SQL Prepared statement

Similar Messages

• SQL Prepared Statement with a string parameter including a colon

  Hello everybody,
  I'm recently experiencing a problem using Prepared SQL Statements if one of the parameter is a string containing a ":" (colon).
  I'm able to insert a date (as a string) record using the format "hh:mm" into a MySQL database table but when I execute the query I cannot retrieve the record.
  Does anyone know any problem with ":" character?
  Replacing ":" with "." solves the problem...
  Thanks a lot.
  Edited by: 798883 on 29/09/2010 17:25

  Huh?
  One of the points in using PreparedStatements is that they handle the formatting for you. You shouldn't be setting dates with String values at all. Create a java.sql.Date (or timestamp or time as the case may be) and use the appropriate setXXX method of PreparedStatement. If you have String values then you can use SimpleDateFormat to parse them into dates.

• Java SQL prepare statement bug?

  Hi,
  I got some problem...refer to the statement below the second parameter 'a b c', the value will be trim in the store procedure during runtime which become 'abc'.
  java.sql.CallableStatement call = conn.prepareCall("{call usp_test '','a b c',?}");

  Hi,
  I able to solve the problem by changing the driver to JTDS but another problem arise.
  Exception
  =======
  java.sql.SQLException: Output parameter not allowed as argument list prevents use of RPC.
  Snipet of the Code
  ==============
  java.sql.CallableStatement call = conn.prepareCall("{call usp_test '','a b c',?}");
  call.registerOutParameter(1, java.sql.Types.VARCHAR);
  call.setString(1, "My Client");
  ResultSet result = call.executeQuery();
  Thankx

• MS SQL Server Statement could not be prepared. (WIS 10901)

  Here is my situation. We are running Edge 3.0 using SQL Server 2005. I have a Webi report that I created with an existing Universe and the report is able to run fine. I didn't create the Universe, but I had to add new tables to the Universe.
  For some reason when I went to create a System DSN to connect to the Universe, it didn't save the System DSN, but I was able to save it as a User DSN using the same name as the System DSN created on the BOXI Server. I was able to add the new tables and objects.
  I then went to add the new objects to the existing web report and ran the query, I then received the error "A database error occured. The database error text is: [Microsoft][ODBC SQL Server Driver][SQL Server]Statement(s) could not be prepared.. (WIS 10901)". If I removed the new objects, I am able to run the Query fine.
  When I add the new objects, I can look at the SQL, copy it and run it in MS SQL Server. Once I try to run the query with the new objects, I get the previously stated database error. Then I try to generate the SQL and get the message that Webi can't generate the SQL even though I was able to see the SQL if I hadn't run it.
  I am not sure why I am getting this error, because the report is able to run before adding any new objects. Any suggestions would be helpful. Thanks

  The issue was that I needed to get permission on my computer to create a system DSN and not use a local DSN. My local policy was changed on my computer.
  But I am now writing a different report and getting the same error. Let me explain the situation.
  The report was created and running fine, but the database was created by someone and it only contained partial data. The database is created in a star schema. I had to add more dimension tables. The fact table already had all the columns for the new dimension tables but had a default value of -1. Once I added the missing dimension tables, I reran the DI job that re-populated the fact table with data from all dimension tables. When I go now and run the report if I only run a query with the old dimensions, then the report runs fine and returns data. If I add a object from the newly created dimension fields then I get the error 'A database error occured. The database text is: ... Statement(s) could not be prepared. (WIS 10901)'.
  I am not sure where the problem is. The report is using the same System DSN and the SQL created from the new dimensions works just fine in SQL Server Management Studio. We use Windows AD authentication and use an Windows users as our system account to access the database and it has read permissions.
  Any help would be great. Thanks

• Binding in Prepared Statement is not working with Microsoft SQL Server JDBC

  I ran the following program with sqljdbc4.jar in the class path. There is data in the EMPLOYEE table for the employee name DEMO but the following program is not retrieving data for DEMO. When the same program was run with Merlia.jar in the class path, it was retrieving data for DEMO.
  Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
  Connection con = DriverManager.getConnection("jdbc:sqlserver://SERVER23:5000;databaseName=TESTDB", "SYSADM", "SYSADM");
  String sqlSele = "SELECT * FROM EMPLOYEE WHERE EMPNAME like ?" ;
  PreparedStatement sts = con.prepareStatement(sqlSele);
  sts.setString(1, "DEMO" );
  ResultSet rs = sts.executeQuery();
  while(rs.next())
  System.out.println("driverConn.main()" + rs.toString());
  catch(Exception e)
  System.out.println(e);
  e.printStackTrace();
  Can someone help me out from this issue.

  This is the program that I used for testing the behaviour of prepared statement with sqljdbc4.jar. Also included the code for Merlia.jar.
  import java.sql.*;
  public class driverConn {
       public static void main(String [] a)
            try{
            Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
            //Class.forName("com.inet.tds.TdsDriver");
            Connection con = DriverManager.getConnection("jdbc:sqlserver://SERVER23:5000;databaseName=TESTDB", "SYSADM", "SYSADM");
            //Connection con = DriverManager.getConnection("jdbc:inetdae7a:SERVER23:5000?database=TESTDB", "SYSADM", "SYSADM");
            String sqlSele = "SELECT * FROM EMPLOYEE WHERE EMPNAME like ?" ;
            //String sqlSele = "SELECT * FROM EMPLOYEE WHERE EMPNAME like ‘%DEMO%’”;
            PreparedStatement sts = con.prepareStatement(sqlSele);
            sts.setString(1, "DEMO" );
            //sts.setString(1, "%DEMO%" );          
            java.sql.ResultSet rs = sts.executeQuery();          
            while(rs.next())
                 System.out.println("EMPNAME is " + rs.getString(“EMPNAME”) + “”);                    }
            catch(Exception e)
                 System.out.println(e);
                 e.printStackTrace();
  Following are the specifications:
  Version of the Driver:
  Microsoft JDBC Driver 4.0 for SQL Server CTP3
  Downloaded the driver using the link http://www.microsoft.com/download/en/details.aspx?id=11774
  Java Version:
  Java 1.7.0_02
  Database Version:
  Microsoft SQL Server 2008 (SP2) - 10.0.4000.0 (X64)

• Prepared statement - setDate(index, sql.Date, Cal) Help!

  Hi everyone, I'm creating a form to query an Oracle table. I'm setting up the search criteria which includes a start and end date. (in this example I've just used the start date)
  I get all the search parameters into my JSP and I created the following Calendar objects:
  // Calendar creation
  Calendar startCal = Calendar.getInstance();
  startCal.set(start_year, start_month, start_day, start_hour, start_minute);
  Calendar endCal = Calendar.getInstance();
  endCal.set(end_year, end_month, end_day, end_hour, end_minute);
  //define a sql.Date value for start and end date
  java.sql.Date startDate = null;
  java.sql.Date endDate = null;I then create a string that contains my SQL statement:
  String sqlStmt = "select dateValue, value3 from someTable where dateValue >= ? and value2 = ?";In my Prepared Statement I pass in the following information:
  ps = c.prepareStatement(sqlStmt);
  ps.setDate(1, startDate, startCal);
  ps.setString(2, searchValue);My question is the following - I define the hour and minute in my Cal object - will that information get passed into my "startDate" sql.Date object? According to the API it should work (at least that's my understading of it):
  http://java.sun.com/j2se/1.4.2/docs/api/java/sql/PreparedStatement.html#setDate(int,%20java.sql.Date,%20java.util.Calendar)
  My search does not blow up or report any errors but it never finds a match - even when I put in parameters that I know are a match.
  Any feedback is appreciated.

  I think I got it. my java.sql.Date can't be null.
  java.sql.Date startDate = null;
  java.sql.Date endDate = null;needs to be:
  java.util.Date startCalendarDate = startCal.getTime();
  java.util.Date endCalendarDate = endCal.getTime();
  java.sql.Date startDate = new java.sql.Date(startCalendarDate.getTime());
  java.sql.Date endDate = new java.sql.Date(endCalendarDate.getTime());

• ? in SQL Queries and not using prepared statements

  Using EclipseLink 1.1.1
  Prepared Statements are disabled
  In our production server something went wrong and one of our Read Queries started erroring. A DatabaseException was thrown and we log the "getQuery.getSQLString()" statement. We found this query in the logs:
  SELECT t1.ID, t1.NAME, t1.DESCRIPTION, t1.EXTREFID, t1.STYLESHEET, t1.DDSVNVERSION, t1.FIRSTNAME, t1.LASTNAME, t1.EMAILADDR, t1.PHONENUMBER, t1.ADDRESS, t1.ADDRESS2, t1.CITY, t1.STATE, t1.POSTALCODE, t1.COUNTRY, t1.ADMINACCTNAME, t1.HASDOCUMENTS, t1.HASTIMEDNOTIFICATIONS, t1.STATUS, t1.ENTRYDATE, t1.EVALEXPDATE, t1.LASTREMINDDATE, t1.FULLUSERS, t1.LIMUSERS, t1.REQUSERS, t1.ISENTERPRISE, t1.EXPDATE, t1.ISDISABLED, t1.DISABLEDDATE, t1.NEEDLICENSEAGREEMENT, t1.ISWARNINGDISABLED, t1.LOCALE, t1.TIMEZONE, t1.CURRENCY, t1.DOMAIN, t1.DOCUMENTSIZE, t1.EXTRADOCUMENTSTORAGE, t1.ONDEMANDOPTIONS, t1.SSOTYPE, t1.RESELLERID, t1.ACCOUNTREPID, t1.LASTUSAGEREPORTDATE, t1.NEXTUSAGEREPORTDATE, t1.USAGEREPORTATTEMPTS FROM T_SSOOPTIONS t0, T_CUSTOMERS t1 WHERE *((((t0.SSOENABLED = ?) AND (t1.SSOTYPE IN (?, ?))) AND (UPPER(t1.DOMAIN) = ?)) AND (t0.CUSTOMERID = t1.ID))*
  Notice the values weren't entered into the where clause. We had to bounce the application to fix the problem. I've never seen this before. I've added more debugging statements to the code - so if this happens again in the future I'll have more information to report on. In the mean time I'm wondering if anyone else has every seen a problem of this nature.

  Database error due to invalid SQL statement.
  I don't have a stack, we were catching the exception and not printing the stack :(
  Like I mentioned in my first post, I added more debugging code (e.printStackTrace()). I understand this is hard to track down without more information. I was just hoping you guys had seen something like this before and had any insight. Like I mentioned before: this is on our production server. I've never seen this type of error before. That particular server (we run in a cluster mode) had been up for several days and then started generating that error. IT bounced the node and everything went back to normal. We have been using toplink for about 5 years now and have never seen this problem, until August 3rd 2009. The only thing that has changed recently is our migration from toplink 10 to EclipseLink. I was wondering if anyone knows if anything had changed in EclipseLink/toplink 11 with the generation of SQL queries.
  I'll keep looking. There is more debugging code in there now. Since the error was "Database error due to invalid SQL statement" this implies the SQL was generated, exited that part of the code and was sent to the db where it failed. I'm afraid the printStackTrace won't help if this error happens again.

• Prepared Statement with SQL 'IN' Clause

  Hi,
  I am trying to write a JDBC SQL call to a database using a prepared statement, the call looks something like:
  select *
  from table
  where field in (?, ? ,?)
  this thing is that i don't know how many 'IN' parameters are needed until runtime (they come from a List), so is there an easy way of dealing with this, I haven't been able to find any information on this problem anywhere?

  >
  Hmmm...more expensive than say doing a query on on 2 billion rows with no index?
  More expensive than doing a cross server join?
  More expensive than doing a restore?
  I knew that someone would point this out. :)
  I just tried to exaggerate the importance of cursor sharing. This is one of the most important topic in DBMS world, but quite often ignored by JAVA world. I hope that you understand my good intention.
  >
  2. Insert data corresponding to bind variable to "T". Interesting idea. Please provide the algorithm for that. The only ones I can come up with
  1. Involved creating a "dynamic" SQL for the insert
  2. Doing multiple cross network inserts.
  The first of course is exactly what you said your solution prevented. The second will be more expensive than sending a single dynamically created select.Hopefully, this is not just an "interesting" idea, but very common technique in DBMS. Actually one of the common techniques. There are couple of ways to handle this kind(variable number of bind variables in "IN" clause) of problem.
  What i commented was that the simplest one. It's like this:
  (based on Oracle)
  SQL> create global temporary table bind_temp(value int);
  PreparedStatement stmt = con.prepareStatement("INSERT INTO bid_temp VALUES(?)");
  for(...) {
       stmt.setInt(1, aValue)
       stmt.addBatch();
  stmt.executeBatch();
  Statement stmt2 = con.executeQuery("SELECT * FROM target_table WHERE id IN (bind_temp)");
  ...Doesn't it look pretty? Pretty for both Java developers and DBAs.
  By virtue of the mechanism of batch processing, the total DBMS call is just twice and you need just 2 completely sharable SQL statements.
  (Hopefully you might understand that Oracle global temporary table is just session scope and we don't need them to be stored permanently)
  Above pattern is quite beneficial than these pattern of queries.
  SELECT * FROM target_table WHERE id IN (?)
  SELECT * FROM target_table WHERE id IN (?,?)
  SELECT * FROM target_table WHERE id IN (?,?,?)
  SELECT * FROM target_table WHERE id IN (?,?,?,?,.......,?)
  If you have large quantity of above patterns of queries, you should note that there are another bunch of better techniques. I noted just one of them.
  Hope this clairfies my point.

• Sql server 2000 stored procs vs. prepared statements performance

  Hi
  I have observed that using stored procedure in sql server 2000 is much much faster than using a prepared statements. I had worked with oracle before and did not notice this much difference. I would like to use prepared statements or regular sql (for dynamic sql creation) in my apps. Does anyone have any suggestions ?.
  thanks

  Hi
  FYI
  I figured out the slowness problem in using prepared statement (db - sql server 2000)was due to the Microsoft typ4 4 jdbc driver. When I used the jdbc driver from atinav, my prepared statements worked as fast as stored procs.

• SQL Server Unicode 'N' prefix & Prepared Statements

  Hi,
  I'm using jsp, Tomcat 4.1, MSDE (SQL Server 2000 Desktop Edition), SQL Server 2000 Driver for JDBC
  to develop a simple data entry form.
  I was trying to insert a unicode string from a jsp page (input) to an SQL Server ntext field.
  My jsp includes the the definitions given below:
  <%@ page language = "java" contentType="text/html; charset=utf-8" pageEncoding="cp1254" import = "java.util.*, java.sql.*, java.text.*, java.io.*,java.lang.*" %>
  <%request.setCharacterEncoding("utf-8");%>
  <HTML>
  <HEAD>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  I executed a samlpe query INSERT INTO MyTable VALUES (N'Some Unicode String like &#351;&#350;&#304;&#305;&#287;&#286; ')
  It worked well but if the unicode string includes any apostrophe, it fails.
  So I decided to use a prepared statement.
  My code sample is as follows.
  String driver="sun.jdbc.odbc.JdbcOdbcDriver";
  Sring CURL="jdbc:odbc:portDb"; //ODBC connection
  Connection con = DriverManager.getConnection( CURL, un, pw );
  con.setAutoCommit(false);
  String sq= "INSERT INTO MyTable VALUES ?);
  String udata="Some Unicode String like &#351;&#350;&#304;&#305;&#287;&#286; ";
  PreparedStatement pstmt=con.prepareStatement(sq, ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE);
  //Then I tried some different methods
  1) pstmt.setString(1, udata);
  //This inserts data as. "Some Unicode String like sSIigG"
  2) pstmt.setString(1, new String(udata.getBytes("utf-8"),"utf-8"));
  //This inserts data as. "Some Unicode String like sSIigG"
  byte[] bytes;
  InputStream is;
  bytes = udata.getBytes();
  is = new java.io.ByteArrayInputStream(bytes);
  3) pstmt.setUnicodeStream(1, is, bytes.length); //This inserts some strange characters
  4) pstmt.setAsciiStream(1, is, bytes.length); //This inserts some strange characters
  Reader dtxt;
  dtxt=new StringReader(udata.toString());
  5) pstmt.setCharacterStream(1, dtxt, udata.length()); //This inserts some strange characters
  pstmt.executeUpdate();
  con.commit();     
  con.close();
  Even I tried a callable statement using an sqlserver stored procedure.
  My code samples which is given above doesn't seem to insert the unicode string to the database truly.
  Is there a way to use the SQL Server National 'N' prefix in a prepared statement.
  or any suggestions to this problem.
  NOT: I can not insert especially these characters which is given below (codepage: cp1254)
  Alt+0222 Latin Capital Letter S with cedilla (&#350;)
  Alt+0254 Latin Small Letter s with cedilla (&#351;)
  Alt+0221 Latin Capital Letter I with a dot above (&#304;)
  Alt+0253 Latin Small Letter Dotless i (&#305;)
  Alt+0240 Latin Small Letter g with breve (&#287;)
  Alt+0208 Latin Capital Letter G with breve (&#286;)
  Thanks in Advance,

  I really don't know what might be happening. My suggestion (although I might get bashed for this) is to switch to another JDBC driver and see what happens.
  I'm one of the developers of the jTDS JDBC Driver. You could also try the JDBC-ODBC bridge (but as far as I know there is no way to specify Unicode/non-Unicode strings for the bridge) or a commercial driver.
  Alin.

• Ouput sql from prepared statement

  I'm using prepared statements and I want to output the sql that is being run in the statement to the console. For example:
  Class.forName("oracle.jdbc.driver.OracleDriver");
  conn = DriverManager.getConnection("jdbc:oracle:thin:@xx.xx.x.xx:xxxx:xxxx", "xxxx", "xxxx");
  stmt = conn.prepareStatement("update table set a = ? where b = ? and c = ?");
  stmt.setString(1, "a");
  stmt.setString(2, "b");
  stmt.setString(3, "c");
  System.out.println(?????????);So the statement would be something like: "update table set a = 'a' where b = 'b' and c = 'c'"
  How can I get the sql from the statement? I would have thought this would be easy but there doesn't seem to be any obvious method.

  I also came across the article about overpowering the PreparedStatement, neat stuff.
  But as I downloaded the classes and compiled them, I got some errors due to the fact that some methods from the PreparedStatement- and Statement-interfaces were not implemented by the DebuggableStatement-class.
  I suspect this has something to do with the JDK-version being used.
  I myself am using version 1.4.1_01-b01.
  Anyone came across this same problem?
  As I do want to compile under the version mentioned, I just insert the method(-stubs) myself. Or is this a bad idea?

• XML SQL format for Prepared statements in batch mode

  Hi
  I want to use the batch mode in JDBC adapter for inserting huge volume of records with better performance.
  so i need to execute the prepared statements in one batch.   Is the XML SQL format for prepared statements below correct ?to<root>
    <stmt>
      <Customers action="SQL_DML">
        <access> INSERT INTO Customers (CompanyName,Address,CustomerID) VALUES($NAME$,$ADDRESS$,$KEYFIELD$)
        </access>
        <key>
          <NAME>IBM</NAME>
          <ADDRESS>Street 3 </ADDRESS>
          <KEYFIELD>CO</KEYFIELD>
        </key>
        <key>
          <NAME>PWC</NAME>
          <ADDRESS>Street 4 </ADDRESS>
          <KEYFIELD>NO</KEYFIELD>
       </key>
      </Customers>
    </stmt>
  </root>
  Please advise

  Hello Experts
  Please throw some light on the above question.
  Thanks in advance.

• MS SQL Server 7 - Performance of Prepared Statements and Stored Procedures

  Hello All,
  Our team is currently tuning an application running on WL 5.1 SP 10 with a MS
  SQL Server 7 DB that it accesses via the WebLogic jConnect drivers. The application
  uses Prepared Statements for all types of database operations (selects, updates,
  inserts, etc.) and we have noticed that a great deal of the DB host's resources
  are consumed by the parsing of these statements. Our thought was to convert many
  of these Prepared Statements to Stored Procedures with the idea that the parsing
  overhead would be eliminated. In spite of all this, I have read that because
  of the way that the jConnect drivers are implemented for MS SQL Server, Prepared
  Statments are actually SLOWER than straight SQL because of the way that parameter
  values are converted. Does this also apply to Stored Procedures??? If anyone
  can give me an answer, it would be greatly appreciated.
  Thanks in advance!

  Joseph Weinstein <[email protected]> wrote:
  >
  >
  Matt wrote:
  Hello All,
  Our team is currently tuning an application running on WL 5.1 SP 10with a MS
  SQL Server 7 DB that it accesses via the WebLogic jConnect drivers.The application
  uses Prepared Statements for all types of database operations (selects,updates,
  inserts, etc.) and we have noticed that a great deal of the DB host'sresources
  are consumed by the parsing of these statements. Our thought was toconvert many
  of these Prepared Statements to Stored Procedures with the idea thatthe parsing
  overhead would be eliminated. In spite of all this, I have read thatbecause
  of the way that the jConnect drivers are implemented for MS SQL Server,Prepared
  Statments are actually SLOWER than straight SQL because of the waythat parameter
  values are converted. Does this also apply to Stored Procedures???If anyone
  can give me an answer, it would be greatly appreciated.
  Thanks in advance!Hi. Stored procedures may help, but you can also try MS's new free type-4
  driver,
  which does use DBMS optimizations to make PreparedStatements run faster.
  Joe
  Thanks Joe! I also wanted to know if setting the statement cache (assuming that
  this feature is available in WL 5.1 SP 10) will give a boost for both Prepared Statements
  and stored procs called via Callable Statements. Pretty much all of the Prepared
  Statements that we are replacing are executed from entity bean transactions.
  Thanks again

• Using a Prepared stat - Can a select SQL exist inside an Insert SQL

  Trying to insert values into the DB2UDB 7.1 database , using Prepared statement. I am getting a SQL exception as follows:
  SystemErr R java.sql.SQLException: Could not execute sql command - Original message: [IBM][CLI Driver][DB2] SQL0418N A statement contains a use of a parameter marker that is not valid. SQLSTATE=42610
  String reviewQuery = " INSERT INTO REVIEW (SUPLR_CD,STAT_CD,REVW_DATE,CREATE_UID) SELECT A.SUPLR_CD,?,CURRENT DATE,? FROM REV_CLAIMS A , SUPLR B
  WHERE A.SUPLR_CD = ? AND A.STAT_CD = ? and A.SUPLR_CD = B.SUPLR_CD
  sqlStmt =
  StatementFactory.getStatement(con,reviewQuery,BaseDAO.QUERY_DEBUG);
  sqlStmt.setString(1, statusCode);
  sqlStmt.setString(2, userId);
  sqlStmt.setString(3, supplierCode);
  sqlStmt.setString(4,reviewStatus);
  Can you please help me in solving this issue.
  Thanks,
  Ronhelp

  I guess that DB2 doesn't know your sql. You can try.
  String reviewQuery = " INSERT INTO REVIEW (SUPLR_CD,STAT_CD,REVW_DATE,CREATE_UID) SELECT A.SUPLR_CD,"+statusCode+",CURRENT DATE,"+userId+" FROM REV_CLAIMS A , SUPLR B
  WHERE A.SUPLR_CD = ? AND A.STAT_CD = ? and A.SUPLR_CD = B.SUPLR_CD
  sqlStmt =
  StatementFactory.getStatement(con,reviewQuery,BaseDAO.QUERY_DEBUG);
  sqlStmt.setString(1, supplierCode);
  sqlStmt.setString(2,reviewStatus);

• Executiong prepared statement with Like% in SQL Query?

  Hi,
  We are developing GUI project.In which we need to retrieve the contract details based on the Name which we enter in eVision page.Here we will not enter the whole name,we will enter only the part of the name,for example if the actual name is Sun Seebeyond,I will enter only Su.So if there are five records in data base which starts the name with Su.Then it should return the five names..
  For this I am using the prepared statement as
  select name,contractid from table1 where name Like '?%'.
  Here my runtime input value will set to this parameter ?.When I execute this qry in my project I am getting error as "Unable to set parameters on the Object: Invalid parameter index 1".
  If I replace the ? with Su in query itself ,then it works fine..
  Please let me know is there any effective way,using which I can solve..
  Thanks,
  Renga.S.

  Hi,
  This option I already tried and it work fine too.
  I am looking for an option ,where we can handle with in the Query,so we dont need to write any code appending % into the actual valus.
  Thanks,
  Renga.S.