I am running a sql query using two tables namely QuestionInsert and Question_Papers.
The columns in th erespective table are as follows:-
Table:-QuestionInsert
Columns:-QuestionNum,Question,Answer,CatId,SubCatId
Table:-Question_Papers
Columns:-QuestionNum
I want an sql query which will retrieve all QuestionNum,Question,Answer from table QuestionInsert which QuestionNum is present in table Question_Papers.
Also, I want to retrieve all QuestionNum,Question,Answer from table QuestionInsert which QuestionNum is not present in table Question_Papers.
This data is displayed on a Grid View.The queries I am using are as follows:-
The Query for first condition is:
SELECT F.QuestionNum,
F.Question,
F.Answer
FROM QuestionInsert F
INNER JOIN Question_Papers FS ON F.[QuestionNum]=FS.QuestionNum
WHERE ((F.QuestionNum=FS.QuestionNum) AND (F.CatId='" +
DropDownList1.SelectedValue + "' And F.SubCatId='" + DropDownList3.SelectedValue + "'))
ORDER BY F.QuestionNum DESC;
The other query for 2nd condition. is:-
SELECT F.QuestionNum,
F.Question,
F.Answer
FROM QuestionInsert F INNER JOIN Question_Papers FS ON F.[QuestionNum]!=FS.QuestionNum
WHERE ((F.QuestionNum!=FS.QuestionNum) AND (F.CatId='" + DropDownList1.SelectedValue + "'
And F.SubCatId='" + DropDownList3.SelectedValue + "'))
ORDER BY F.QuestionNum DESC
My code is retrieving correct information but if more than one row of same QuestionNum is present in Question_Papers table, it is displaying all the rows repeatedly. I want to display the unique rows which are present and not present in table Question_Papers separately.
Kindly help me.
You could try the following for the second condition:
SELECT F.QuestionNum,F.Question,F.Answer
FROM QuestionInsert F
WHERE (F.CatId='" + DropDownList1.SelectedValue + "' And F.SubCatId='" + DropDownList3.SelectedValue + "')
AND F.QuestionNum NOT IN (SELECT QuestionNum FROM Question_Papers)
ORDER BY F.QuestionNum DESC
And this for the first condition:
SELECT F.QuestionNum,F.Question,F.Answer
FROM QuestionInsert F
WHERE (F.CatId='" + DropDownList1.SelectedValue + "'
AND F.SubCatId='" + DropDownList3.SelectedValue + "')
AND F.QuestionNum IN (SELECT QuestionNum FROM Question_Papers)
ORDER BY F.QuestionNum DESC";
However, there are serious problems with your code - have you looked into SQL injection? There are many data access frameworks, like Entity Framework, that would push you down a better route.
Your first query can be rewritten using EXISTS
SELECT F.QuestionNum,F.Question,F.Answer FROM QuestionInsert F
WHERE EXISTS (SELECT * FROM Question_Papers P WHERE P.QuestionNum = F.QuestionNum)
AND F.CatId='" + DropDownList1.SelectedValue + "'
AND F.SubCatId='" + DropDownList3.SelectedValue + "'
Second query using NOT EXISTS
SELECT F.QuestionNum,F.Question,F.Answer FROM QuestionInsert F
WHERE NOT EXISTS (SELECT * FROM Question_Papers P WHERE P.QuestionNum = F.QuestionNum)
AND F.CatId='" + DropDownList1.SelectedValue + "'
AND F.SubCatId='" + DropDownList3.SelectedValue + "'
Please note that with the way those queries are written (which was taken from your question), you are vulnerable to SQL Injection. You should use parameters instead.
There doesn't appear to be a need to use a join nor a reason for repeating the join clause within where. Form what I can gather all you need to do is check for existence, which recent versions (2005+) of sql server supports with EXISTS. Doing this as a single query than a correlated subquery can be used to check and flag existence
DECLARE #question_insert TABLE ( id INT, question VARCHAR(50), answer VARCHAR(50), catid INT, subcatid INT )
DECLARE #question_paper TABLE ( id INT, question_insert_id INT )
INSERT INTO #question_insert ( id, question, answer, catid, subcatid )
VALUES
(1, 'How old are you?', '20', 1, 1),
(2, 'Who was the first president?', '?', 2, 1)
INSERT INTO #question_paper ( id, question_insert_id )
VALUES (1, 1),(2, 1)
SELECT
qi.id,
qi.question,
qi.answer,
CASE WHEN EXISTS(SELECT 1 FROM #question_paper qp
WHERE qp.question_insert_id = qi.id)
THEN 'Yes' ELSE 'No' END AS in_question_paper
FROM #question_insert qi
--WHERE qi.catid=#catid AND qi.subcatid=#subcatid
demo
Alternatively AS individual queries
SELECT
qi.id,
qi.question,
qi.answer,
'Yes' AS in_question_paper
FROM #question_insert qi
WHERE EXISTS(SELECT 1 FROM #question_paper qp
WHERE qp.question_insert_id = qi.id)
And
SELECT
qi.id,
qi.question,
qi.answer,
'No' AS in_question_paper
FROM #question_insert qi
WHERE NOT EXISTS(SELECT 1 FROM #question_paper qp
WHERE qp.question_insert_id = qi.id)
I will reiterate that you should read up on SQL Injection and not concatenate user input into queries.
Also re. DISTINCT not being "acceptable in joins" that is not the case. What is not acceptable is to use DISTINCT and refer to a column that is not part of select list in another part of the query (in this case it would've been the WHERE clause), a way round this is to use GROUP BY instead.
Related
I have the following table structure of my database:
db structure
My aim is to output every row of tbl_Therapeuten (these are my employees) with the name of their trainings (in german "Fortbildung").
The names of the trainings are stored in tbl_Forbildungen. And the trainings which each employee has is stores in tbl_Therapeut_Fortbildung. For the output I want to show the name of the training, not the id.
Like this:
output
I am programming in C#, SQL Server.
First I tried this:
string sSQL = "SELECT t.*, STRING_AGG(tf.Id_Fortbildung, ';') AS Fortbildungen " +
"FROM tbl_Therapeuten t " +
"FULL OUTER JOIN tbl_Therapeut_Fortbildung tf on t.Id = tf.Id_Therapeut ";
But this brings an error containing that I don't use tbl_Therapeuten.Id in an aggregate function or in a Group by clause.
Next I tried this:
string sSQL = "SELECT t.Id, t.Nachname, STRING_AGG(tf.Id_Fortbildung, ';') AS Fortbildungen " +
"FROM tbl_Therapeuten t " +
"FULL OUTER JOIN tbl_Therapeut_Fortbildung tf on t.Id = tf.Id_Therapeut " +
"GROUP BY t.Id, t.Nachname";
This worked (except displaying the name of the training but the Id) but I don't want to explicitly name every column of tbl_Therapeuten. I want to use "t.*". But this is not working:
string sSQL = "SELECT t.*, STRING_AGG(tf.Id_Fortbildung, ';') AS Fortbildungen " +
"FROM tbl_Therapeuten t " +
"FULL OUTER JOIN tbl_Therapeut_Fortbildung tf on t.Id = tf.Id_Therapeut " +
"GROUP BY t.*";
So I need some help :)
And what I also don't know how to do is to display the name of the trainings instead of the id.
Thanks for your help!
You might find that a correlated subquery provides better performance (by avoiding the outer aggregation) and allows you to avoid listing all columns from t:
SELECT T.*,
(SELECT STRING_AGG(F.Name, ';')
FROM tbl_Therapeut_FortBildung TF JOIN
tbl_FortBildungen F
ON F.Id = TF.Id_FortBildung
WHERE TF.Id_Therapeut = T.Id
) as Fortbildungen
FROM Therapeuten T
I think this is what you need.
SELECT T.Id,T.Name,T.Street,T.BirthDate,STRING_AGG(F.Name,';')
FROM Therapeuten T
LEFT JOIN tbl_Therapeut_FortBildung TF ON TF.Id_Therapeut=T.Id
LEFT JOIN tbl_FortBildungen F ON F.Id=TF.Id_FortBildung
GROUP BY T.Id,T.Name,T.Street,T.BirthDate
As far as I know SQL server does not support the GROUP BY *, so you will have to specify the column names.
i need to use SELECT statment with UNION ALL several times (unknown nomber times).
I did it with c# ! can i do it inside a stored procedure ?
c#
// this code selects a number of users thoughts. for every user it is getting only 6 thoughts
// according to each user page number (friendsToughtPageNum).
for (int i = startUser-1; i < endUser; i++){
subSql += "SELECT * FROM (SELECT TOP " + 6 * friendsToughtPageNum[i] + " * FROM (SELECT TOP thought, firstName, lastName FROM tbl_thoughts INNER JOIN tbl_users ON thoughtUserID = userID WHERE userID=" + IDs[i] + " ORDER BY thoughtID ASC) AS T" + i + " ORDER BY thoughtID DESC) AS TA" + i + " UNION ALL ";
}
subSql = subSql.Remove(subSql.Length - 11, 11);
sql = subSql;
Yes, you can do it in a stored procedure by using a CURSOR and looping that way. You can then save the results to either a temp table and read from that or you can continue to use UNION ALL
So I'm retrieving data from the database using odbc. One of my fields, which was causing the problem, is AutoNumber. In my query when I use, '" convert.toint64(empid)"', I get an error of data type missmatch. But when I used parameter, it worked perfectly. Can someone tell me what is the difference. As far as I know, AutoNumber is a long integer and long int is 64, right?
here are both of my queries:
string cmdText = "SELECT p.projID, p.projName, a.wageperday " +
"FROM ((projects p INNER JOIN assigns a ON p.projID = a.projname) " +
"INNER JOIN empos e ON a.employeeID= e.ID) " +
"WHERE a.employeeID = ?";
OdbcCommand assignslist = new OdbcCommand(cmdText, _connection);
assignslist.Parameters.AddWithValue("#empID", empid);
OdbcDataReader readassigns = assignslist.ExecuteReader();
GridView1.DataSource = readassigns;
GridView1.DataBind();
(this one works fine)
string cmdText = "SELECT p.projID, p.projName, a.wageperday " +
"FROM ((projects p INNER JOIN assigns a ON p.projID = a.projname) " +
"INNER JOIN empos e ON a.employeeID= e.ID) " +
"WHERE a.employeeID = '" + convert.toint64( empid ) + "';
OdbcCommand assignslist = new OdbcCommand(cmdText, _connection);
OdbcDataReader readassigns = assignslist.ExecuteReader();
GridView1.DataSource = readassigns;
GridView1.DataBind();
for this one, i get an error even if I removed the conversion, I get an error.
One more question, I don't understand INNER JOIN perfectly and the above code was from a user here who helped me. I don't understand why did he use "FROM ((projects p INNER JOIN assigns a ON p.projID = a.projname) " +
"INNER JOIN empos e ON a.employeeID= e.ID)"
two brackets -- I mean a bracket inside a bracket. And if I wanna join a 4th or 5th table do I have to put it inside a bracket aside from the main bracket? An example would be much appreciated!
If a.employeeID is a number then your problem are the quotes and the concatenation of a number to a string.
"WHERE a.employeeID = " + convert.toint64(empid).ToString()
but this make no sense because you have a string to build so, you could simply write
"WHERE a.employeeID = " + empid.ToString();
however use always the parameterized query. That is the correct way to go.
A parameterized query allows the Framework code to pass the parameters with the correct format and you don't have to worry about quoting values, format of dates and decimal separators. (And last but not least, you avoid any possibilities of Sql Injection)
For the second part of your question, JOIN is used to put togheter data from two tables, when you have more than one JOIN the parenthesys help to understand how the grouping from the tables are perfomed. First the data from projects and assigns are grouped together following the rules of the INNER JOIN then the resulting set of data is joined with the data from the employee table following the rules of the second join.
In your second query, instead of using convert.toint64( empid ) try using empid.ToString():
"WHERE a.employeeID = " + empid.ToString();
The error you were receiving was due to the fact that you were trying to concatenate a string with an integer.
With regards to the INNER JOINs you are using, the use of the brackets is dependant upon the database you are using. In most cases, you will not need the brackets at all and they can be removed without any issue, so you could rewrite the query to:
string cmdText = "SELECT p.projID, p.projName, a.wageperday " +
"FROM projects p " +
"INNER JOIN assigns a ON p.projID = a.projname " +
"INNER JOIN empos e ON a.employeeID = e.ID " +
"WHERE a.employeeID = " empid.ToString();
You're trying to add a string and an integer, which isn't allowed automatically. You'd have to convert the number to a string first, like this:
"WHERE a.employeeID = '" + empid.ToString() + "';
But, using parameters is the better way for other reasons (best habit to be in, to avoid SQL-injection attacks, etc.).
Is it possible to turn this into an entity framework query that will only query the database once?
select max(TableADate) latestTableADate, max(TableBDate) latestTableBDate
from
(
select max(a.ModifiedDate) TableADate, null TableBDate
from TableA a
union all
select null, max(b.ModifiedDate)
from TableB b
) data
The intent is to get the latest ModifiedDate from multiple tables with one sql statement so Entity Framework is not doing multiple trips to the database to get the data.
I need to know when the last time that one of the tables was updated.
Update:
I ended using DbContext.Database.SqlQuery doing the following:
var output = db.Database.SqlQuery<DateTime>
("select data from (" +
"select 1 orderBy, max(ModifiedDate) data from TableA" +
"union all " +
"select 2, max(ModifiedDate) from TableB " +
") temp order by orderby").ToList();
data.TableADate = output[0];
data.TableBDate = output[1];
You can execute a query similar to the one you've listed using the DbContext.Database.SqlQuery method. You'd need to change it to return the dates in some sort of order or use out parameters.
Here's what needs to be done:
Match 2 fields from different tables in SQL Server( done ), update fields in table1 where table1.field1 = table2.field2 (problem, it just updates all the records in the table)
Here's what I have , where tempTableName is a table imported to SQL Server for the purpose of the query:
"UPDATE Table1 SET Table1.fieldN ='" + DateTime.Now.DayOfYear + "' FROM " + tempTableName + " CROSS JOIN Table1 WHERE (" + tempTableName + ".fieldX = Table1.fieldY)"
Here's what I've figured out:
everything after the FROM is useless as far as actual functionality is concerned, it runs the query but the results are not "linked" in any way to the actual UPDATE statement
To sum up :
The query I've figured out updates all records in table1, I need the query to update only the rows matched by the query after FROM
PS. Forgive me if this seems trivial and that I haven't done research but the fact of the matter is that 2 weeks ago I'd never even heard of SQL and have relied heavily on SO for direction and advice.
Your CROSS JOIN should be an INNER JOIN instead.
"UPDATE t1
SET fieldN ='" + DateTime.Now.DayOfYear + "'
FROM " + tempTableName + " t2 INNER JOIN Table1 t1 ON t1.fieldy = t2.fieldx"