SQLException: Invalid parameter index 1 only with PreparedStatement - java

I have got a webapp(JSP/Servlet) with Tomcat8 + SQL Server2012
JDBC Driver Type 4: JTDS old version 1.2.5 (http://jtds.sourceforge.net/)
I change this kind of query, adding Prepared Statement (server pagining)
Sting DDXsql = "SELECT '?' *, ( DDX_RECORD_COUNT / '?' + 1 ) AS DDX_PAGE_COUNT
FROM
( SELECT '?' *
FROM ( SELECT '?' *,
(SELECT COUNT(*) " + "FROM "
+ session.getAttribute("DatabaseName") + ".G1_grid "
+ sqlFrom
+ sqlWhere + " "
+ " ) AS DDX_RECORD_COUNT "
+ "FROM " + session.getAttribute("DatabaseName") + ".G1_grid "
+ sqlFrom
+ sqlWhere + " "
+ " ORDER BY '?' '?' , '?' '?' ) AS TMP1 ORDER
BY '?' '?', '?' '?') AS r ORDER BY '?' '?', '?' '?'";
Parameters:
String top1 = DBManager.getTOP(request, "TOP " + Integer.valueOf((String)ResourceManager.findData("pageSize", request)));
Integer pagesizeInt = Integer.valueOf((String)ResourceManager.findData("pageSize", request));
String top2 = DBManager.getTOP(request, "TOP " + Integer.valueOf((String)ResourceManager.findData("ddxrecordcount", request)));
String top3= DBManager.getTOP(request, "TOP " + Integer.valueOf((String)ResourceManager.findData("toRange", request)));
String notSortStr = (String)ResourceManager.findData("notSort", request);
Object[] values = new Object[] {
top1,
pagesizeInt,
top2,
top3,
SortKey,
Sort,
TotalSortKey,
Sort,
SortKey,
notSortStr,
TotalSortKey ,
notSortStr,
SortKey,
Sort,
TotalSortKey,
Sort
};
Before, I didint use PreparedStatement I have this kind of query (replace "?" with the Object array values, without StringEscapeUtils):
String DDXsql = "SELECT " +
DBManager.getTOP(request, "TOP "
+ Integer.valueOf(StringEscapeUtils.escapeSql((String)ResourceManager.findData("pageSize", request)))) + " *,
( DDX_RECORD_COUNT / " + Integer.valueOf(StringEscapeUtils.escapeSql((String)ResourceManager.findData("pageSize", request))) + " + 1 ) AS DDX_PAGE_COUNT FROM
( SELECT "
+ DBManager.getTOP(request, "TOP "
+ Integer.valueOf(StringEscapeUtils.escapeSql((String)ResourceManager.findData("ddxrecordcount", request))))
+ " * FROM ( SELECT " + DBManager.getTOP(request, "TOP " + Integer.valueOf(StringEscapeUtils.escapeSql((String)ResourceManager.findData("toRange", request))))
+ " *, (SELECT COUNT(*) "
+ "FROM " + session.getAttribute("DatabaseName") + ".G1_grid " + sqlFrom + sqlWhere + " " + " ) AS DDX_RECORD_COUNT "
+ "FROM " + session.getAttribute("DatabaseName")
+ ".G1_grid " + sqlFrom + sqlWhere + " " + " ORDER BY "
+ StringEscapeUtils.escapeSql(SortKey) + " " + StringEscapeUtils.escapeSql(Sort) + ", "
+ StringEscapeUtils.escapeSql(TotalSortKey) + " "
+ StringEscapeUtils.escapeSql(Sort) + ") AS TMP1 ORDER BY "
+ StringEscapeUtils.escapeSql(SortKey) + " "
+ StringEscapeUtils.escapeSql((String)ResourceManager.findData("notSort", request))
+ ", " + StringEscapeUtils.escapeSql(TotalSortKey) + " "
+ StringEscapeUtils.escapeSql((String)ResourceManager.findData("notSort", request)) + " ) AS r ORDER BY "
+ StringEscapeUtils.escapeSql(SortKey) + " "
+ StringEscapeUtils.escapeSql(Sort) + ", "
+ StringEscapeUtils.escapeSql(TotalSortKey)
+ " " + StringEscapeUtils.escapeSql(Sort) + " ";
The last query runs without error, System.out of this query give this for example:
SELECT TOP 20 *, ( DDX_RECORD_COUNT / 20 + 1 ) AS DDX_PAGE_COUNT
FROM
( SELECT TOP 20 * FROM
( SELECT TOP 20 *,
(SELECT COUNT(*)
FROM SuiteMA_DIP.dbo.G1_grid
WHERE 1 = 1 ) AS DDX_RECORD_COUNT
FROM SuiteMA_DIP.dbo.G1_grid WHERE 1 = 0 ORDER BY DATA_ISCRIZIONE_ORDER DESC, SOGGETTO_RILEVANTE_PAID DESC) AS TMP1 ORDER BY DATA_ISCRIZIONE_ORDER ASC, SOGGETTO_RILEVANTE_PAID ASC ) AS r ORDER BY DATA_ISCRIZIONE_ORDER DESC, SOGGETTO_RILEVANTE_PAID DESC
But when i run sql with preparedStatement:
java.sql.SQLException: Invalid parameter index 1.
at net.sourceforge.jtds.jdbc.JtdsPreparedStatement.getParameter(JtdsPreparedStatement.java:340)
at net.sourceforge.jtds.jdbc.JtdsPreparedStatement.setParameter(JtdsPreparedStatement.java:409)
at net.sourceforge.jtds.jdbc.JtdsPreparedStatement.setObjectBase(JtdsPreparedStatement.java:395)
at net.sourceforge.jtds.jdbc.JtdsPreparedStatement.setObject(JtdsPreparedStatement.java:667)
at org.apache.tomcat.dbcp.dbcp2.DelegatingPreparedStatement.setObject(DelegatingPreparedStatement.java:188)
at org.apache.tomcat.dbcp.dbcp2.DelegatingPreparedStatement.setObject(DelegatingPreparedStatement.java:188)
at it.netbureau.jfx.db.SQLDBManager.execSQL(SQLDBManager.java:57)
at it.netbureau.jfx.db.SQLDBManager.execSQL(SQLDBManager.java:78)
at org.apache.jsp.G1.select_jsp._jspService(select_jsp.java:691)
The java method execute the query :
class jfx.db.SQLDBManager.execSQL:
public Object execSQL(PreparedStatement stmt, Object values[], String xmlId)
throws SQLException
{
Object result = null;
if(stmt == null)
return null;
try
{
for(int i = 0; i < values.length; i++)
if(values[i] == null)
stmt.setNull(i + 1, 4);
else
stmt.setObject(i + 1, values[i]); <--this give exception!
if(stmt.execute()) result = transform(stmt.getResultSet(), xmlId);
}
catch(SQLException ex)
{
rollback();
throw ex;
}
return result;
}
What's wrong?
Thank you very much
roby

Your query does not contain any parameters, a '?' is just a literal string with a question mark in it, it is not a parameter.
You also can't parameterize object names like column names and clauses (like a TOP 20), so even if you'd change it to - for example - order by ?, ... it wouldn't work, as you'd be sorting by the string value (which would be the same for all rows, so effectively you wouldn't be sorting at all).
To do what you want to do you will need to concatenate the column names (and other clauses) into the query string. This also means that you might open yourself up to SQL injection: be sure to check the values carefully (for example against a whitelist of allowed values).

Related

CASE expression in JPQL

In my SpringBoot project I have CrudRepository with next method:
public interface LoanRequestRepository extends CrudRepository<LoanRequest, UUID> {
#Query(
value = "select " +
"lr.id as id," +
"lr.state as state," +
"lr.iban as iban," +
"lr.amount as amount," +
"lr.rate as rate," +
"lr.term as term," +
"lr.best_offer as best_offer," +
"lr.contract_number as contract_number," +
"lr.created as created," +
"lr.company_id as company_id," +
"lr.closed as closed," +
"lr.loan_colvir_id as loan_colvir_id," +
"lr.contract_date as contract_date," +
"lr.first_payment_date as first_payment_date, " +
"lr.gesv as gesv, " +
"c.id as comp_id," +
"c.name as comp_name," +
"c.bin as comp_bin," +
"c.colvir_id as comp_colvir_id," +
"c.kod as comp_kod," +
"c.type as comp_type," +
"c.location_address as comp_location_address," +
"c.registration_address as comp_registration_address," +
"c.legal_address as comp_legal_address," +
"c.actual_address as comp_actual_address," +
"c.department_code as comp_department_code," +
"c.department_name as comp_department_name," +
"c.resident as comp_resident," +
"c.created as comp_created," +
"c.registration_date as comp_registration_date," +
"c.economic_sector as comp_economic_sector," +
"c.short_name as comp_short_name," +
"c.colvir_reference_id as comp_colvir_reference_id," +
"c.card_system_id as comp_card_system_id," +
"c.initial_registration as comp_initial_registration " +
"from loan_request lr " +
"left join company c on c.id = lr.company_id " +
"where 1=1 " +
"and case when :amount is not null " +
" then lr.amount = :amount " +
" else 1=1 end " +
"and case when cast(:dateFrom as date) is not null " +
" then lr.created >= cast(:dateFrom as date)" +
" else 1=1 end " +
"and case when cast(:dateTo as date) is not null " +
" then lr.created <= cast(:dateTo as date) " +
" else 1=1 end " +
"and case when :bin is not null " +
" then c.bin like concat('%', :bin, '%') " +
" else 1=1 end " +
"and case when :companyName is not null " +
" then lower(c.name) like lower(concat('%', :companyName, '%')) " +
" else 1=1 end " +
" group by lr.id, c.id " +
"order by " +
" CASE WHEN :isAscending = true THEN :orderBy END ASC, " +
" CASE WHEN :isAscending = false THEN :orderBy END DESC " +
"limit :size offset :page;")
Iterable<LoanRequestDto> findAllLoanRequestDtoByFilters(#Param("dateFrom") LocalDate dateFrom,
#Param("dateTo") LocalDate dateTo,
#Param("bin") String bin,
#Param("amount") BigDecimal amount,
#Param("companyName") String companyName,
#Param("page") Integer page,
#Param("size") Integer size,
#Param("orderBy") String orderBy,
#Param("isAscending") Boolean isAscending);
}
All query works well, but it ignores "order by" with case expression and list comes in inordered way. I am sending values as "lr.iban", "c.name" to orderBy parameter, and if translate it to sql, it works. But in JPQL it does not work.
So, where am I wrong? How can I solve it?
Also, if change last part with CASE expression to the next:
order by CASE WHEN :isAscending = true THEN c.name END ASC
It also works, well in JPQL. List comes in ordered way.

How to set multiple parameters

I was wondering how I could set multiple parameters to different values, so I can get 4 different results from the same query. Can you do a loop? If yes, then how would you do it, and can you use the same executeQuery?
mapinfo = c.prepareStatement(
" SELECT TOP 1 M.ID, M.Name, COUNT(DISTINCT C.Name) 'Cities' , "
+ " COUNT(DISTINCT R2.IDfrom + R2.IDto) Roads, (SELECT AVG(R.Distance) 'Average' FROM ROAD R WHERE R.MapID = ?) Average, "
+ " MAX(R.Distance) 'Max Distance', C2.Name 'Start city', C1.Name 'End city' "
+ " FROM MAP M "
+ " LEFT JOIN ROAD R ON R.MapID = R.MapID "
+ " LEFT JOIN CITY C ON C.MapID = R.MapID "
+ " JOIN CITY C1 ON R.IDfrom = C1.ID "
+ " JOIN CITY C2 ON R.IDto = C2.ID "
+ " INNER JOIN ROAD R2 ON M.ID = R2.MapID "
+ " WHERE M.ID = ? AND C.MapID = ? AND R.MapID = ? AND R2.IDfrom < R2.IDto "
+ " GROUP BY M.ID, M.Name, R.MapID, C.MapID, C1.Name, C2.Name "
+ " ORDER BY 'Max Distance' DESC "
);
// Execute MapInfo and loop through the result
mapinfo.setInt(1, 1);
mapinfo.setInt(2, 1);
mapinfo.setInt(3, 1);
mapinfo.setInt(4, 1);
mapinfo.setInt(1, 2);
mapinfo.setInt(2, 2); //I wanna get a different result with setting the parameters to a differnt value
mapinfo.setInt(3, 2);
mapinfo.setInt(4, 2);
mapresult = mapinfo.executeQuery();
while (mapresult.next()) {
// retrieve result
int mapid = mapresult.getInt(1);
String mapname = mapresult.getString(2);
int numOfCities = mapresult.getInt(3);
int numOfRoads = mapresult.getInt(4);
int maxDistance = mapresult.getInt(5);
int average = mapresult.getInt(6);
String start = mapresult.getString(7);
String end = mapresult.getString(8);
// write output
Terminal.put("---------------------------------------\n" + "Map: " + mapname + " (" + mapid + ")\n"
+ "Cities: " + numOfCities + "\n" + "Roads: " + numOfRoads + "\n" + "Average Road Length: "
+ average + " km" + "\n" + "The longest road runs: " + maxDistance + " km" + "\n" + "Start: "
+ start + "\n" + "End: " + end + "\n" + "---------------------------------------");
}
mapresult.close();
mapinfo.setInt(2, 1);
mapinfo.setInt(2, 2);
This just overwrites. You don't wanna do this.
I was wondering how I could set multiple parameters to different values so I can get 4 different results from the same query
First build the SQL query that gives you what you want, then translate it to java. In this case, that means completely redesigning the query.
Alternatively, run this one query, but run it 4 times in a row. Yes, you can re-use a preparedstatement:
for (int i = 0; i < 4; i++) {
mapinfo.setInt(1, i + 1);
mapinfo.setInt(2, i + 1);
mapinfo.setInt(3, i + 1);
mapinfo.setInt(4, i + 1);
try (ResultSet rs = mapinfo.executeQuery()) {
while (rs.next()) {
// process a result row
}
}
}

QuerySyntaxException: expecting OPEN, found 'DESC' near line 1

I want to implement this JPQL query using JPA:
String hql = "SELECT new org.plugin.service.PaymentTransactionsDeclineReasonsDTO(count(e.id) as count, e.status, e.error_class, e.error_message) " +
" FROM " + PaymentTransactions.class.getName() + " e " +
" WHERE e.terminal_id = :terminal_id AND (e.createdAt > :created_at) " +
" AND (e.status != 'approved') " +
" GROUP BY e.error_message " +
" ORDER BY count DESC";
But I get error: Caused by: org.hibernate.hql.internal.ast.QuerySyntaxException: expecting OPEN, found 'DESC' near line 1, column 334 [SELECT new org.plugin.service.PaymentTransactionsDeclineReasonsDTO(count(e.id) as count, e.status, e.error_class, e.error_message) FROM org.datalis.plugin.entity.PaymentTransactions e WHERE e.terminal_id = :terminal_id AND (e.createdAt > :created_at) AND (e.status != 'approved') GROUP BY e.error_message ORDER BY count DESC]
What is the proper way to order by count?
You cannot use the SQL keyword COUNT as an alias (not even in lower case). There is no way around it, you have to use alias names that are not SQL keywords (like SELECT, FROM, AS and so on).
I think you should use the following query, which will at least get rid of the error you posted:
String hql = "SELECT "
+ "new org.plugin.service.PaymentTransactionsDeclineReasonsDTO("
+ "count(e.id) as amount, " // <--- alias name changed here
+ "e.status, "
+ "e.error_class, "
+ "e.error_message) "
+ "FROM "
+ PaymentTransactions.class.getName() + " e "
+ "WHERE "
+ "e.terminal_id = :terminal_id "
+ "AND (e.createdAt > :created_at) "
+ "AND (e.status != 'approved') "
+ " GROUP BY e.error_message "
+ " ORDER BY amount DESC"; // <-- alias name used here

ORA-01830: date format picture ends before converting entire input string site:community.oracle.com

Could you please help what wrong with this query when calling from Java. When I run the same query in PL/SQL developer it runs perfectly but not when i call from java,.
CRE_DTTM is in DATE datatype
String query4="SELECT NVL(SUM(cur_amt),0) FIRST_PAY" +
" FROM ci_ft ft " +
"WHERE sa_id IN "+
" (SELECT sA_id FROM ci_Sa WHERE acct_id='"+acctid.getIdValue()+"' )" +
"AND TRUNC(crE_dttm)>= (SELECT MAX(crE_Dttm) FROM ci_bill" +
" WHERE accT_id='"+acctid.getIdValue()+"' AND crE_dttm<= (SELECT add_months(To_Date('2016-03-10','YYYY-MM-DD'), -1) FROM dual ) )" +
"AND fT_type_flg IN ('PS','PX')AND ft.cRE_dttm <= (" +
" CASE" +
" WHEN ( to_Date(" +
" (SELECT MAX(crE_Dttm)" +
" FROM ci_bill" +
" WHERE accT_id ='"+acctid.getIdValue()+"'" +
" AND crE_dttm < To_Date('2016-03-10','YYYY-MM-DD')" +
" ) , 'YYYY-MM-DD') = to_Date (" +
" (SELECT MAX(crE_Dttm)" +
" FROM ci_bill" +
" WHERE accT_id='"+acctid.getIdValue()+"'" +
" AND crE_dttm<=" +
" (SELECT add_months(To_Date('2016-03-10','YYYY-MM-DD'), -1) FROM dual" +
" ) ) ,'YYYY-MM-DD'))" +
" THEN To_Date('2016-03-10','YYYY-MM-DD')" +
" ELSE" +
" ( SELECT MAX(crE_Dttm)" +
" FROM ci_bill" +
" WHERE accT_id='"+acctid.getIdValue()+"'" +
" AND crE_dttm < To_Date('2016-03-10','YYYY-MM-DD')) " +
" END)";
com.splwg.base.api.sql.PreparedStatement ps4 = createPreparedStatement(query4);
logger.info(ps4);
ps4.execute();
if(!ps4.list().isEmpty())
{
first_pay=new BigDecimal(ps4.list().get(0).get("FIRST_PAY").toString());
logger.info("first_pay=="+first_pay);
}
}
The error is:
ORA-01830: date format picture ends before converting entire input string site:community.oracle.com
Please note the PreparedStatement is from com.splwg.base.api.sql.PreparedStatement
I think you are passing different date formats in your where clause. Please try matching the date format of crE_dttm with To_Date('2016-03-10','YYYY-MM-DD')
e.g. to_date(crE_dttm, 'YYYY-MM-DD') < To_Date('2016-03-10','YYYY-MM-DD')
Thanks
Sabiha

SQLite How To - Sum by Value in a JOIN

I have a sample sqlite database that currently has 7 entries which is queried via:
String selectQuery = "SELECT * FROM " + TABLE_TRANSACTIONS + " x " +
"JOIN (SELECT " + KEY_TYPE_ID + ", COUNT(*) count FROM " + TABLE_TRANSACTIONS + " GROUP BY " + KEY_TYPE_ID + " ORDER BY count DESC) y " +
"ON x.type_id = y.type_id " + //type_id vs. KEY_TYPE_ID as alias won't recognize KEY_TYPE_ID
"WHERE x.type_id = " + TagData.TYPE_EXPENSE;
The output is:
Type A = 2500
Type A = 2599
Type B = 45000
Type C = 299
Type C = 2699
Type C = 10000
Type C = 12000
which correctly groups my types by their respective values. However, the ideal output would be:
Type B = 45000
Type C = 24998
Type A = 5099
where each type is then ordered by the sum of each type. Is this possible? If so what else should I be doing in my query? I'm relatively new to SQL and haven't been able to figure this out yet. Thank you in advance for any insight.
EDIT
Based on your input #CL. I now have a more simplified query:
String selectQuery = "SELECT *, SUM(" + KEY_AMOUNT + ") AS amount_sum " +
"FROM " + TABLE_TRANSACTIONS + " " +
"GROUP BY " + KEY_LABEL_ID + " " +
"ORDER BY amount_sum DESC";
which works as expected when I use sqlfiddle at http://www.sqlfiddle.com/#!5/b3615/1 but not when I use the query in Android. In Android, only the most recent entry for each label type is returned. The SUM doesn't seem to actually do its job.
What am I missing here?
Moving the aggregation and ordering into a subquery does not make sense.
If you want to get the count of all expense transactions per type, just use a simple aggregation:
SELECT Type_ID,
COUNT(*) count
FROM TRANSACTIONS
WHERE TYPE_IF = 'TYPE_EXPENSE'
GROUP BY TYPE_ID
ORDER BY count DESC
This is an aggregation query. Fortunately, SQLite supports CTEs, so you can just do something like this:
with t as (
<your query here>
)
select type, sum(value) as sumv
from t
group by type
order by sumv desc;
Even without the with clause, you could just use your query as a subquery.
You would, of course, use the appropriate column names in the query.
#CL. Your response led me down the correct path, for those interested here is the resulting query that achieved what I was after:
String selectQuery = "SELECT " + KEY_LABEL_ID + ", " + " SUM(" + KEY_AMOUNT + ") as total, " + KEY_TYPE_ID + " " +
"FROM (" +
"SELECT " + KEY_LABEL_ID + ", " + KEY_AMOUNT + ", " + KEY_TYPE_ID + " " +
"FROM " + TABLE_TRANSACTIONS + " " +
") as trans_table " +
"WHERE " + KEY_TYPE_ID + " = " + TagData.TYPE_EXPENSE + " " +
"GROUP BY " + KEY_LABEL_ID + " " +
"ORDER BY total DESC";

Categories

Resources