Thread Subject: SQL query

Hi ALL,

I tried to execute a query like this:

curs = exec(Conn, ['select * from users where id = ''',id,''' and password = ''',password,'''']);

Password is VARCHAR and no problem with it. But id is INT.

What is the good format to overcome id problem.

Thanks in advance

"Bader " <hatel-811@hotmail.com> wrote in message <hds2eb$gqi$1@fred.mathworks.com>...
> Hi ALL,
>
> I tried to execute a query like this:
>
> curs = exec(Conn, ['select * from users where id = ''',id,''' and password = ''',password,'''']);
>
> Password is VARCHAR and no problem with it. But id is INT.
>
> What is the good format to overcome id problem.
>
> Thanks in advance

Not 100% sure I understand you but I think what you want to do is use the NUM2STR function on "id".

> Not 100% sure I understand you but I think what you want to do is use the NUM2STR function on "id".

id is already converted to num --> str2num

but when executing the query it retuen:

curs =
 
        Attributes: []
              Data: 0
    DatabaseObject: [1x1 database]
          RowLimit: 0
          SQLQuery: 'select * from users where id = and password = '123''
           Message: 'Invalid Cursor'
              Type: 'Database Cursor Object'
         ResultSet: 0
            Cursor: 0
         Statement: 0
             Fetch: 0

Please see SQLQuery, it return empty for id and the correct password for password.

"Bader " <hatel-811@hotmail.com> wrote in message <hds52m$1ph$1@fred.mathworks.com>...
> > Not 100% sure I understand you but I think what you want to do is use the NUM2STR function on "id".
>
> id is already converted to num --> str2num
>
> but when executing the query it retuen:
>
> curs =
>
> Attributes: []
> Data: 0
> DatabaseObject: [1x1 database]
> RowLimit: 0
> SQLQuery: 'select * from users where id = and password = '123''
> Message: 'Invalid Cursor'
> Type: 'Database Cursor Object'
> ResultSet: 0
> Cursor: 0
> Statement: 0
> Fetch: 0
>
> Please see SQLQuery, it return empty for id and the correct password for password.

Either I'm a bit confused, or you are. :-)

It seems like you used STR2NUM, but you need to use NUM2STR. "id" has to be in string format when you concatenate it with the rest of the string.

"the cyclist" <thecyclist@gmail.com> wrote in message <hds6bv$n3u$1@fred.mathworks.com>...

>
> Either I'm a bit confused, or you are. :-)
>
> It seems like you used STR2NUM, but you need to use NUM2STR. "id" has to be in > string format when you concatenate it with the rest of the string.

Really :) , me who is confused. Thnk u so much. But there is another issue created.

        id = num2str(get(h.txta, 'string'))
        password = get(h.txtb, 'string')
a = curs.Data ---> this is the result of sql query
        if strcmp(a(1), id) && strcmp(a(2), password)
            disp('OK it matches');
        else
            errordlg('Incorrect access, please try again!','Access Error');
        end

The problem is when comparing a(1) with id where a(1) is actually an INT in mysql's table.

"Bader " <hatel-811@hotmail.com> wrote in message <hds8hp$b8r$1@fred.mathworks.com>...
> "the cyclist" <thecyclist@gmail.com> wrote in message <hds6bv$n3u$1@fred.mathworks.com>...
>
> >
> > Either I'm a bit confused, or you are. :-)
> >
> > It seems like you used STR2NUM, but you need to use NUM2STR. "id" has to be in > string format when you concatenate it with the rest of the string.
>
> Really :) , me who is confused. Thnk u so much. But there is another issue created.
>
> id = num2str(get(h.txta, 'string'))
> password = get(h.txtb, 'string')
> a = curs.Data ---> this is the result of sql query
> if strcmp(a(1), id) && strcmp(a(2), password)
> disp('OK it matches');
> else
> errordlg('Incorrect access, please try again!','Access Error');
> end
>
> The problem is when comparing a(1) with id where a(1) is actually an INT in mysql's table.

Again, I am not 100% sure I understand the problem, but I'll try to help.

In order to be used in the query string, you needed a string version of "id". Maybe you could just have two different variables? "id" would be your integer, and "idString" could be the string, where

>> idString = num2str(id)

After you get the results of the query, it seems that your result is in a numeric format. You just need to make sure you are comparing string-to-string, or numeric-to-numeric.

I hope that helps.

"the cyclist" <thecyclist@gmail.com> wrote in message <hds9hn$fcd$1@fred.mathworks.com>...
> Again, I am not 100% sure I understand the problem, but I'll try to help.
>
> In order to be used in the query string, you needed a string version of "id". Maybe you could just have two different variables? "id" would be your integer, and "idString" could be the string, where
>
> >> idString = num2str(id)
>
> After you get the results of the query, it seems that your result is in a numeric format. You just need to make sure you are comparing string-to-string, or numeric-to-numeric.
>
> I hope that helps.

Thank u the cyclist,
it's ok now. One thing that made it run correctly, for benefit::
    a = curs.Data
        id
        password
        aString = num2str(a{1})
        if strcmp(aString, id) && strcmp(a(2), password)
 ---> Observe the brackets {}. However the () doesn't work it correctly.
Thanks again

"Bader " <hatel-811@hotmail.com> wrote in message <hdsbso$dgp$1@fred.mathworks.com>...
> "the cyclist" <thecyclist@gmail.com> wrote in message <hds9hn$fcd$1@fred.mathworks.com>...
> > Again, I am not 100% sure I understand the problem, but I'll try to help.
> >
> > In order to be used in the query string, you needed a string version of "id". Maybe you could just have two different variables? "id" would be your integer, and "idString" could be the string, where
> >
> > >> idString = num2str(id)
> >
> > After you get the results of the query, it seems that your result is in a numeric format. You just need to make sure you are comparing string-to-string, or numeric-to-numeric.
> >
> > I hope that helps.
>
> Thank u the cyclist,
> it's ok now. One thing that made it run correctly, for benefit::
> a = curs.Data
> id
> password
> aString = num2str(a{1})
> if strcmp(aString, id) && strcmp(a(2), password)
> ---> Observe the brackets {}. However the () doesn't work it correctly.
> Thanks again

What you are seeing is the difference between "cell indexing" and "content indexing". You might want to look that up in the documentation.