Forums Register Login

why is this code not executing in java environment

+Pie Number of slices to send: Send
I have this code to select some values from the database and its working fine in the database engine but throwing "parameter too few
one expected " what does this mean? this is the sql code.


this code is part of a method where I declared the string parameter(String lic_no) and the method name : public arrayList getTotalFine
(String lic_no) please help me its urgent.
+Pie Number of slices to send: Send
There is no such thing as urgent; please EaseUp.
+Pie Number of slices to send: Send
How are you running that SQL from Java?
+Pie Number of slices to send: Send
Hi dan,Welcome to ranch community....
Always remember...PatienceIsAVirtue...
There can be two reasons for the exception thrown by your code-

1.You are using any reserved keyword in your SQL query(As far I concerned,there is nothing like this),If there is any use double quotes arround that(" ").
2.You are using mis-spelled column names or less than expected column names in your query.

Check against both the possibilities.
+Pie Number of slices to send: Send
I don't know how you are running that SQL statement exactly from your Java code, but note the following. It is a bad idea to concatenate an SQL statement together with values, like you're doing:

What happens if lic_no contains a characters that make your SQL statement invalid (for example, a single quote character)? This code is also vulnerable to a simple and common security problem, SQL injection. To prevent these problems, always use a PreparedStatement, like this:

The PreparedStatement will take care of proper escaping if lic_no contains text that make the SQL statement invalid, which also prevents the SQL injection vulnerability.
Get out of my mind! Look! A tiny ad!
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com


reply
reply
This thread has been viewed 1038 times.
Similar Threads
Passing quotes as literal characters.
how do I implement this Dao from my webpages?
Convert to timestamp yyyy-MM-dd hh:mm:ss a
prepared statement with "in" predicate
MS SQL server bind variables
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 28, 2024 12:11:41.