I would like to connect an autocomplete text field to an SQLite database. The user should be able to type in a few letters and then select the item they would like to add from possible suggestions. Once the user adds the item (by pressing a button), an SQL query should retrieve other values from the selected item row.
Example of database table row.
To summarise, I would like the following:
An autocomplete component to provide suggested items (ItemName from database) after the user types a few letters
Perform an SQL query to retrieve values (Salt and Sugar from database) and keep a running total of salt and sugar. Theses values should then be added to a table containing 2 rows with 2 columns, as follows.
Salt | [value from database + total salt]
Sugar | [value from database + total sugar]
I would therefore appreciate therefore any advice and guidance on how these could be implemented.
You need to use a select query on ItemName specifically:
select `ItemName` from tablename
Then use that data for your auto complete code.
When the action listener for the auto complete fires just issues the query
"select * from tablename where ItemName='" + mySelection + "'"
Then use the column values in the returned row. You also need to deal with a case of nothing being returned if the user typed in something that isn't available in the list and pressed "Done".
Related
Is there a way to do this?
When I start writing SELECT [ I'd like the columns that are available to pop up so I can choose from them.
Currently, to know the columns I'm doing a SELECT * in another query. It takes a very long time to navigate through Object Explorer and find my table + expand the columns, too.
No IntelliSense options show up for me either to configure this.
If you know the table name, type in:
select * from [your tablename]
After that, highlight the table name, then press Alt + F1 on your keyboard.
You will then be prompted all the column names of the table.
Select all the columns you require, then press Ctrl + C on your keyboard.
Remove the "*" from your select and paste the column names.
You then just need to add the commas in front / the back, depending on your preference.
Hope this helps.
Problem:
I'm trying to make it so when a numerical field is filled in with a certain ID it fills in the other fields accordingly to what the first field was filled with. So if a person were to type in their ID it would populate it with their name accordingly.
Example:
But upon ID/numerical change I want it to do something like this:
Prior knowledge that may or may not help:
-I know this is possible with combo boxes but having a combo box with 2k-8k entries seems absurd
-I don't really think subform is optimal for this situation
-I think you can do this with "=DLookup" but I don't exactly understand how to pull it off
Please and thanks for any help. All is appreciated greatly!
Some built-in Access mechanisms:
Search field in the Navigation bar of the form.
Find feature (Ctrl-F).
Alternatively, with VBA you can use your own UI design and have more control:
Obtain the desired ID from the UI in whatever way you like - a textbox, a button and a popup, etc. Don't use a textbox that is bound to the actual ID field (ID fields should be read-only and you shouldn't use an edit field for a search field - keep them separate).
In VBA, obtain the ID that user searched for and then jump to that record using code like this:
Me.RecordsetClone.FindFirst "StudentID = " & studentID
If Not Me.RecordsetClone.NoMatch Then
Me.Bookmark = Me.RecordsetClone.Bookmark
End If
You don't need VBA for this. Simply add the Student ID textbox value as a parameter the form's query and let it filter the results according the ID provided.
The query should be something like this:
PARAMETERS [Forms]![YourMainForm]![YourIdTextBoxName] Long;
SELECT *
FROM YourTableName
WHERE ((([Student ID])=[Forms]![YourMainForm]![YourIdTextBoxName]));
When you add a new ID, requery the form to see the results.
Me.Requery
I am using stored procedure in mssql as backend, vb.net as frontend (just info).
There are a lot of records in the database and I am printing in crystal reports.
Now I want to filter the records from crystal report and not by adding a new parameter to procedure or changing database structure or else.
For now,Say there are columns : Name , Amount.
I want to put filter in amount like only display records whose amount above 100 or something. So other records with less than 100 should not be displayed.
This filter will be passed by the user so it'll be random.
I can't find a proper answer on internet. Might be a duplicate question, if so please post the link of the question if it is duplicated.!
Thanx anyways...!
In general the idea is to:
Create the parameter (user choose what will be the input/value) - link
Set filters, what values should be displayed in regards to parameter - link
On right side there is a DataExplorer window, where You need to add a Parameter (define his name, what question will be shown to user and what type the param will be / what values can be set inside).
Once done, You can jump to Data tab of a report, click Interactive Filter and specify which column must fit what condition with what value = Parameter (that one user will enter in Report).
Example: I will create AmountParam, with message "What should be the minimum amount?". Type will be set to Integer. Going to Report->Data->Interactive Filter, choose Amount as a Column, AmountParam as a Parameter and set condition Greater then (>).
In an openoffice-base (ooBase) query, and in setting the Criterion of a column. How do I call a value from a Combo Box [combo_1] in a Form [Form1] to filter the query which produces my report?
In MSAccess it is [Forms]![Form1].[combo_1] but I can't find the syntax for ooBase any help appreciated
I can think of two ways to do this, and both of them are significantly more complicated compared to the MSAccess method.
The first way is to make the combo box save to one row of a filter table. To ensure it always saves to the same one row the "Content type" for this form or subform will need to be "SQL command" with the "Content" something like SELECT * FROM "Filter" WHERE "FilterID" = 1 (1, or whatever the primary key of the row you're using is).
Now set your query to have a join to that row of the filter table.
The second way is to use a macro. On your combobox the macro will be triggered by the event "Item status changed", and the macro would read the combo box selection and put it where you need the data to go.
I have taken some search but ether the examples only use one parameter / columnname or they just add Strings together.
I have a table describing projets. There are unchangable columns like an id, projectnumber and such, and several 'dynamic' columns, which a user / admin can add through an interface in the application.
After that a user should see a List of all 'dynamic' Colums, and can decide to display them through checkboxes.
So what I need now, is a query as this
SELECT id, projectname, <LIST_OF_COLUM_NAMES> FROM project
I would like this to be safe from malicious Queries, like someone very clever naming a column
; DELETE TABLE projets --
and then displaying it.
I found several solutions where the querystring is just concatenated ether on the programm side or inside a stored procedure.
I found several examples for stored procedures which get one colum name and create a query statement from it.
I found this article
How to pass an array into a SQL Server stored procedure
on which I must admit I am not sure if it applies to my problem.
Is there a way to achive this without creating a security risk throug SQL-Injection?
There are several easy way to resolve this without risk of sql injection.
Write SELECT * FROM query and limit number of columns that are seen on application, this way all columns are returned and it is up to application to decide which ones to display.
Instead of passing string of columns to stored procedure, have user pass list of column indexes and based on integer value, you can have dynamic sql that generates SELECT statement only with columns that user wants back.
If you just want to display list of columns that exists in a table to the user you should select list of columns from Information Schema Views, this way you are sure which column exists in database.
In SQL-Server you can assign parameter datatype of sysname which has is how all system objects names are stored as, this could give you extra data validation.
No matter what you decide to do, you should never concatenate strings in application or stored procedures.
I tried to work with the Information Schema Views but I was not able to avoid conatenating Strings alltogether. This is what I came up with:
When the user wants to add a Column he can enter a display name, and select from a range of Datatypes. Then I create an internal unique internal column name (like DATETIME_67).
Then I create my query like this:
String querystring = "ALTER TABLE projects ADD " + internalname + " " + typestring;
Note that the String internalname and typestring are both generated inside my code, with no input from the user (so this should be safe against injection, I guess).
Then I write the internal name and the display name to a lookup table:
String querystring = "INSERT INTO lookup (tablename, displayname) " +
"VALUES (#tablename, #displayname)";
using (SQLCommand command = new SQLCommand(querystring, con)) { //con is a SQLConnection object
command.Parameters.AddWithValue("#tablename", internalname);
command.Parameters.AddWithValue("#displayname", displayname);
}
Here the actual Input from the user is inserted, but it is parameterized, so it should also be safe.
When I retrieve the columns I want to display I do also use the (hopefully) safe internal names:
List<String> selectedColumns; //the list of internal col names
String query = "SELECT id, projectnumber, projectname {0} FROM projects"; //projectnumer and name a mandatory fields
if (selectedColumns.Count > 0)
{
fieldstring = String.Join(",", selectedColumns);
fieldstring = ", " + fieldstring;
}
query = String.Format(query, fieldstring);
Please comment on this. Is is working exactly as I need it. The user can add (and remove) custom field to the datatabe and provide display names for them. He can also define, which of the present custom field are to be displayed, and he can enter data for the created fields. I am just not sure, if this save against malicious injections.