Looking at the following lines of code:
query = "DROP TABLE IF EXISTS my_table"
cur.execute(query)
conn.commit()
# print(table_name)
I'm running the query against multiple tables with various query and I want to return the name of the table and the action executed each time. Is there a way to get some kind of meta data from cur.execute or conn.commit on the action running?
In the example above I'd like to print the table name (my_table) and the action (DROP TABLE). however I want this to be dynamic. If I'm creating a table I want to the name of the table newly created and the action (CREATE TABLE).
Thanks.
Quick and Dirty
tables = ['table_1', 'table_2', 'table_3']
action = 'DROP TABLE'
for table in tables:
cur.execute(f'{str(action)} IF EXISTS {str(table)}')
print(f'ACTION: {action}')
print(f'TABLE: {table}')
conn.commit()
HOWEVER, please do not ever do something like this in anything other than a tiny app that will never leave your computer, and especially not with anything that will accept input from a user.
Bad things will happen.
Dynamically interfacing with databases using OOP is a solved problem, and its not worth reinventing the wheel. Have you considered using an ORM like SQLAlchemy?
Related
In a SQL notebook, I have created a bunch of view tables which involves merging/joining to ultimately create one combined/merged table. I don't want to keep all of these intermediate tables in the database, is there a way to assign a variable to these intermediate view tables (table 1,table2, etc.) I created? Given example with "Combined_table" as the final output:
CREATE or REPLACE VIEW database.table1 as select ... from...left join on...;
CREATE or REPLACE VIEW database.table2 as select ...from database.table1...left join on...;
CREATE or REPLACE VIEW database.table3 as select ...from database.table1...left join on...;
CREATE or REPLACE VIEW database.Combined_table as select table2.field1 table2.field2 table3.field1 from database.table4 left join table2 on... left join table3 on...
Hopefully you get the idea. Is there a more efficient way to do this/pass a variable to the intermediate tables?
You can use temporary views.
CREATE TEMPORARY view_name AS query
TEMPORARY views are session-scoped and is dropped when session ends
because it skips persisting the definition in the underlying
metastore, if any.
Like a normal view it is only a metadata object, ie. does not materialize data. So depending on the complexity of the queries it might not be the best solution. However in a lot of cases - like yours when every such interim view is only used once - it's enough and works just fine. Try it out to see.
I have got a web service which is looking for the last create table
[name_YYYYMMddHHmmss]
I have a persister job that creates and loads a table (insert or bulk)
Is there something that hides a table until it is fully loaded ?
First, I have created a technical table, it works but I will need one by keyspace (using cassandraAuth). I don’t like this.
I was thinking about tags, but it doesn’t seem to exist.
- create a table with tag and modify or remove it when the table is loaded.
There is also the table comment option.
Any ideas?
Table comment is a good option. We use it for some service information about the table, e.g. table versions tracking.
According to recommendation of CWE-89, my function below has been parameterized, but Veracode still reports that CWE-89 is available in that function.
As you can see that the function is used for generating dynamic SQL queries base on input parameters. And, there is only #PrimaryValue parameter came from user input while other dynamic variables behind SELECT, FROM, JOIN, ON and WHERE are queried from database (not from user input).
How do you think about this case? Can I propose a mitigation for this it or I have to modify the code more to solve the problem? Please advice for me.
Your code has SQL injection problem. For example user can pass to this method, param "intofile" like this:
* FROM Table1; DROP TABLE table2; intofile
With this code user convert your query to 3 queries and after run it table2 is drop.
First of all you have to run your query in a read only transaction. After that you have to use a SQL escape method over all inputs to delete key words like DROP from it.
I am trying to add an associated table to a query that is joined through another table. For example below, I would like to include facility (though I know it is not valid syntax).
Actual belongs to Encounter and Encounter belongs to Facility. (The Actual table has an encounter_id field, and the Encounters table has a facility_id field.)
Sudo Code:
respond_with(Actual.where(:encounter_id => params[:encounter_id]),
:include => [:encounter, :encounter.facility])
You can do something like:
respond_with(Actual.where(encounter_id: params[:encounter_id]).includes(encounter: :facility))
HI,
I have a SP which returning more than 100 fields with 1000+ row. I need to to save all in temp table and and rum my customize query to get the appropriate data.
I did many search but i am unable to find the right solutions for my project. I will appreciate if anyone can share his idea.
create table #SP_Result
(i need to create field dynamically according to the SP return result )
exec Ministry..civil_record
"2010-08-07","Autogen",20,NULL,NULL,NULL,NULL,NULL,NULL,NULL
I need dump the result from SP to #SP_Result.
Why don't you run the query itself, in your "customised query", rather than try to capture the result set of the stored proc ? That's the normal method.
All those Nulls look like a bastard of a de-normalised "table", where many rows will not apply to the task. It is much, much faster to deal with the database in a normalised, set-oriented manner.