Two similar SQLite case statements, one works, the other does not - javascript

The first statement works, the second comes back with the error below. The strange thing is except for variable names, they are the same statement, so if one works, the other should work as well.
"Error: SQLITE_ERROR: no such column: RAF60"
Where RAF60 is my data. I thought that I may have a quote in the wrong place as it's trying to read my data as a column but can't see it, also looked for somewhere I may have swapped my data with an expression, but could not see that either.
The RFID1,2,3 and the CarPlates1,2,3 are formatted as text
Statement one exactly as it appears below.
msg.topic = 'SELECT "RFID1", "RFID2", "RFID3", case when "RFID1" = ' + readrfid + ' then RFID1 when "RFID2" = ' + readrfid + ' then RFID2 when "RFID3" = ' + readrfid + ' then RFID3 else null end dbrfid FROM SiteDB'
The output below from Node-Red, I reformatted it to make it easily readable. It shows that the data is populating the right fields and this code works. Its the above statement with the data inserted, just prior to being sent to SQLite
topic:
"SELECT "RFID1", "RFID2", "RFID3", case
when "RFID1" = 149544749819338 then RFID1
when "RFID2" = 149544749819338 then RFID2
when "RFID3" = 149544749819338 then RFID3
else null
end dbrfid FROM SiteDB"
payload: "149544749819338"
_msgid: "232263a1.02d34c"
_event: "node:ad044b82.8c419
0: object
Statement two, the sql query exactly as it appears below
msg.topic = 'SELECT "CarPlate1", "CarPlate2", "CarPlate3", "dbcarplate", case when "CarPlate1" = ' + readlpr + ' then CarPlate1 when "CarPlate2" = ' + readlpr + ' then CarPlate2 when "CarPlate3" = ' + readlpr + ' then CarPlate3 else null end dbcarplate FROM SiteDB
The output below from Node-Red, I reformatted it to make it easily readable. It also shows that the data is populating the right fields, but comes back with an error message, the statement below is the data just before its sent to SQLite
topic: "SELECT "CarPlate1", "CarPlate2", "CarPlate3", "dbcarplate", case
when "CarPlate1" = RAF60 then CarPlate1
when "CarPlate2" = RAF60 then CarPlate2
when "CarPlate3" = RAF60 then CarPlate3
else null
end dbcarplate FROM SiteDB"
payload: " RAF60 "
_msgid: "f2831f05.42c24"
_event: "node:61abb27f.bc684c"
It does not run in SQLite, and I get the error message.
"Error: SQLITE_ERROR: no such column: RAF60"

Related

How to increment msg.payload[i] in node-red

We are working on an ubuntu server, where we have installed node-red. What we want is to take data from one table on our MySQL Database, and then move it to another table.
Our flow looks like this:
Our 'Select Tolerance' node contains:
msg.topic = "SELECT * FROM Tolerance";
return msg;
Simple code, which selects data from our database. If we connect a debug node like this:
We then see an output looking like this:
We want to pick all data, so we need to go through all objects in the array and make sure to take all values and send them over to our new database table. We're using the 'New Tolerance' node to do so, and 'New Tolerance' contains:
var i;
var secured = 1;
for (i = 0; i < msg.payload.length; i++) {
var time_start = msg.payload[i].time_start
var time_end = msg.payload[i].time_end
var temperatur_lpn = msg.payload[i].temperatur_lpn
var temperatur_rising = msg.payload[i].temperatur_rising
var temperatur_weather = msg.payload[i].temperatur_weather
var temp_compare_WL = msg.payload[i].temp_compare_WL
var temp_compare_WR = msg.payload[i].temp_compare_WR
var out = "INSERT INTO Sunrise_Tolerance (time_start, time_end, temperatur_lpn, temperatur_rising, temperatur_weather, temp_compare_WL, temp_compare_WR, secured)"
out = out + " VALUES ('" + time_start + "','" + time_end + "','" + temperatur_lpn + "','" + temperatur_rising + "','" + temperatur_weather + "','" + temp_compare_WL + "','" + temp_compare_WR + "','" + secured + "');"
msg.topic = out;
return msg;
}
The problem is that we only receive the first row of data (first object in the array) and not the rest. Can anyone figure out why we dont receive all data, but only the first?
The problem comes the fact you have a return statement inside the for loop.
That will exit the function the first time it reaches that point - so your loop never loops.
If you want to send multiple messages you should use node.send(msg); in your for loop. The only thing to watch out for is if you call node.send with the same object multiple times, as the message is passed by reference, you would get some odd side-effects. As you only care about msg.topic in this instance, you can afford to create a new message object each time.
So, instead of the return msg statement, you could do:
for (i ... ) {
var out = "INSERT ...";
...
node.send({topic: out});
}
// Return without any arguments so no further messages are sent.
return;

Sql dynamic query syntax error

This is my sql query
"select * from applicant where email =ABC.Com"
I want table name, colum name and value after where clause dynamic in form of variables there. Can you tell me the right syntax? I have tried this so far
"select * from " tableNameVariable+"where "columnNameVariable+"= "inputedEmailVariable
now this query is giving an error near =inputedEmailVariable.
Note : I want to use this string in nodejs function. Please tell me right syntax?
Try:
"select * from " + tableNameVariable + " where " + columnNameVariable + " = '" + inputedEmailVariable + "'"
You're missing some + operators, and also missing a space before where.
var sql = "select * from " + tableNameVariable + " where " + columnNameVariable + " = " + inputedEmailVariable
You should be very careful if the variables are coming from user input, since this can result in SQL injection. Make sure the variables contain table and column values that they're allowed to access.
And if you're compareing the column with a string, you'll need quotes around the string. But it would be better to use a placeholder at that point, rather than concatenating the variable.

JS: how to filter table using variable

I have a function that I need to use for filtering table rows:
setFilterString("Filter");
But I have a problem. I can set it to
setFilterString("OrderID = 5");
and it will filter out row where OrderID is equal to 5 but if i try using a variable that has a value taken before like this
setFilterString("OrderID = vOrderID");
I get error "Invalid column name 'vOrderID'." (as vOrderID is variable and not a column, I guess)
I have seen somewhere in filter section inputting something like this ("OrderID = '" & vOrderID & "'") but it doesn't have any result at all for me. Doesn't even throw any error in the console.
JavaScript assumes you are just passing a string to the function. If you want to use the variable, you should try this:
setFilterString("OrderID = '" + vOrderID + "'"); // Results in OrderID = '5'
or
setFilterString("OrderID = " + vOrderID); // Results in OrderID = 5
depending on the body of your function.
Use + instead of &: setFilterString("OrderID = " + vOrderID) should work.
Use "+" for merge strings:
setFilterString("OrderID = " + vOrderID)
You can also try to use ${idvOrderID} inside string:
setFilterString("OrderID = ${vOrderID}")
Or:
setFilterString(sprintf("OrderID = %s", vOrderID))
Remember about difference between ' and "

Passing sort order as a parameter

Referring to the sample SQL statement below. I'm able to pass parameter values to the placeholder '?' in the statement. However I'm wondering whether it is possible to pass in the sort order in the same way?
So instead of this:
//Create SQL query
var getAccountsTransactionsStatement = WL.Server.createSQLStatement(
"SELECT transactionId, fromAccount, toAccount, transactionDate, transactionAmount, transactionType " +
"FROM accounttransactions " +
"WHERE accounttransactions.fromAccount = ? OR accounttransactions.toAccount = ? " +
"ORDER BY transactionDate DESC " +
"LIMIT 20;"
);
Can I have this:
//Create SQL query
var getAccountsTransactionsStatement = WL.Server.createSQLStatement(
"SELECT transactionId, fromAccount, toAccount, transactionDate, transactionAmount, transactionType " +
"FROM accounttransactions " +
"WHERE accounttransactions.fromAccount = ? OR accounttransactions.toAccount = ? " +
"ORDER BY ? DESC " +
"LIMIT 20;"
);
And to invoke it:
//Invoke prepared SQL query and return invocation result
function getAccountTransactions1(accountId){
return WL.Server.invokeSQLStatement({
preparedStatement : getAccountsTransactionsStatement,
parameters : [accountId, accountId, transactionDate]
});
}
Two things:
This query piece:
WHERE accounttransactions.fromAccount = ? OR accounttransactions.toAccount = ?
Could be replaced with this:
WHERE ? in (accounttransactions.fromAccount, accounttransactions.toAccount)
No you can't. Parameters are values - kind of static stuff - while column names are not. You could probably work around the issue somehow in limited way by using s.t. like this:
ORDER BY
CASE ?
WHEN 'transactionDate' THEN transactionDate
WHEN 'someotherdate' THEN someotherdate
ELSE DATE '2010-01-01'
END
Note however that's a messy construction. Also depending on the type of the database you're using you might want to cast all the columns into one data type i.e. string. so to_char(transactionDate,'yyyy-mm-dd hh24:mm:ss') might be in order but you need to ensure that the sorting is proper in your case (as number tend to mess stuff up like '2' > '13').

Saving CR/LF in json data

I am saving table data to a json object. The table data is coming from txt inputs and textareas in the table cells.
I'm running into a problem with CR/LF characters in the JSON elements holding the textarea data. The JSON data gets saved to the database fine, but when I pass it back to the jQuery function that populates the table using that data, I get this:
SyntaxError: JSON.parse: bad control character in string literal at line 1 column 67 of the JSON data
var array = JSON.parse(notes),
in the console.
I put the JSON data in Notepad++ with Show All Characters on and the CR/LF was at column 67.
Here's a sample of JSON data that I'm working with:
[["","","",""],["","9/23/14","",""],["","30789 detail, x_vendor_no**CR/LF HERE**
20597 header","",""],["","99 del invalid x_vendor_no","",""],["","30780","",""],["","","",""],["","","",""],["","","",""]]
Is there a way to allow CR/LF in the data?
UPDATE
11684's suggestion to use replace to remove the \r part of the CRLF won't work. Here's why:
Here's the complete function that uses the JSON data:
(Updated to work with Update #2 code below)
function PopulateTaskTableWithNotes(tableID,notesArray) {
// JSON parse removed per answer suggestion
var r, c, note;
for (r = 0; r < notesArray.length; ++r) {
for (c = 0; c < notesArray[r].length; ++c) {
note = notesArray[r][c];
$('#' + tableID + ' tr:nth-child(' + (r + 1) + ') td:nth-child(' + (c + 1) + ')').children(':first-child').val(note);
}
}
}
I still get the error on the line that tries to parse the JSON data. The replace function apparently can't "find" characters within an array element.
UPDATE #2
Here's how I am creating the array:
var siteID = $('#ddlUserSites option:selected').val(),
numRows = $('#' + tableID + ' tr').length,
numCols = $('#' + tableID).find('tr:first th').length,
notesArray = new Array(numRows),
rowNum = 1,
note = '',
colNum;
while (rowNum <= numRows) {
notesArray[rowNum] = new Array(numCols);
// Reset colNum for next row iteration
colNum = 1;
while (colNum <= numCols) {
note = '';
if ($('#' + tableID + ' tr:nth-child(' + rowNum + ') td:nth-child(' + colNum + ')').children(':first-child').is('input,textarea')) {
note = $('#' + tableID + ' tr:nth-child(' + rowNum + ') td:nth-child(' + colNum + ')').children(':first-child').val();
}
notesArray[rowNum][colNum] = note;
//console.log('Note for rowNum ' + rowNum + ', colNum ' + colNum + ': ' + note);
colNum++;
}
// Remove first element in current row array
notesArray[rowNum].shift();
rowNum++;
}
// Remove first element in array
notesArray.shift();
JSON.stringify(notesArray); // Added per an answer here
console.log('Final notesArray: ' + $.toJSON(notesArray));
$.ajax({
data: {saveTaskNotes: 'true', userID:userID, siteID:siteID, taskTable:tableID, notes:notesArray},
success: function(data) {
console.log('Save task notes data: ' + data);
}
});
The "Final notesArray" console output looks fine, but now, with stringify added, the function above (PopulateTaskTableWithNotes) console output shows that it's reading through every character in the array as a separate element!
Maybe this will help too, as far as what's happening to the data between the creating and reading functions: the array is being saved to a single MySQL database field and then retrieved for the PopulateTable function via $.ajax() (on both ends).
Having said that, do I need to look at what I'm doing with/to the array in the PHP code?
UPDATE #3
Here's the PHP function that takes the data in and writes to the MySQL db:
function SaveTaskNotes($userID,$siteID,$taskTable,$notes) {
$notes = json_encode($notes);
$insertUpdateTaskNotesResult = '';
$insertTaskNotes = "INSERT INTO userProgress (userProgressUserID,userProgressSiteID,userProgressNotesTable,userProgressNotes) values ($userID,$siteID,'" . $taskTable . "','" . $notes . "')";
$log->lwrite('$insertTaskNotes: ' . $insertTaskNotes);
$resultInsertTaskNotes = #mysqli_query($dbc,$insertTaskNotes);
if ($resultInsertTaskNotes) {
$insertUpdateTaskNotesResult = 'insertTaskNotesSuccess';
} else {
if (mysqli_error($dbc) != '') {
$log->lwrite('INSERT TASK NOTES: An error occurred while attempting to add the task notes. Query: ' . $insertTaskNotes . ', mysqli_error: ' . mysqli_error($dbc));
}
$insertUpdateTaskNotesResult = 'insertTaskNotesFail';
}
echo $insertUpdateTaskNotesResult;
}
And here's the function that gets the data from the db and sends it to the above $.ajax function:
function GetUserTaskNotes($userID,$siteID,$taskTableID) {
$queryGetUserTaskNotes = "SELECT userProgressNotes FROM userProgress WHERE userProgressUserID = $userID AND userProgressSiteID = $siteID AND userProgressNotesTable = '" . $taskTableID . "'";
$log->lwrite('$queryGetUserTaskNotes: ' . $queryGetUserTaskNotes);
$resultGetUserTaskNotes = #mysqli_query($dbc,$queryGetUserTaskNotes);
if ($resultGetUserTaskNotes) {
$taskNotes = mysqli_fetch_assoc($resultGetUserTaskNotes);
$log->lwrite('Retrieved $taskNotes[\'userProgressNotes\']: ' . $taskNotes['userProgressNotes']);
echo $taskNotes['userProgressNotes'];
} else {
if (mysqli_error($dbc) != '') {
$log->lwrite('GET TASK NOTES: An error occurred while attempting to retrieve the task notes. Query: ' . $queryGetUserTaskNotes . ', mysqli_error: ' . mysqli_error($dbc));
}
echo 'getTaskNotesFail';
}
}
In both the save and get functions the $log output shows that the array never changes (with the above js/php code) and pasting the array in to notepad++ shows that the CR/LF is still there throughout.
Don't use JSON.parse, the data is already JSON and Javascript can work with it.
You only need it when passing a string, imagine JSON.parse() beeing like string2json().
I think this might already be a solution to your problem, I've never had issues with new line characters.
As Luis said, the problem is not your client (Javascript, jQuery), besides the JSON.parse, but the providing site is wrong.
Example for PHP:
<?php
echo json_encode(array("test" => "
x"));
PHP properly escapes the characters:
{"test":"\r\n\r\n\r\nx"}
But the source of your data is providing malformed JSON.
To fix the JSON issue, either use prepared statements or use:
$notes = str_replace('\', '\\', json_encode($notes)); // in SaveTaskNotes
Well, the error is on the input data (showed in question). You can't have an CR or LF inside a literal in a JSON string. What you can have are that chars escaped as \r \n. The problem is on other side, where escaped codes are replaced by actual chars and therefore the full JSON string becomes invalid.

Categories