I'm trying to define a domain which will allow to pass only 6 chars strings. I'm declaring it in a following way:
create domain aircrafts_reg_nos as char(6)
check(length(#value) = 6)
But this doesn't seem to catch strings which are longer than 6 chars. Is there a way to enforce it?
length is not a Sybase SQL function. To find the length of a character field, use *char_length*. So your code should probably look something like this.
create domain aircrafts_reg_nos as char(6)
check(char_length(#value) = 6)
Also, try to do a little more research to make sure you are using the right function names in your code.
Related
Sorry if I'm using the wrong terminology - I'm not into MSSQL or VBScript.
I have a given script implementing a SQL query containing
.. AND (rep.is_primary_replica is null or rep.is_primary_replica = ''True'' or rep.is_primary_replica = ''False'') ..
which returns no results on a German server only because rep.is_primary_replica seems to contain ''Wahr'' and ''Falsch'' instead of ''True'' and ''False''
This question is about an at least similar problem.
Unfortunately there is no wtf flag.
Is there a way to do that correctly?
Can I disable localization of string conversions? (in MS SQL Server? VBS?)
Don't let printed values in the script confuse you. There is an implicit conversion from original value to string which depends on the client's (VBScript in your case I think) locale.
Type of the field is_primary_replica here must be bit if the rep is an instance of sys.dm_hadr_database_replica_states view.
If this is the case, it's pointless to check a bit field is Null, or its value equal to True or False, there's no other possibility anyway.
It appears that you can safely remove this condition from the query.
If you insist to include it, use number literals instead.
AND (rep.is_primary_replica is null or rep.is_primary_replica = 1 or rep.is_primary_replica = 0)
This is the proper way to query a bit field. With this way the server's or client's locale configuration won't cause any problems.
I'm using a library that doesn't support parametrized queries, so I'm trying to write a function to emulate them like this:
let params = [ String "\x00'blah" ] in
Mssql.execute ~params "SELECT $1"
To test this, I'm sending it a string of every ASCII character, and the only two that seem to need escaping are:
' - Needs to be escaped as ''
\0' - Seems like it has to be changed to CHAR(0)
The null character part makes my escaping function ridiculously complicated because it has to keep track of whether a string is open and if it needs to add +. I could write a much simpler version that converts it to something like CODE(0)+''''+'a'+'s'+'d' but I suspect that's going to be very inefficient when sending megabytes of data to the server. My version is also going to be crazy inefficient if I send a megabyte of null characters (not that I plan to do that, but I don't like leaving time-bombs in code).
What I'm wondering is -- Is there any other way to escape these null chars?
(Also, am I missing anything? I can't find any documentation for this since everyone seems to assume you have access to a decent T-SQL library).
EDIT: It looks like null-characters should work in T-SQL, but I'm running into a limitation of the library I'm using, where it calls FreeTDS's dbcmd, which assumes the string is null-terminated, and I can't seem to find any alternative function. It looks like rewriting the library I'm using to support real parameterized queries might be the only option :\
I don't know your library, but I know good library for that simple sql operations. This library is have simple methods to insert, update or delete records without write SQL command. Also support Merge command. Its mean if you don't know the record is exists or not but you want to save this.
If you want to encrypt sensitive data, also have a methods for this.
Here is example;
crypto.SetCryptoKey("DB-TEST-CUST");
dRec cust = new dRec("dbo.customer");
cust.fields["email"] = "john.lennon#gmail.com";
cust.fields["name"] = "John Lennon";
cust.fields["description"] = "John's secret world";
cust.fields["password"] = "abc123xyz".dEncryption(); //encryption text include some special characters, but methods support this.
if (cust.Insert() >= 0)
return "record inserted";
else
return "record error:" + db.LastException_Message;
for more information library's web site : https://www.dbdll.com/Documentation
I've run in to a problem with a software I'm configuring. I do not have access to the source code, only the config.
The issue is as follows, in the configuration the software expects me to enter a string, but I would like the string to jump out of the compare and instead execute a funtion.
Using sql profiler I get something like this:
exec sp_executesql N'SELECT * FROM dummyTable WHERE (Name LIKE #Pattern)',N'
This does not work in my setup, because pattern is not clearly defind in advanced. I need to take the
variable passed as pattern and run it trough a sql function but I can't figure out how. Typically Pattern contains a single char, in my example "1". I've tried altering the Pattern to use an escape char and run my function on it, but I think I'm missing someting (If this is at all possible).
The variable I've send from config is as follows:
{0}' or Name like dbo.RunCalulation({0})
Giving me the following:
'…#Pattern nvarchar(43)',#Pattern=N'1'' or Name like dbo.RunCalulation(1) '
This executes, but does not give any response, so I think the esacpe char does not work, and it compares the whole string to Name.
I'm real stuck at this, hope someone has a good idea what to do (I know that not having the source code is a real problem here.
One of the huge advantages of query parameters (such as #Pattern) is that they help protect against SQL injection (which is what you are trying to do).
So the answer is that you cannot do what you want. There's no way to escape the #Pattern parameter and add some of your own SQL to that query, because everything you pass as #Pattern will be interpreted as data, and never as SQL command text (which is the reason why your SQL text ends up inside the single quotes, and why your quote is automatically escaped to ''.).
I need to split a string value that has no delimiter. I work in banking and I am selecting a GL account number and need to separate the account number from the account branch number. The issue is both values are passed as one long string, 10 digits for the account number and 4 for the account branch. For example 01234567891234 needs to be changed to 0123456789.1234.
Every thing I find says to use CHARINDEX or SUBSTRING. From my understand both require a character to search for. If anyone can provide another function and some example code that would be great. Thanks.
You can do something simple like
left(str, 10) + '.' + right(str, 4)
if you know it'll always be a 14 character string
You could also use STUFF function as below:
declare #accNo varchar(14) = '01234567891234'
select stuff(#accNo,11,0,'.')
SQL Fiddle
I'm a little green when it comes to SQL Server string manipulation functions. If I have a string with six characters in it, say:
DECLARE #p_MyStringVariable VARCHAR (100)
SET #p_MyStringVariable = 'FANFFF'
And I want to insert, say, the letter 'M' in the first and seventh positions of the final string and assign that to another VARCHAR variable to read 'MFANFFMF', how can I best do that? And am I correct in reading that SQL Server strings are indexed starting from one, instead of zero? I'm thinking of the SUBSTRING() function, for instance.
(Note that some strings will be up to 100 characters in length, thus the VARCHAR(100) declaration above, even for a six-character string)
Thanks much for your help.
You could also take a look at the STUFF function.
SELECT STUFF(STUFF(#p_MyStringVariable,1,0,'M'),7,0,'M')
Yes, SQL Server indexes varchar etc columns starting at one.
To insert at specfic points, use STUFF (and see Joes's answer for examples)