• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

why is this code not executing in java environment

 
dan steve
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have this code to select some values from the database and its working fine in the database engine but throwing "parameter too few
one expected " what does this mean? this is the sql code.


this code is part of a method where I declared the string parameter(String lic_no) and the method name : public arrayList getTotalFine
(String lic_no) please help me its urgent.
 
Rob Spoor
Sheriff
Pie
Posts: 20514
54
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is no such thing as urgent; please EaseUp.
 
Matthew Brown
Bartender
Posts: 4567
8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How are you running that SQL from Java?
 
Ankit Tripathi
Ranch Hand
Posts: 199
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi dan,Welcome to ranch community....
Always remember...PatienceIsAVirtue...
There can be two reasons for the exception thrown by your code-

1.You are using any reserved keyword in your SQL query(As far I concerned,there is nothing like this),If there is any use double quotes arround that(" ").
2.You are using mis-spelled column names or less than expected column names in your query.

Check against both the possibilities.
 
Jesper de Jong
Java Cowboy
Saloon Keeper
Posts: 15219
36
Android IntelliJ IDE Java Scala Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't know how you are running that SQL statement exactly from your Java code, but note the following. It is a bad idea to concatenate an SQL statement together with values, like you're doing:

What happens if lic_no contains a characters that make your SQL statement invalid (for example, a single quote character)? This code is also vulnerable to a simple and common security problem, SQL injection. To prevent these problems, always use a PreparedStatement, like this:

The PreparedStatement will take care of proper escaping if lic_no contains text that make the SQL statement invalid, which also prevents the SQL injection vulnerability.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic