How to retrieve a data between dates - java

I have 2 tables. A booking table and a room table. In the booking table I have the following columns: BookingID StartDate EndDate CustomerID RoomID
In the Room table I have the following columns: RoomID RoomSize
I am creating a booking system. I want to be able to query the database where I am able to get a list of rooms that are booked between 2 dates which are also based on size (small, medium or large) types.
E.g. if user clicks on small room and enters dates between 2010-02-02 to 2010-02-25 then 4 should appear as my database contains 4 small rooms that are booked between those dates.
This is what I have so far:
String sqlStatement = "select RoomID from Booking where RoomID in (select Room.RoomID from Room where Room.RoomSize is " + type + ") AND ((Booking.StartDate between "+ startD +" AND " + endD + ") OR (Booking.EndDate between "+ startD + " AND " + endD + "))";
This is the error I am getting:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Medium) AND ((Booking.StartDate between 2016-02-09 AND 2016-02-09) OR (Booking.E' at line 1
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:408)
I am new to SQL and having trouble doing this. Also, is my logic right?
startD and endD represents the dates that the user has entered and typeOfRoom represent the type of the room the user wants to book; e.g. eithier Small, Medium or Large

Do not use string concatenation to insert user-supplied values into SQL, especially for strings. It will leave you open to SQL Injection attacks, and SQL syntax issues. Use a PreparedStatement.
Also, replace is with =.
String sql = "select RoomID" +
" from Booking" +
" where RoomID in (" +
"select Room.RoomID" +
" from Room" +
" where Room.RoomSize = ?" +
")" +
" and ((Booking.StartDate between ? AND ?)" +
" or (Booking.EndDate between ? AND ?))";
try (PreparedStatement stmt = conn.prepareStatement(sql)) {
stmt.setString(1, type);
stmt.setDate (2, startD);
stmt.setDate (3, endD);
stmt.setDate (4, startD);
stmt.setDate (5, endD);
try (ResultSet rs = stmt.executeQuery()) {
while (rs.next()) {
// code here
}
}
}

The date handling look ok I think, but you need to quote the type string in the statement. And you should not use is, just use normal =
String sqlStatement = "select RoomID from Booking where RoomID in (select Room.RoomID from Room where Room.RoomSize = '" + type + "') AND ((Booking.StartDate between "+ startD +" AND " + endD + ") OR (Booking.EndDate between "+ startD + " AND " + endD + "))";

Can you try if this statement works? I have replaced the 'is' keyword with '=' operator and put all the variables between "".
String sqlStatement = "select RoomID from Booking where RoomID in (select Room.RoomID from Room where Room.RoomSize = \"" + type + "\") AND ((Booking.StartDate between \""+ startD +"\" AND \"" + endD + "\") OR (Booking.EndDate between \""+ startD + "\" AND \"" + endD + "\"))";

Related

ORA-00933 SQL command not properly ended but good in SQL Developer

I am hoping someone can find what is the issue with my query because I am unable to see fault in it and Oracle SQL Developer seems to run the same query as the code in my Java Swing Application just fine.
My query in SQL Developer:
SELECT
ad.ID,ad.Script_Name,ad.Current_Status,
ad.Issues_found_during_run,ad.Testers,
ad.Run_Date,ad.Tools,u.fTag,u.role,
dbms_lob.substr(u.avatar)
FROM
allData ad
INNER JOIN
users u
ON
u.fTag = ad.lastUserWhoUpdated
GROUP BY
ad.ID,ad.Script_Name,ad.Current_Status,
ad.Issues_found_during_run,ad.Testers,
ad.Run_Date,ad.Tools,u.fTag,u.role,
dbms_lob.substr(u.avatar)
ORDER BY
ad.ID ASC;
Which run perfectly and returns the needed records I would be expecting it to.
However, that same query in my Java Swing App does not seem to like it as it gives me the error of:
java.sql.SQLSyntaxErrorException: ORA-00933: SQL command not properly ended.
My Java Swing App code:
connectToDB();
String query =
"SELECT " +
"ad.ID," +
"ad.Script_Name," +
"ad.Current_Status," +
"ad.Issues_found_during_run," +
"ad.Testers," +
"ad.Run_Date," +
"ad.Tools," +
"u.fTag," +
"u.role," +
"dbms_lob.substr(u.avatar) " +
"FROM " +
"allData ad " +
"INNER JOIN " +
"users u " +
"ON " +
"u.fTag = ad.lastUserWhoUpdated " +
"GROUP BY " +
"ad.ID," +
"ad.Script_Name," +
"ad.Current_Status," +
"ad.Issues_found_during_run," +
"ad.Testers," +
"ad.Run_Date," +
"ad.Tools," +
"u.fTag," +
"u.role," +
"dbms_lob.substr(u.avatar) " +
"ORDER BY " +
"ad.ID;";
ResultSet rs = statement.executeQuery(query);
ResultSetMetaData metaData = rs.getMetaData();
etc..etc..
My structure for those 2 tables is:
SCRIPT_NAME VARCHAR2(100 BYTE)
CURRENT_STATUS VARCHAR2(50 BYTE)
ISSUES_FOUND_DURING_RUN VARCHAR2(150 BYTE)
TESTERS VARCHAR2(30 BYTE)
RUN_DATE DATE
TOOLS VARCHAR2(20 BYTE)
T_SUITE NUMBER(38,0)
NOE2 VARCHAR2(5 BYTE)
NOE3 VARCHAR2(5 BYTE)
ID NUMBER(38,0)
LASTUSERWHOUPDATED NUMBER
DATELASTMOD DATE
FTAG NUMBER(38,0)
ROLE VARCHAR2(15 BYTE)
AVATAR CLOB
So, what could I be missing?
Remove semicolon after the ad.ID like below. You don't need it
"ORDER BY " +
"ad.ID";

"ORA-01858: a non-numeric character was found where a numeric was expected" when writing a query in a java class

I have a web application where 3 inputs are taken from the user and after clicking search button results are displayed. The three inputs are; id (not unique), startdate and enddate. I want to be able to get the results in these situations: If the user enters
only id
only start date (enrolldate in db table)
only end date (graduationdate in db table)
id and start date
when all the fields entered together
In my StudentManager.java class I have a SQL string like below;
final String SQL_STU = " select "
+ " t.name,"
+ " t.surname, "
+ " t.lecture,"
+ " from studenttable t "
+ " where t.school = 'CHC' "
+ " and t.id = case when '" + studentInfo.getID() + "'" +" is null then t.id else '" + studentInfo.getID() + "' end "
+ " and t.enrolldate >= case when '" + studentInfo.getStartDate() + "' is null then t.enrolldate else to_date('"
+ studentInfo.getStartDate() + "', 'DD.MM.YYYY HH24:MI:SS') end "
+ " and t.graduationdate >= case when '" + studentInfo.getEndDate() + "' is null then t.graduationdate else to_date('"
+ studentInfo.getEndDate() + "', 'DD.MM.YYYY HH24:MI:SS') end " ;
I will execute this query and get the results into a result set.
I have a couple of problems with this code; for example when I comment out this part:
+ " and t.enrolldate >= case when '" + studentInfo.getStartDate() + "' is null then t.enrolldate else to_date('"
+ studentInfo.getStartDate() + "', 'DD.MM.YYYY HH24:MI:SS') end "
+ " and t.graduationdate >= case when '" + studentInfo.getEndDate() + "' is null then t.graduationdate else to_date('"
+ studentInfo.getEndDate() + "', 'DD.MM.YYYY HH24:MI:SS') end " ;
It works without errors but when I give all the inputs null (id, date1, date2) it displays nothing. Shouldn't it display all the results since there is no specific id? (User will not be able to submit 3 empty fields but I am curious why it does not work like the way I mentioned? )
The other thing is when I execute the whole code (with to_date parts) it gives the error in the title. But it does not give any error when I execute like this:
final String SQL_STU = " select "
+ " t.name,"
+ " t.surname, "
+ " t.lecture,"
+ " from studenttable t "
+ " where t.school = 'CHC' "
+ " and t.enrolldate >= case when '" + studentInfo.getStartDate() + "' is null then t.enrolldate else to_date('"
+ studentInfo.getStartDate() + "', 'DD.MM.YYYY HH24:MI:SS') end " ;
So in summary I couldn't write the query the way I wanted. I am not that experienced with queries. If you know any better way you can also suggest it since I have come to a dead end. I also tried something with NVL but I could not make it work also.
Notes:
ID, StartDate,EndDate are type string in my StudentInfo.java class
id is type varchar and dates are type date in database table.(PL/SQL)
The best answer to your question is to use a prepared statement:
String sql = "SELECT t.name, t.surname, t.lecture ";
sql += "FROM studenttable t ";
sql += "WHERE t.school = 'CHC' AND "
sql += "t.id = COALESCE(?, t.id) AND ";
sql += "t.entrolldate >= COALESCE(?, t.enrolldate) AND ";
sql += "t.graduationdate >= COALESCE(?, t.graduationdate)";
PreparedStatement ps = conn.prepareStatement(sql);
ps.setInt(1, studentInfo.getID());
ps.setDate(2, studentInfo.getStartDate());
ps.setDate(3, studentInfo.getEndDate());
ResultSet rs = ps.executeQuery();
while (rs.next()) {
// process a row
}
The reason why using a statement is preferred is that it frees you from having to manually marshal your Java date (and other type) variables into your Oracle SQL statement. Instead, the above code lets the JDBC driver worry about how to convert a Java date variable to the correct format in the actual SQL code. Also, statements allow you to write a SQL query with minimal concatenations, which reduces the chances for error and typos.
Note that you might have to call a setter other than PreparedStatement#setDate depending on the what getStartDate() and getEndDate() methods actually return in your Java code.

misuse of aggregate function SUM()

I want to insert the SUM of Somme_versee (column in table Versement) in the column Versement_total.
This is a part of my code:
statement.executeUpdate("INSERT INTO Versement ( Nom , Prenom, Date , Somme_versee,Prix_du_logement, Nom_du_projet) VALUES('" + nom.getText() +"','" +prenom.getText() +"','" +date.getText() + "'," + verse.getText() + ", " + "(SELECT Prix_du_logement FROM Client WHERE Nom='"+ nom.getText() +"' AND Prenom='"+ prenom.getText() + "')," + " (SELECT Nom_du_projet FROM Client WHERE Nom='" + nom.getText()+ "' AND Prenom='" +prenom.getText() + "'))");
statement.executeUpdate("UPDATE Versement SET Versement_total= SUM(Somme_versee) " );
When executing I get this error: misuse of aggregate function SUM()
You should never do this in the same table. And it will get worse when the table gets more records. But what you seem to want is:
UPDATE Versement SET Versement_total = (SELECT SUM(Somme_versee) FROM Versement)

Unable to insert record in MySql using JAVA

I am new to Java and MYSql in fact using this combination first time and facing real trouble. I want to insert few records in a table but unable to do so. Following are the fields and datatype in the table named tbl_cdr in MySql.
**Field** **Type**
DATEANDTIME datetime NULL
VALUE1 int(50) NULL
VALUE2 varchar(50) NULL
VALUE3 varchar(50) NULL
VALUE4 varchar(50) NULL
VALUE5 varchar(50) NULL
The record I want to insert contains following values
2014-05-19 02:37:18, 405, MGW190514023718eab4, 923016313475, IN, ALERTSC
I am using following query and statements to Insert record in table
sqlQuery = "INSERT INTO tbl_cdr (DATEANDTIME,VALUE1,VALUE2,VALUE3,VALUE4,VALUE5)" + "VALUES ("+ forDateAndTime.format(date) + ", " + columnsList.get(1) + ", " + columnsList.get(2) + ", " + columnsList.get(3) + ", " + columnsList.get(4) + ", " + columnsList.get(5) + ")";
try
{
Statement qryStatement = conn.createStatement();
qryStatement.executeUpdate(sqlQuery);
qryStatement.close();
} catch (SQLException ex)
{
Logger.getLogger(CdrProject.class.getName()).log(Level.SEVERE, null, ex);
}
But when I reach the statement qryStatement.executeUpdate(sqlQuery); exception is thrown as:
MySQLSyntaxErrorException: You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server version for the
right syntax to use near '02:37:18, 405, MGW190514023718eab4,
923016313475, IN, ALERTSC)' at line 1
value2 ,value3 ,value4 and value 5 are varchars so it should be written within ''.
Do like this
sqlQuery = "INSERT INTO tbl_cdr (DATEANDTIME,VALUE1,VALUE2,VALUE3,VALUE4,VALUE5)" + "VALUES ("+ forDateAndTime.format(date) + ", " + columnsList.get(1) + ", '" + columnsList.get(2) + "',' " + columnsList.get(3) + "',' " + columnsList.get(4) + "',' " + columnsList.get(5) + "')";
You're inserting the date incorrectly. MySQL allows you to insert a string literal or a number.
You're trying to use 02:37:18 as a number, when really you should be using it as a string literal: '02:37:18'
Here is the MySql Reference describing this.
You're also not treating your varchars as strings either, they should be enclosed with quotes.

My ResultSet will only print first row

I have a ResultSet that I know contains 8 rows of data because I checked it with a direct query of the DB. My code will only display the first row.
If anyone can give me some help I would greatly appreciate it. The first row is what should I expect it to be, I just don't know how to get it to move on to print subsequent rows.
term= Integer.parseInt(args[1]);
// Select a list of the surveys that fall under the term
query= "Select cid,subject,course_number,instructor_id from Courses where term=" + Integer.parseInt(args[1]);
result = statement.executeQuery(query);
String query2="";
while(result.next())
{
// Pull in the data
cid = result.getInt("cid");
subject = result.getString("subject");
courseNumber= result.getInt("course_number");
instructorId= result.getInt("instructor_id");enter code here
// Get the instructors last name
query2= "Select last_name from Instructors where fid=" + instructorId;
subResult= statement.executeQuery(query2);
while(subResult.next())
{
instructorLName= subResult.getString(1);
}
// Get the averages and num submitted
query2= "Select num_submitted, sum_q1, sum_q2, sum_q3, sum_q4, survey_id from surveys where cid=" + cid;
subResult= statement.executeQuery(query2);
while(subResult.next())
{
numSub= subResult.getInt(1);
sumQ1= subResult.getInt(2);
sumQ2= subResult.getInt(3);
sumQ3= subResult.getInt(4);
sumQ4= subResult.getInt(5);
surveyId= subResult.getInt(6);
}
// Print everything necessary
System.out.println( surveyId + " " + term + " " + subject + " " + courseNumber +
" " + instructorLName + " " + sumQ1/numSub + " " + sumQ2/numSub + " " + sumQ3/numSub
+ " " + sumQ4/numSub);
}
}
Not sure, but the problem might be that you are using same Statement object to execute different queries. Create separate statement instances for query and query2 and try.

Categories

Resources