Clever Geek Handbook

SQLGrammarException: Failed to execute query

I am using Struts2 and Hibernate and am getting below error when I was looking for data with a string test

, but it works for me when I was looking for with a numeric 111

. I am getting this value from the bean class and a specific string type property in the bean class.

Below I provide the code:

public String retrieveRecords() 
{    
    String empId = p.getEmpId();
    String paramValue = "";
    if(empId !=null)
        if(!(empId.isEmpty()))
        paramValue =" where b.empId="+empId;

    String empName = p.getEmployeeName();
    if(empName !=null && empName != "")
    {
        if(!(empName.isEmpty())){
        if(paramValue == "")
         paramValue =" where b.employeeName="+empName;
        else
         paramValue =paramValue + " and b.employeeName="+empName;
        }
    }
    System.out.println("=========paramvalues===="+paramValue);
    recList = (List<RequestBean>) session.createQuery("from RequestBean b"+paramValue).list();
    request.setAttribute("rec", recList);
    System.out.println("got size"+recList);
    return SUCCESS;
}

Bean Class:

public class RequestBean {

    private Long id;
    private String empId;
    private String employeeName;
    private String employeeType;
    private String personnalNumber;
    private String contactNumber;
    private String companyName;
    private String address;
    private String remarks;
    private String empStatus = "E";
    private Date joiningDate = null;
    private Date created;

    /************* Getters ************************/

    public Long getId() {
        return id;
    }

    public String getEmpId() {
        return empId;
    }

    public String getEmployeeName() {
        return employeeName;
    }

    public String getEmployeeType() {
        return employeeType;
    }

    public String getPersonnalNumber() {
        return personnalNumber;
    }

    public String getContactNumber() {
        return contactNumber;
    }

    public String getCompanyName() {
        return companyName;
    }

    public String getAddress() {
        return address;
    }

    public String getRemarks() {
        return remarks;
    }

    public Date getJoiningDate() {
        return joiningDate;
    }

    public String getEmpStatus() {
        return empStatus;
    }

    public Date getCreated() {
        return created;
    }

   /******************* Setters ***************************/

    public void setId(Long id) {
        this.id = id;
    }
    public void setEmpId(String empId) {
        this.empId = empId;
    }
    public void setEmployeeName(String employeeName) {
        this.employeeName = employeeName;
    }
    public void setEmployeeType(String employeeType) {
        this.employeeType = employeeType;
    }
    public void setPersonnalNumber(String personnalNumber) {
        this.personnalNumber = personnalNumber;
    }
    public void setContactNumber(String contactNumber) {
        this.contactNumber = contactNumber;
    }
    public void setCompanyName(String companyName) {
        this.companyName = companyName;
    }
    public void setAddress(String address) {
        this.address = address;
    }
    public void setRemarks(String remarks) {
        this.remarks = remarks;
    }
    public void setJoiningDate(Date joiningDate) {
        this.joiningDate = joiningDate;
    }
    public void setEmpStatus(String empStatus) {
        this.empStatus = empStatus;
    }
    public void setCreated(Date created) {
        this.created = created;
    }

}

Mapping:

<hibernate-mapping>
<class name="com.ims.bean.RequestBean" table="EMPDETAILS">

<id name="id" column="id">
   <generator class="increment"/>
</id>

<!-- <property name="id"     column="id" /> -->
<property name="empId"  column="empId"/>
<property name="employeeName"  column="empName"/>
<property name="employeeType"  column="empType"/>
<property name="personnalNumber"  column="personnalNum"/>
<property name="contactNumber"  column="contactNo"/>
<property name="companyName"  column="empCompanyName"/>
<property name="address"  column="address"/>
<property name="remarks"  column="remarks"/>
<property name="joiningDate"  column="joiningDate"/>
<property name="empStatus"  column="empStatus"/>
<property name="created"  column="created"/>

</class>
</hibernate-mapping>

Mistake:

org.hibernate.exception.SQLGrammarException: could not execute query
    org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:90)
    org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:66)
    org.hibernate.loader.Loader.doList(Loader.java:2231)
    org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2125)
    org.hibernate.loader.Loader.list(Loader.java:2120)
    org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:401)
    org.hibernate.hql.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:361)
    org.hibernate.engine.query.HQLQueryPlan.performList(HQLQueryPlan.java:196)
    org.hibernate.impl.SessionImpl.list(SessionImpl.java:1148)
    org.hibernate.impl.QueryImpl.list(QueryImpl.java:102)
    com.ims.DAO.RequestControllerDAO.retrieveRecords(RequestControllerDAO.java:60)
    sun.reflect.GeneratedMethodAccessor76.invoke(Unknown Source)
    sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    java.lang.reflect.Method.invoke(Unknown Source)
    ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:891)
    ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1293)
    ognl.ObjectMethodAccessor.callMethod(ObjectMethodAccessor.java:68)
    com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethodWithDebugInfo(XWorkMethodAccessor.java:117)
    com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethod(XWorkMethodAccessor.java:108)
    ognl.OgnlRuntime.callMethod(OgnlRuntime.java:1369)
    ognl.ASTMethod.getValueBody(ASTMethod.java:90)
    ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212)
    ognl.SimpleNode.getValue(SimpleNode.java:258)
    ognl.Ognl.getValue(Ognl.java:494)
    ognl.Ognl.getValue(Ognl.java:458)
+3


source to share


2 answers


Discarded SQLGrammarException

because the SQL query generated by Hibernate has incorrect SQL syntax. The way you built the query is wrong, you shouldn't concatenate values ​​(especially string values) as a result of the query, because such code is vulnerable to a possible SQL injection attack. Instead, you can use parameters in the query string



String empId = p.getEmpId();
String paramValue = "";
if (empId !=null && !empId.isEmpty())
    paramValue = " where b.empId=:empId";
String empName = p.getEmployeeName();
if (empName !=null && !empName.isEmpty()) {
    if (paramValue == "")
     paramValue =" where b.employeeName=:empName";
    else
     paramValue =paramValue + " and b.employeeName=:empName"; 
}       
System.out.println("=========paramvalues===="+paramValue);
Query query = session.createQuery("from RequestBean b"+paramValue);
//now set parameter values
if(empId !=null && !empId.isEmpty())
  query.setParameter("empId", empId);
if(empName !=null && !empName.isEmpty())
  query.setParameter("empName", empName);
recList = (List<RequestBean>) query.list();
+3


source


The converted hql to sql query generates:

    "where employeeName=Name"

while it should generate:

    "where employeeName='Name'".


So your hql shoul:

    "where b.employeeName= ' " +empName+ " ' ";

Note: you don't need to do this for integer values, only applies to String variables.

+1


source






More articles:


All Articles