Questions tagged [prepared-statement]
A Prepared Statement (or parameterized statement) is a precompiled SQL statement that serves to improve performance and mitigate SQL injection attacks. Prepared statements are used in many popular Relational Database Management Systems.
prepared-statement
6,214
questions
0
votes
0
answers
16
views
Trying to update table using PreparadStatement, But parameters are generated inside a Parentheses
Using JDBC connection in Java framework, Am updating column values my lfvadd table.
this is my sample code :
PreparedStatement pst = null;
String sql = ("UPDATE lfvadd SET recipe_name = ? WHERE ...
-3
votes
0
answers
35
views
Python: basic example of input sanitization for sql queries
I'm a computer science student and I'm currently learning about writing secure code.
I came across a very simple function to sanitize the input:
import re
def my_sanitize(input_string):
...
0
votes
0
answers
17
views
PHP PDO Query is not returning any results despite SQL query running correctly in MySQL Workbench [duplicate]
I am working on some PHP code where I take a comma seperated string from a user table, and seperate it into a comma seperated string to be inserted into another SQL query to pull the comma seperated ...
0
votes
0
answers
32
views
Delete DB entry for type text[] from PreparedStatement
our postgres DB define entry column as data type text[]
Some DB entries are as below
And now we want to delete DB entry based on Provider and Content
Provider
Content
A
{abcd}
B
{abcde}
SQL ...
-1
votes
0
answers
18
views
Rollback does not do anything when error occurs in my transaction mysql [duplicate]
I have written code to insert multiple rows in a table. If there is an error on any of them, I want them to rollback.
The code is written in PHP:
mysqli_report(MYSQLI_REPORT_ERROR | ...
2
votes
1
answer
73
views
DuckDB - Filename as a parameter in COPY TO statement
Python & DuckDB 1.0
I'm trying to copy a table to a parquet file with the filename passed as a parameter in a prepared statement.
Using a fixed filename works:
def table2parquet(con):
con....
1
vote
1
answer
55
views
SLURM batch job - how to run a preparation task once per node on each node that will receive jobs from the same batch file?
I am unable to find any relevant info regarding running preparation tasks on nodes, I expect this to be a common enough problem that means shouldn't be trying to create some custom workaround to ...
0
votes
1
answer
27
views
executing an mysql update statement held on a table
I am trying to execute update statements that are stored on a table. I must first select the row that the update statement is on to get the statement, then I need to execute that update statement.
I ...
0
votes
0
answers
23
views
PostgreSQL prepare statement [duplicate]
Note: I do not think this is a PHP question.
PostgreSQL on server #1: PostgreSQL 12.18 (Ubuntu 12.18-0ubuntu0.20.04.1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 9.4.0-1ubuntu1~20.04.2) 9.4.0, 64-...
-1
votes
1
answer
64
views
Need variables in parameterized view in clikhouse
I need variable in parametrized view.
CREATE VIEW my_new_view AS
SELECT
CampaignName,
sentiment, -- **CASE WHEN variable** = sentiment THEN sentiment ELSE NULL END AS sentiment_match
COUNT(CASE ...
-1
votes
1
answer
39
views
Set connection-level variables with PreparedStatement
In the following code, the commented-out line successfully sets myVariable, and the operations that follow this section execute as expected. However, when using the uncommented variation, conn....
1
vote
1
answer
75
views
Informix PrepareStatement throws error - "A character to numeric conversion process failed" when LIMIT clause is added to query
I have a sql query which works fine until a LIMIT clause is added to the end of the query.Below is the query:
String query = SELECT * FROM customer
WHERE acct = ?
AND cust_id = ?
AND call_status ...
-1
votes
1
answer
54
views
how to insert multiple data in a bd using threads with java?
I must make a program that obtains data from a DB and insert what the query returns into another table in another DB, the records that that table contains are millions, in one hour there are ...
-1
votes
2
answers
50
views
How to perform a select by sections since it contains many records using Java?
I have a table which contains approximately 100,000 records, I did a SELECT to obtain the total number of records because it can vary, I need to consult the table and obtain all the records of 4 ...
0
votes
0
answers
10
views
What is the most efficient method for regularly querying a relational database:Prepared Statement, Stored Procedure, User Defined Function or another?
In a system where users can generate SQL reports based on specified parameters, such as time filters and company filters, and where the data needs to be updated regularly from a relational database, ...