This is my query for creating store procedure:
CREATE PROCEDURE `GetAccountDetails`(IN `Accountnumber` VARCHAR(50), IN `casshieldId` VARCHAR(50), IN `transactionbefore` DOUBLE, IN `sourceofTransaction` vARCHAR(50))
LANGUAGE SQL
NOT DETERMINISTIC
CONTAINS SQL
SQL SECURITY DEFINER
COMMENT ''
BEGIN
SELECT * FROM account WHERE AccountNumber = Accountnumber AND casShieldId = casshieldId AND transactionBefore = transactionbefore AND sourceOfTransaction = sourceofTransaction;
END
When I call the store procedure:
call GetAccountDetails("Accountnumber","casshieldId ",transactionbefore,"sourceofTransaction");
It returns all records in that account table.
How can I fix this?
Recreate your procedure like this:
CREATE PROCEDURE `GetAccountDetails`(IN `Accountnumber1` VARCHAR(50), IN `casshieldId1` VARCHAR(50), IN `transactionbefore1` DOUBLE, IN `sourceofTransaction1` vARCHAR(50))
LANGUAGE SQL
NOT DETERMINISTIC
CONTAINS SQL
SQL SECURITY DEFINER
COMMENT ''
BEGIN
SELECT * FROM account WHERE AccountNumber = Accountnumber1 AND casShieldId = casshieldId1 AND transactionBefore = transactionbefore1 AND sourceOfTransaction = sourceofTransaction1;
END
The difference is only on the procedure variable name because you put the exact same name with the column name make it always stay true no matter what you pass. The DB will think you compare your column name with the same thing.
Posts
![IVRAMANA](https://draft.blogger.com/img/profile_blank_gray.jpg" title="IVRAMANA)
0 comments:
Post a Comment