Thread: BUG #1561: wrong detection of number of parameters in java.sql.PreparedStatement

The following bug has been logged online:

Bug reference:      1561
Logged by:          Ingolf Knopf
Email address:      iknopf@csc-dd.de
PostgreSQL version: 8.0.1
Operating system:   JDBC
Description:        wrong detection of number of parameters in
java.sql.PreparedStatement
Details:

"java.sql.PreparedStatement.executeUpdate()" throws "java.sql.SQLException",
if the prepared sql-string contains '?' within a C-like comment.

Example:
  select relname
  from pg_class
  where /*relowner = ? and*/
    relname = ?

In this case, the java.sql.PreparedStatement of PostgreSQL requires two
parameters, but I have only one.

Re: BUG #1561: wrong detection of number of parameters in

From
Oliver Jowett
Date:
Ingolf Knopf wrote:

> "java.sql.PreparedStatement.executeUpdate()" throws "java.sql.SQLException",
> if the prepared sql-string contains '?' within a C-like comment.
>
> Example:
>   select relname
>   from pg_class
>   where /*relowner = ? and*/
>     relname = ?
>
> In this case, the java.sql.PreparedStatement of PostgreSQL requires two
> parameters, but I have only one.

The JDBC driver doesn't currently parse the statement in much detail. It
really only understands string literals, semicolon-separated statements,
and some JDBC-specified {...} escapes.

A workaround would be to "quote" the comment:

 select relname from pg_class where /*" relowner = ? and "*/ relname = ?

which should work (although I have not tested it)

There's no real reason why the driver can't be modified to understand
C-style comments, someone just needs to find the time to do it..
(patches to pgsql-jdbc please ;-)

-O