cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Haul <>
Subject Re: Query problems !
Date Wed, 04 Jul 2001 08:07:44 GMT
On 03.Jul.2001 -- 02:16 PM, Gustavo Mejia wrote:
> Hi !!
> I am making a query passing it from a JSP file, my code is very simple
> but I got an error:
> java.lang.RuntimeException: Error executed prepared
> statement:              ?
>  at
> My code is the next:
> <esql:query>
>    <esql:parameter type="string">
>      <request:get-parameter name="pQuery"/>
>    </esql:parameter>
> </esql:query>
> and I send the variable pQuery using the URL, something like:
> http://localhost/cocoon/m3/query_m3.xml?pQuery=select * from inmuebles
> I don't know what the error is, I think it is because the spaces in the
> query, I tried also putting my query directly, (no like a parameter) and
> it works fine.
> Could you help me ? how can I fix this error !!

Hi, I'm not 100% sure about this, but I believe JDBC's prepared
statements allow only replacement of one or more parameter, not of a
complete (sub) query, e.g. 
"select * from person where social_sec_id=? and salary<?"

By using <esql:parameter> a prepared statement is
created, but your intent is a dynamic query, so if you omit the
<esql:parameter> and use 

  <request:get-parameter name="pQuery"/>

you'll be fine. This way no prepared statement is generated.

Of course you'll need to escape illegal characters in your request
string. The browser does that automatically when submitting forms;
the request api does as well.


C h r i s t i a n       H a u l
    fingerprint: 99B0 1D9D 7919 644A 4837  7D73 FEF9 6856 335A 9E08

Please check that your question has not already been answered in the
FAQ before posting. <>

To unsubscribe, e-mail: <>
For additional commands, e-mail: <>

View raw message