random1 Posted May 30, 2010 Share Posted May 30, 2010 I have created the stored procedure: CREATE PROCEDURE `procedure_search`(IN `pTableName` VARCHAR(50), IN `pFieldName` VARCHAR(50), IN `pSearchTerm` VARCHAR(50), IN `pOrderTerm` VARCHAR(50)) LANGUAGE SQL NOT DETERMINISTIC CONTAINS SQL SQL SECURITY DEFINER COMMENT 'A procedure to search tables.' BEGIN /* Searches a table or tables for a search term */ SELECT * FROM pTableName WHERE pFieldName LIKE pSearchTerm ORDER BY pOrderTerm; END I'm trying to create a generic, useful MySQL search function. How can I fix it to stop complaining about 'pTableName' when run and also fix it so that the like statement has '%' correctly for syntax for the LIKE statement? CALL `procedure_search`('user', 'user_username', 'dean', 'user_username'); I get the error message: /* SQL Error (1146): Table 'database_core.ptablename' doesn't exist */ Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/ Share on other sites More sharing options...
fenway Posted May 30, 2010 Share Posted May 30, 2010 Why are you using backticks? Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/#findComment-1065384 Share on other sites More sharing options...
Mchl Posted May 30, 2010 Share Posted May 30, 2010 You can't get table name from procedure parameter in current MySQL versions. There's an ugly way around this however. You need to create a prepared statement inside your procedure: DELIMITER $$ DROP PROCEDURE IF EXISTS `p_take` $$ CREATE DEFINER=`root`@`localhost` PROCEDURE `p_take`(IN tableName VARCHAR(100)) BEGIN SET @stmt = CONCAT('SELECT * FROM ',tableName,' WHERE 1'); PREPARE stmt FROM @stmt; EXECUTE stmt; END $$ DELIMITER ; Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/#findComment-1065403 Share on other sites More sharing options...
random1 Posted May 31, 2010 Author Share Posted May 31, 2010 I'm using backticks because I've read they are best practice: -- Using "backticks" on database and column names avoids any issues where the entity name is a reserved word -- For example I can have a table called 'user' but I surround it in `` it avoids any conflict with the reserved word 'user'. @Mchl : That's a pretty big work around :S ... I'll have a look at it and see if I can apply it to my code. Thanks for the help Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/#findComment-1065496 Share on other sites More sharing options...
Mchl Posted May 31, 2010 Share Posted May 31, 2010 -- Using "backticks" on database and column names avoids any issues where the entity name is a reserved word -- Best practice is to avoid using reserved words as entity names. Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/#findComment-1065557 Share on other sites More sharing options...
random1 Posted June 2, 2010 Author Share Posted June 2, 2010 Thanks Mchl that worked. Not a bad workaround at all I found out. All the Best, - Dean Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/#findComment-1066569 Share on other sites More sharing options...
Mchl Posted June 2, 2010 Share Posted June 2, 2010 Yeah. Actually I didn;t think of that before, and I find much better than any proposed before. Quote Link to comment https://forums.phpfreaks.com/topic/203338-paramaters-and-mysql-store-procedures/#findComment-1066576 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.