BUG #1561: wrong detection of number of parameters in java.sql.PreparedStatement
The following bug has been logged online:
Bug reference: 1561
Logged by: Ingolf Knopf
Email address: iknopf@csc-dd.de
PostgreSQL version: 8.0.1
Operating system: JDBC
Description: wrong detection of number of parameters in
java.sql.PreparedStatement
Details:
"java.sql.PreparedStatement.executeUpdate()" throws "java.sql.SQLException",
if the prepared sql-string contains '?' within a C-like comment.
Example:
select relname
from pg_class
where /*relowner = ? and*/
relname = ?
In this case, the java.sql.PreparedStatement of PostgreSQL requires two
parameters, but I have only one.
Ingolf Knopf wrote:
"java.sql.PreparedStatement.executeUpdate()" throws "java.sql.SQLException",
if the prepared sql-string contains '?' within a C-like comment.Example:
select relname
from pg_class
where /*relowner = ? and*/
relname = ?In this case, the java.sql.PreparedStatement of PostgreSQL requires two
parameters, but I have only one.
The JDBC driver doesn't currently parse the statement in much detail. It
really only understands string literals, semicolon-separated statements,
and some JDBC-specified {...} escapes.
A workaround would be to "quote" the comment:
select relname from pg_class where /*" relowner = ? and "*/ relname = ?
which should work (although I have not tested it)
There's no real reason why the driver can't be modified to understand
C-style comments, someone just needs to find the time to do it..
(patches to pgsql-jdbc please ;-)
-O