Skip to Main Content
IBM Power Ideas Portal


This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Not under consideration
Workspace IBM i
Categories Db2 for i
Created by Guest
Created on Mar 26, 2024

A wrong comment

Today an operator made a mistake in putting the sign in an update SQL stmt, and instead of a hyphen he put two hyphens.
The result was catastrophic. Over 700,00 lines have been updated:

update TABLE set AMOUNT = ,01--,  TAX=123,4
where KEY = 1

instead of
update TABLE set AMOUNT = ,01-,  TAX=123,4
where KEY = 1

 

Both with Dynamic and STATIC SQL
The two dashes after the number ,01 are treated as the beginning of a comment, and therefore the SQL updates ALL rows.

Seeing is believing

Idea priority High
  • Guest
    Reply
    |
    Mar 29, 2024
    We understand that whoever entered the update statement with -- after the number inadvertently updated all the rows in the table. That was a painful mistake.

    In SQL, a negative number has a leading minus sign, so the value that was provided was not a negative number with an extra minus after the value. The only interpretation is a number followed by a -- comment.

    A best practice is to separate the constant values from the statement string to avoid this type of problem. For a static statement, use host variables. For a dynamic statement, use parameter markers. If you are using Access Client Solutions (ACS) to run your statement, you can use ? within the statement to be prompted for the values. These techniques separate the structure of the statement from the specific instance. Running an ad hoc update against production data is a critical operation. It should ideally be performed using a process that has been tested to minimize user errors.

    The last update to this Idea still doesn't propose a solution to what you perceive as a problem. An idea is intended as a request for an enhancement. What is your enhancement idea?

    Db2 for i development team
    IBM Power Systems Development
  • Guest
    Reply
    |
    Mar 28, 2024

    I'm sorry you didn't understand that the problem isn't the comment, but how the minus sign after a value is treated.

    If the SQL receives two dashes after a value, it treats it as a comment preventing the statement from being evaluated.

    This is very serious and I'm sorry you didn't understand the problem.

  • Guest
    Reply
    |
    Mar 27, 2024
    IBM does not intend to provide a solution to this Idea at this time, so it is being closed.

    We will not get rid of the ability to embed comments anywhere within an SQL statement. This support has been in place for several decades, is highly used, and cannot be removed without a huge impact to our user community. We believe embedding comments within SQL is an excellent coding practice to explain very complex SQL statements, and encourage extensive use of comments in all coding endeavors.

    If we misunderstood this Idea request, please submit a new one with an explanation of what you would like to see changed.

    Db2 for i development team
    IBM Power Systems Development