Parameter count mismatch SQLTE - database

Fairly newbie here to this and need some help, trying to save new employee information into my sqlite database from a user management screen in my application. I am throwing a Parameter count mismatch when I try to save new employee data into my sqlite employeeinfo database.
columns in my sqlite database table are as follows; Registration,Name,Surname,Access,Phone,Email,Username,Password
I am using the following code on pushbutton clicked;
void oviewsettings::on_pushButton_clicked()
{
QString Registration, Name, Surname, Access, Phone, Email, Username, Password;
Registration=ui->lineEdit_usermanagement_Registration->text();
Name=ui->lineEdit_usermanagement_Name->text();
Surname=ui->lineEdit_usermanagement_Surname->text();
Access=ui->lineEdit_usermanagement_Access->text();
Phone=ui->lineEdit_usermanagement_Phone->text();
Email=ui->lineEdit_usermanagement_Email->text();
Username=ui->lineEdit_usermanagement_Username->text();
Password=ui->lineEdit_usermanagement_Password->text();
OViewMain conn;
if(!conn.connOpen()){
qDebug()<<"Failed to open the database";
return;
}
conn.connOpen();
QSqlQuery qry;
qry.prepare("INSERT INTO employeeinfo(Registration,Name,Surname,Access,Phone,Email,Username,Password) VALUES ('"+Registration+"','"+Name+"','"+Surname+"','"+Access+"','"+Phone+"','"+Email+"','"+Username+"','"+Password+"')");
qry.addBindValue(":Registration");
qry.addBindValue(":Name");
qry.addBindValue(":Surname");
qry.addBindValue(":Access");
qry.addBindValue(":Phone");
qry.addBindValue(":Email");
qry.addBindValue(":Username");
qry.addBindValue(":Password");
qry.exec();
if(qry.exec())
{
QMessageBox::critical(this,tr("Save"),tr("Database Updated, Saved"));
conn.connClose();
}
else
{
QMessageBox::critical(this,tr("Error"),qry.lastError().text());
}
}

Not familiar with qt but from using other prepared statements and looking at the manual it seems like it should be the following code.
qry.prepare("INSERT INTO employeeinfo(Registration, Name, Surname, Access, Phone, Email, Username, Password) VALUES (:Registration, :Name, :Surname, :Access, :Phone, :Email, :Username, :Password)");
qry.BindValue(":Registration", Registration);
qry.BindValue(":Name", Name);
qry.BindValue(":Surname", Surname);
qry.BindValue(":Access", Access);
qry.BindValue(":Phone", Phone);
qry.BindValue(":Email", Email);
qry.BindValue(":Username", Username);
qry.BindValue(":Password", Password);
qry.exec();
The placeholders need to be in the query so the driver knowns where to write the values. The binding then needs a mapping to the placeholder and the value it should have. Additionally BindValue() uses named placeholders, addBindValue() uses anonymous/unnamed placeholders, here's an example using the latter.
qry.prepare("INSERT INTO employeeinfo(Registration, Name, Surname, Access, Phone, Email, Username, Password) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
qry.addBindValue(Registration);
qry.addBindValue(Name);
qry.addBindValue(Surname);
qry.addBindValue(Access);
qry.addBindValue(Phone);
qry.addBindValue(Email);
qry.addBindValue(Username);
qry.addBindValue(Password);
qry.exec();

Thanks for the above, that makes total sense now you have broken it down.
Your updated code is on the money just with a small typo the bindValue has a capital B in your code and QT is case sensitive. so have retyped it below for anyone else having this issue to see it.
One further note: Although with the updated code it saves the user into the sql database, it throws a new error: UNIQUE constraint failed: employeeinfo.Registration Unable to fetch row.
But it does save the user into the DB. I would suppose I have to create a new question to why it throws this error, but would love it if someone could answer that to complete this thread.
See updated code here:
QSqlQuery qry;
qry.prepare("INSERT INTO employeeinfo(Registration, Name, Surname, Access, Phone, Email, Username, Password) VALUES (:Registration, :Name, :Surname, :Access, :Phone, :Email, :Username, :Password)");
qry.bindValue(":Registration", Registration);
qry.bindValue(":Name", Name);
qry.bindValue(":Surname", Surname);
qry.bindValue(":Access", Access);
qry.bindValue(":Phone", Phone);
qry.bindValue(":Email", Email);
qry.bindValue(":Username", Username);
qry.bindValue(":Password", Password);
qry.exec();

Related

Unable to create another table in sqflite

I'm trying to create a new user table on existing database but sqflite keep showing the error of "no such table Exception" and it executes only one table . I tried changing database name also but nothing worked.
Here is my DBconnector Code:
class DBConnector {
Future<Database> setDatabase() async {
var directory = await getApplicationDocumentsDirectory();
var path = join(directory.path, 'sddssd.db');
var database =
await openDatabase(path, version:1, onCreate: _createDatabase);
return database;
}
Future<void> _createDatabase(Database database, int version) async {
String questionTableName = QuestionModel.KEY_QUESTION_TABLE_NAME;
String userTableName = UserModel.KEY_USER_TABLE_NAME;
String quesTableSql =
"CREATE TABLE IF NOT EXISTS $questionTableName (id INTEGER PRIMARY KEY,question VARCHAR(200),answer VARCHAR(200));";
String userTableSql =
"""CREATE TABLE IF NOT EXISTS $userTableName (uid INTEGER PRIMARY KEY,name TEXT,email TEXT,password TEXT);""";
await database.execute(quesTableSql);
await database.execute(userTableSql);
}
}
Error :
Exception has occurred.
SqfliteDatabaseException (DatabaseException(no such table: User (code 1 SQLITE_ERROR): , while compiling: INSERT INTO User (uid, name, email, password) VALUES (NULL, ?, ?, ?)) sql 'INSERT INTO User (uid, name, email, password) VALUES (NULL, ?, ?, ?)' args [f, e, s]})
String quesTableSql = """CREATE TABLE IF NOT EXISTS $userTableName
(
uid INTEGER PRIMARY KEY,
name TEXT,
email TEXT,
password TEXT
""");
I solved this , the thing is onCreate callback will get executed only one time when you load the application after that no changes will get updated unless u use migration .
So i created a seperate function for creating Table and got it working by making the instance of that class and call the create Table method.

SqlException: The multi-part identifier "chamin#gmail.com" could not be bound

When i try to execute the query in given bellow
is worked correctly and give the result
but when i change id into email then it will raise the exception
employee = connection.Query<Employee>("select id, email as email , password as password, role as role from Employee where email="+"chamin#gmail.com");
how do i fix this problem??
Strings have to be quoted in SQL :
employee = connection.Query<Employee>(
"select id, email as email , password as password, role as role from Employee where email='"+"chamin#gmail.com" + "'"
);
But your code is very permissive to SQL injection. You should use SQL parameters : it will prevent injection and avoid the issue you met.

How to escape ListView name in SOQL RETURNING USING clause

List name: mike's test view
FIND {*#*.*} IN EMAIL FIELDS RETURNING Lead(Id, Email, FirstName, LastName, Phone, Company USING ListView=mike's test view)
line 2:0 mismatched character '<EOF>' expecting '''
When escape with \:
FIND {*#*.*} IN EMAIL FIELDS RETURNING Lead(Id, Email, FirstName, LastName, Phone, Company USING ListView=mike\'s\ test\ view)
Phone, Company USING ListView=mike\'s\ test\ view)
^
ERROR at Row:1:Column:110
line 1:110 no viable alternative at character '\'
Salesforce docs say nothing about it
I'm pretty sure you need to use the api name and not the display name so it would be
FIND {*#*.*} IN EMAIL FIELDS RETURNING Lead(Id, Email, FirstName, LastName, Phone, Company USING ListView=mike_s_test_view)

py2neo update node in graph

i started using the py2neo database system with django.
How can i update a node in the graph database ?
I created a node:
user = graph_db.get_or_create_indexed_node("users_email_single", email, email,
{"user_id":user_id,
"basic_name_firstname": firstname,
"basic_name_lastname": lastname,
"contactprivate_email": email,
})
I get the node with following code:
graph_db = neo4j.GraphDatabaseService("http://localhost:7474/db/data/")
user = graph_db.get_indexed_node("users_user_id", user_id, user_id)
Regards
You can also set individual properties outside a batch as follows:
user["name"] = "Bob"
user["age"] = 77

Find if correct password with hash and random salt

I have a database with users and I want to have a random salt for each user that is saved in the column Salt and a hash of their salt+password in the field password.
I can insert them like this:
INSERT INTO users([Username], [Password], [Salt])
VALUES('David', HASHBYTES('SHA1', 'randomgeneratedsalt' + 'theirpw'), 'randomgeneratedsalt')
But how do I select them?
My own try is:
select *
from users
where Username = 'David'
AND Password = HASHBYTES('SHA1', Salt + 'enteredpw')
Of course I can select the salt for the user that is trying to login, but I'd like to do it without doing so.
You select them by username, which must be unique. After you locate the user you can compare the presented password hash against the stored one. Only need be careful to display the same error whether username was not found or hash don't match (ie. prevent information disclosure that the username is valid).

Resources