1

I am getting invalid column index for following prepared statement.
Here is my code 

// Excluding some unnecessary code
counter = 1;
if (rsTableNames.next()) 
{
    // Creating Query for prepared statement
    String getCode = "select * from ( select c_name from " 
          + rsTableNames.getString(1)+ " where lower(c_name) like ?%'";
    while (rsTableNames.next()) 
    {
      getCode += " union select c_name from " + 
      rsTableNames.getString(1)+ " where lower(c_name) like ?%'";
      counter++;
    }
    getCode += " ) where rownum <= " + maxRecords;
        // Now  The getCode contains 3 place holders ie ?           
    pst = con.prepareStatement(getCode);
    String param = "'" + query.toLowerCase();

    for(int i=1;i<=counter;i++)
    {
        pst.setString(i,param);  // when i=3 exception is thrown
    }
}

I am getting the exception when i becomes 3 though the query contains 3 place holders.
EDIT (HINT): I think the problem is with the ' which is creating havoc. How can we escape it?

Improve this question
0

2 Answers 2

Reset to default
6

I don't know whether it's the cause of the problem, but I don't think parameters work quite the way you think they do when it comes to quoting. You're still adding quotes in your code after each parameter and as the start of your parameter. I suspect you just want:

rsTableNames.getString(1)+ " where lower(c_name) like ?";

in each place, then:

String param = query.toLowerCase() + "%";

It's possible that due to quote parsing, this will fix the issue - I think your middle parameter is being deemed to be part of a big literal.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Thanks for the suggestion. I tried it, it removed the error but it creates wrong query. I guess ' is required for like clause. I think I need to escape ' but dont know how.
@Ajinkya What do you mean by "wrong query"? Please give examples of what you're getting in terms of results vs what you expected to get.
@John: It creates query with .. where like query% (It removes ' from like clause which is required. ) so it gives zero result thoguh there are some records in database.I think clause should be somewhat like ..where like 'query%'.
@Ajinkya: Phew - I was running out of things I could think of. Glad it's all sorted!
Sorry I made you think out of the box :)
0

are you sure there are 3 ? in the sql? try print the entire preparedStatement in the for loop.

I suspect that the many loops you have here might not have worked like you expected, and in the end there were only 2 parameters in the preparedStatement.

What exception was thrown? From Java API: Throws: SQLException - if parameterIndex does not correspond to a parameter marker in the SQL statement; if a database access error occurs or this method is called on a closed PreparedStatement

also, if you share the con connection, and the con.preparedStatement instance, make sure you have close each properly

Improve this answer

1 Comment

Everything is in place. The problem is with the '.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.