1

Ok so this is my code

public static ArrayList getMaterialerFraOrdreNr(String s_date, String e_date) throws SQLException, InterruptedException {
    int tal = 0;

    ArrayList nameOfColumns = getNameOfColumns();                     // name of columns
    ArrayList orderNumber = getOrdre_Nr_FromDB(s_date, e_date);           // order number 

    //første loop kører gennem number of columns
    //anden loop kører gennem name of column
    ResultSet rs = null;
    Connection con = null;

    try {
        Class.forName(DB.driver);
        con = DriverManager.getConnection(DB.URL, DB.ID, DB.PW);

        for (int i = 1; i < orderNumber.size(); i++) {
            for (int j = 1; j < nameOfColumns.size(); j++) {

                String nameOfColum = (String) nameOfColumns.get(i);
                int orderNr = (Integer) orderNumber.get(j);
                System.out.println("orderNr  " + orderNr);
                //SELECT v1001 FROM ORDRE_spec WHERE  ordre_nr = 1;
                String query = "SELECT ? AS ans FROM ordre_spec WHERE ordre_nr = ?";
                PreparedStatement prest = con.prepareStatement(query);

                prest.setString(1, nameOfColum);
                prest.setInt(2, orderNr);
                System.out.println("orderNr  "  + orderNr);
                System.out.println("nameOfColum  =   " + nameOfColum);
                rs = prest.executeQuery();
                if(rs.next()){


                    tal = rs.getInt("ans");

                    MaterialeNum.add(tal);
                    System.out.println("materiale num =    " + MaterialeNum);

                }
            }

        }

    } catch (ClassNotFoundException | SQLException ee) {
        System.out.println("fail og der er så her");
        System.err.println(ee);
    } finally {

        con.close();
    }
    System.out.println(kundeNum.toString());
    return kundeNum;

}

public static void main(String[] args) throws SQLException, InterruptedException {

    NewClass.getMaterialerFraOrdreNr("1990-10-10", "2020-10-10");

}

And my problem is that I'm getting a java.sql.SQLException: Fail to convert to internal representation

I really cant see what the error should be.. plz help if you can see the error :)

HOervald
  • 25
  • 1
  • 7
  • 1
    Kindly add a printStackTrace statement in your catch block. Re-run your program, and tell us the exception. The exception might tell which line the exception is occuring – Arunkumar Nov 27 '13 at 13:48
  • That exception is typically thrown when the types in the database are incompatible with you `rs.getXXX()` `rs.setXXX()` types. Tell us the schema of your table. – leonbloy Nov 27 '13 at 13:50
  • This is the StackTrace java.sql.SQLException: Fail to convert to internal representation java.lang.Throwable: Printing stack trace: at com.sun.corba.se.impl.util.Utility.printStackTrace(Utility.java:933) at data.NewClass.getMaterialerFraOrdreNr(NewClass.java:192) at data.NewClass.main(NewClass.java:204) – HOervald Nov 27 '13 at 13:52
  • Do all the columns that you are selecting contain an integer? It seems likely to me that "tal = rs.getInt("ans")" won't be happy if "ans" contains a String. – DaveH Nov 27 '13 at 13:52
  • The first ? is name of a colum in table. The second is a order number.. what I need is just the int where theese two collides – HOervald Nov 27 '13 at 13:55
  • It only contains integers yes – HOervald Nov 27 '13 at 13:55

1 Answers1

5
String query = "SELECT ? AS ans FROM ordre_spec WHERE ordre_nr = ?";

You cannot parameterize column names. You can only parameterize column values.

Basically you need to do:

String query = "SELECT " + nameOfColum + " AS ans FROM ordre_spec WHERE ordre_nr = ?";

Keep in mind that this is prone to SQL injection if nameOfColum is controllable by enduser. If this is indeed the case, you may want to perform string matching on e.g. \w+ before continuing.

BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
  • +1 That's it. To be precise, you can parametrize literal values in general (not only column values), but you cannot build dynamic satements. – leonbloy Nov 27 '13 at 13:55
  • There shouldnt be anyway that a user can manipulate with the data..I'm just going to try this :) – HOervald Nov 27 '13 at 13:59
  • Now I'm just getting an Index out of bounds... :) – HOervald Nov 27 '13 at 14:02
  • In other words, the original problem has been solved and this question is answered. If you can't figure out the solution to the new problem by Googling or logically thinking, then just press "Ask Question" on right top :) – BalusC Nov 27 '13 at 14:09