homepage Welcome to WebmasterWorld Guest from 54.225.57.156
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Databases
Forum Library, Charter, Moderator: open

Databases Forum

    
using a variable name in a procedure
like "variable%"
Baruch Menachem




msg:4401377
 8:14 pm on Dec 25, 2011 (gmt 0)

I am working on a small library application. I have a bit of code in php that feeds a variable to an SQL routine. I want to move this bit of insecure PHP code to an SQL procedure.

right now the procedure looks like this:

Delimiter ~~~

create procedure findwriter (in thread varchar(25))
begin
select books.title as title,
concat(authors.efname,' ',authors.elname) as scribe
,books.book_id as id, Topics.topic as subject from books
inner join bookswritten using(book_id)
inner join authors using(writer_id)
inner join Topics using(Topic_id) where authors.elname like
"thread%" group by books.title order by authors.elname,
books.title;
end;

~~~
delimiter ;


when I feed in a name to the procedure, I get an error that it doesnt' recognize the string in my field list.

This incarnation worked well in PHP

Thanks

 

penders




msg:4401394
 11:20 pm on Dec 25, 2011 (gmt 0)

"thread%" group by books.title order by authors.elname,


Does MySQL support variable parsing? Maybe you need to use CONCAT() to append the "%"?

Baruch Menachem




msg:4401436
 4:42 am on Dec 26, 2011 (gmt 0)

It is parsing it, but it seems to be treating it like a table header

topr8




msg:4401452
 9:02 am on Dec 26, 2011 (gmt 0)

...

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Databases
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved