Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1582
  • Last Modified:

Prepared Statement Bind Variables within SQL Single Quotes Problem

I am using the java.sql.PreparedStatement for the following query and have problems binding variables within the single quotes.

SELECT DISTINCT id, name FROM user WHERE office_id = ?
AND upper(id) like upper('%?%')
AND upper(name) like upper('?%')
ORDER BY upper(?)

If I use the bind variables within the single quotes then it says
"java.sql.SQLException: ORA-01006: bind variable does not exist". Maybe it is not treating the ? within the single quotes as a bind variable.

If I don't use the single quotes then it says
"java.sql.SQLException: ORA-00911: invalid character" as it requires the single quotes for upper statements.

Any idea how to resolve this?
Thanks.
0
innumonenu
Asked:
innumonenu
1 Solution
 
girionisCommented:
Can you try escaping the ' by using another ' (I think this is the escape char on Oracle).
0
 
TimYatesCommented:
SELECT DISTINCT id, name FROM user WHERE office_id = ?
AND upper(id) like upper( ? )
AND upper(name) like upper( ? )
ORDER BY upper( ? )

And set 3 and 4 like:

  setString( 3, "%" + var3 + "%" ) ;
  setString( 4, var4 + "%" ) ;

Should do it...(I think)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now