1

I am trying to run a query in java that uses a java.sql.Timestamp object as the date to compare with in the where clause.

Here is how the query string that is built in Java

 String getTransactionsSQL =  "Select transaction_seq " +
    "From transactions ct " +
    "Where id = 'ABCD'" + 
    "And ct.out_msg_timestamp" +
    "<= to_date('" + parseDate.getTimeStamp() +"','YYYY-MM-DD HH:MI:SS..')" +
    "order by transaction_seq";

The statement parseDate.getTimeStamp() returns a java.sql.TimeStamp object that contains a date. Here is an example output of System.out.println(parseDate.getTimeStamp());

2011-03-07 05:47:57.0

When i run the above query i get this error

 java.sql.SQLException: ORA-01843: not a valid month

Any clues?

Improve this question
3
  • What is the Oracle datatype of ct.out_msg_timestamp? Commented Mar 10, 2011 at 19:49
  • Related: stackoverflow.com/questions/3323618/… Commented Mar 10, 2011 at 19:56
  • Brilliant thanks. I have changed it to use PreparedStatement and SetTimeStamp. Commented Mar 10, 2011 at 20:04

1 Answer 1

Reset to default
7

Use PreparedStatement: http://download.oracle.com/javase/6/docs/api/java/sql/PreparedStatement.html

Never use string concatenation to pass arguements to SQL commands (security risk: SQL injection)!

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Here's the tutorial: download.oracle.com/javase/tutorial/jdbc/basics/prepared.html
I have to copy that! You should not use String concatenation in SQL like that
To be more precise, you should use preparedStatement.setTimeStamp(index, timeStamp);.
Thanks guys but is this not only a problem for web based applications? Is it also possible for daemon type applications?
@Ziggy: you should never use string literals for dates/timestamps. Always use a PreparedStatement, it's not only about SQL injenction but also about maintainability and robustness. When converting a date/timestamp to a string you are always influenced by locale settings (and maybe even different JDK versions)
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.