><%=bizct %></td>td><%=dept %></td>
   <td><%=aidn %></td>
</tr>
<%
There's also records in the DB that I know are there
but aren't being returned. Different names (i.e.
Jennifer, Jesse, Jeremy) won't be returned by typing
in partial name strings like Je.Well, you're half-right, your loop won't display all the rows in the result set, because you call rslts.next(); once immediately after executing the query. That advance the result set to the first row; when the loop is entered, it starts displaying at the 2nd row (or later if there are more next() calls in the code you omitted).

Use variable in SQL statement

HI guys:
I need code three SQL statements.the returned field and selected table are all same,there is only a difference in their "where" statement.
Sample code:
    select marcmatnr marcwerks
    into table it_data
    from MARC inner join MBEW on marcmatnr = mbewmatnr
    where marcmatnr like 'A%' and mbewzplp1 = '001'.
    second one........................ mbew~zplp2 = '001'
    third one......................... mbew~zplp3 = '001'
Could I write a FORM gather them with transporting a parameter ZPLPX to determine which condiniton will be execute?
thank you very much.

Hi tianli,
1. source text
   This concept of dynamic where
   condition is called source text.
2. use like this.
   This is important in the code ---> WHERE (mywhere).
REPORT abc LINE-SIZE 80.
DATA : it_data LIKE TABLE OF mara WITH HEADER LINE.
QUOTES ARE IMPORTANT
PERFORM mysql USING 'mbew~zplp2 = ''001'''.
FORM mysql USING mywhere.
SELECT marcmatnr marcwerks
INTO TABLE it_data
FROM marc INNER JOIN mbew ON marcmatnr = mbewmatnr
WHERE (mywhere).
ENDFORM.                    "mysql
regards,
amit m.

IScript problem - Cannot use an input in a sql statement

I get the input from an input box and it is correct
&param = %Request.GetParameter("Dept");
I try to use it in a sql statement lke this and nothing displays even though it its entered correctly and the value exists in the table
Local SQL &usersCursor = CreateSQL("SELECT EMPLID, BIRTHDATE, NAME FROM PS_EMPLOYEES WHERE DEPTNAME_ABBRV = '&param'");
If I leave out the single quotes around and do it like this &param then it errors out
Local SQL &usersCursor = CreateSQL("SELECT EMPLID, BIRTHDATE, NAME FROM PS_EMPLOYEES WHERE DEPTNAME_ABBRV = &param");
I need help structuring this correctly
Thanks,
Allen Cunningham

Hi,
CreateSQL does not execute the sql statement, it just creates an SQL object, which you have to execute.
Something like this:
&param = %Request.GetParameter("Dept");
Local SQL &usersCursor = CreateSQL("SELECT EMPLID, BIRTHDATE, NAME FROM PS_EMPLOYEES WHERE DEPTNAME_ABBRV = :1", &param);
While usersCursor.Fetch(&Emplid, &Birthdate, &Name)
/* do processing*/
End-While;

Help! Syntax Error in SQL statement

Hello. I'm getting an error message and I'm just not seeing
where I went wrong. The SQL statement is:
updateSQL = "UPDATE TrainingHistory SET Status='" &
fFormat(Request.Form(cStatus)) & "', StatusComments='" &
fFormat(Request.Form(cStatusComments)) & " WHERE Training_ID="
& fFormat(Request.Form(cTrainingID))
The error message is:
[Microsoft][ODBC Microsoft Access Driver] Syntax error in
string in query expression '' WHERE Training_ID=9054'.
I've been looking at it for a while. Not sure where I went
wrong. Here is a more complete version of the code:
<%
Function fFormat(vText)
fFormat = Replace(vText, "'", "''")
End Function
Sub sRunSQL(vSQL)
set cExecute = Server.CreateObject("ADODB.Command")
With cExecute
.ActiveConnection = MM_coldsuncrea_lms_STRING
.CommandText = vSQL
.CommandType = 1
.CommandTimeout = 0
.Prepared = true
.Execute()
End With
End Sub
If Request.Form("action")="update" Then
'Set variables for update
Dim updateSQL, i
Dim cTrainingID, cStatus, cStatusComments
'Loop through records on screen and update
For i = 1 To fFormat(Request.Form("counter"))
'Create the proper field names to reference on the form
cTrainingID = "Training_ID" & CStr(i)
cStatus = "Status" & CStr(i)
cStatusComments = "StatusComments" & CStr(i)
'Create the update sql statement
updateSQL = "UPDATE TrainingHistory SET Status='" &
fFormat(Request.Form(cStatus)) & "', StatusComments='" &
fFormat(Request.Form(cStatusComments)) & " WHERE Training_ID="
& fFormat(Request.Form(cTrainingID))
'Run the sql statement
Call sRunSQL(updateSQL)
Next
'Refresh page
Response.Redirect("ClassUpdateRoster.asp?Training_ID=") &
(rsClassDetails.Fields.Item("event_ID").Value)
End If
%>

You need another single quote after the double quote before
the WHERE clause. You are not closing the single quote you used to
delimit the value for StatusComments.

SQL statement in Oracle

As I know in SQL server, i can create a field called customer name, can be two words. But in the SQL statement I need to use double quote to quote the customer name, such like: select * from "customer name"
Can Oracle accept two words field name or table name. If Yes, then do I need to use double quote, or single quote or other things?

As I know in SQL server, i can create a field called
customer name, can be two words. But in the SQL
statement I need to use double quote to quote the
customer name, such like: select * from "customer
name"
Can Oracle accept two words field name or table name.
If Yes, then do I need to use double quote, or single
quote or other things?Yes, you can do it.
However, most DBAs (even MS SQL Server ones) will tell you that that is bad form.
And of course the reason for doing that should never be because those field names are being displayed. Displaying field names breaks every model that seperates data from display (GUI.)

How to find what sql statement is currently running by scheduler job?

Hi
I scheduled a stored procedure to run every 5 minutes using dbms_scheduler.
The stored procedure internally call serveral other stored procedures.
The scheduled job is in running state and right now I want to find out what is the sql statement the job executing.
Is there any sql query to find out what is sql query the schedular job is running?? Please help me.
Thanks in Advance.

The previous sql id is null in this case.
I already quoted as I am running a pl/sql block in my scheduler job.
begin
usp_test('praram');
end;
I am using the pl/sql block as above in my scheduler job. The USP_TEST inturn calls some other stored procedures and each stored procedure has several inserts and update statements.
The scheduler job is still running. I know the sid of the running scheduler job.
I want to know the job is at which stored procedure and at which insert/update statement.
Please let me know is there any query to fulfil my requirement?
I greatly appreciate your help
Thanks

Embedded Quote in an SQL Statement

Similar Messages

Maybe you are looking for