Skip site navigation (1) Skip section navigation (2)

PreparedStatement parameters question

From: "Dr(dot) Evil" <drevil(at)sidereal(dot)kz>
To: pgsql-jdbc(at)postgresql(dot)org
Subject: PreparedStatement parameters question
Date: 2001-10-20 22:34:05
Message-ID: 20011020223405.1875.qmail@sidereal.kz (view raw or flat)
Thread:
Lists: pgsql-jdbc
I have a table like this:

CREATE TABLE foo { number INT, name VARCHAR(100), email VARCHAR(100));

and I am trying to do this with a prepared statement:

PreparedStatement st = db.prepareStatement("UPDATE foo SET ? = '?' " +
		  "WHERE number = ?");

Whenever I use this I get a "Parameter index out of range" error.

I am assuming that what this means is that I can't use a ? as a column
name, but it can only be used as a parameter.  Am I correct in this?

The main reason I want to use PreparedStatement in this case is for
safety.  Should I basically do it like this:

PreparedStatement st = db.prepareStatement("UPDATE foo SET " + colname
		  + "= '?' WHERE number = ?");

Is that the only way to do this?

Thanks

Responses

pgsql-jdbc by date

Next:From: Dr. EvilDate: 2001-10-20 23:14:22
Subject: Does PG's JDBC support prepared statements at all?
Previous:From: Dave CramerDate: 2001-10-20 22:24:39
Subject: Re: [PATCHES] Ant configuration

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group