Too few parameters. Expected 1. error

Question

[Microsoft][ODBC Microsoft Access Driver] Too few parameters. Expected 1.

This is the error I am getting when I execute this query:

s="select * from package where p_name like "+packageChange;

when I execute:

s="select * from package";

then it works fine.

But whats the problem with "p_name" column of table "package"...?

My code,

res=start.executeQuery("select * from package where p_name like "+packageChange);

the statement

System.out.println("ddddddd="+packageChange);

prints ddddddd=pkg5

it is the package name we want to change to... selected from drop down list (JComboBox) — user46329, Jun 09 '14 at 06:17
I meant what value is the variable getting? Can you attempt to print it out and share the result? — Mureinik, Jun 09 '14 at 06:19

score 1 · Accepted Answer · edited May 23 '17 at 12:13

Is this Java code? If so, use bind variables:

Connection conn = ...;
PreparedStatement st = conn.prepareStatement("select * from package where p_name like ?");
st.setString(1, packageChange);
res = st.executeQuery();

Otherwise, you are subject for SQL injection.

In your original code, enclose the parameter in apostrophes:

res=start.executeQuery("select * from package where p_name like '"+packageChange + "'");

But I encourage you not to do this: you should check for apostrophes and newlines (and maybe more) in the packageChange variable - sanitize it, such as here.

Too few parameters. Expected 1. error

1 Answers1