1. 首页
  2. 问答
  3. java.sql.SQLException:[Microsoft] [ODBC Excel驱动程序]条件表达式中的数据类型不匹配

java.sql.SQLException:[Microsoft] [ODBC Excel驱动程序]条件表达式中的数据类型不匹配

2013-08-19 20 views
0

我有下面的jsp。java.sql.SQLException:[Microsoft] [ODBC Excel驱动程序]条件表达式中的数据类型不匹配

<%-- 
    Document : See_Free_Editors 
    Created on : Aug 16, 2013, 7:22:30 PM 
    Author  : u0138039 
--%> 

<%@page contentType="text/html" pageEncoding="UTF-8"%> 
<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title>JSP Page</title> <link rel="stylesheet" href="http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css"> 
     <script type="text/javascript" src="http://code.jquery.com/jquery-1.9.1.js"></script> 
     <script type="text/javascript" src="http://code.jquery.com/ui/1.10.3/jquery-ui.js"></script> 

     <script type="text/javascript"> 
      $(function() { 
       $(".datepicker").datepicker(); 
      }); 
      xmlHttp = new XMLHttpRequest(); 
      function getUsers() 
      { 
      xmlHttp.onreadystatechange= 
        function() 
      { 
       if(xmlHttp.readyState===4 && xmlHttp.status===200) 
        { 
         document.getElementById('b').innerHTML=xmlHttp.responseText; 
        } 
        else 
         { 
          document.getElementById('b').innerHTML="Waiting"; 
         } 
      }; 


      xmlHttp.open("post", "see_frm_DB.jsp", true); 
      xmlHttp.send(); 
} 
     </script> 
     <style> 
      .ui-widget { font-family: Lucida Grande, Lucida Sans, Arial, sans-serif; font-size: 0.6em; } 
     </style> 
    </head> 
    <body> 
     <div id="a"> 
      <table> 
       <tr> 
        <td><label>Date Request received 
         </label>&nbsp;</td> 
        <td><input type='text' class='datepicker' name='date1' id="date1"></td> 
        <td><label>Date Request received 
         </label>&nbsp;</td> 
        <td><input type='text' class='datepicker' name='date2' id="date2"></td> 
        <td><input type="button" id="button" name="button" value="submit" onclick="getUsers();"></td> 
       </tr> 
      </table> 
     </div> 
     <div id="b"> 
     </div> 
    </body> 
</html>

并且连接如下。

<%-- 
    Document : index 
    Created on : Aug 19, 2013, 8:07:29 PM 
    Author  : U0138039 
--%> 

<%@page contentType="text/html" pageEncoding="UTF-8"%> 
<%@include file="DBCon.jsp"%> 
<!DOCTYPE html> 
<html> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> 
     <title>JSP Page</title> 
    </head> 
    <body> 
     <% 
      try{ 
     String a=request.getParameter("date1"); 
     String b=request.getParameter("date2"); 
     out.println(a); 
     out.println(b); 
     stmt=conn.createStatement(); 
     sql="select * from [Sheet1$] where [Date Request received] between '"+a+"' and '"+b+"'"; 
     out.print(sql); 
     rs=stmt.executeQuery(sql); 
     ResultSetMetaData rsmd = rs.getMetaData(); 
int columnCount = rsmd.getColumnCount(); 
     int count = rsmd.getColumnCount(); 
     conn.commit(); 
      stmt.close(); 
      conn.close(); 
     %> 
<table border="1"> 
    <tr> 
     <% 
// The column count starts from 1 
for (int i = 1; i < columnCount + 1; i++) { 
    String name = rsmd.getColumnName(i); 
    // Do stuff with name%> 
    <td nowrap> <% 
    out.print(name);%></td> 
     <% 
}%> 
    </tr> 
<% 
while(rs.next()) 
{ 
%> 
<tr> 
    <% 



for (int i=1; i<count; i++) {%> 

     <td> 
      <%=rs.getString(i)%> <%}%> 

    <% 
} 
     } 
      catch(Exception e) 
      { 
       out.print(e); 
      } 
     %> 
      </td> 
</tr> 
</table> 
     %> 
    </body> 
</html>

当我试图运行这个程序时,我得到了下面的错误。实际上,这些值没有得到通过。

null null select * from [Sheet1$] where [Date Request received] between 'null' and 'null'java.sql.SQLException: [Microsoft][ODBC Excel Driver] Data type mismatch in criteria expression. %>

请让我知道如何解决此问题。

感谢

来源

2013-08-19 user2423959

回答

1

首先,表单JSP上,你是不是发送日期1 /在你的AJAX请求,这就是为什么用request.getParameter(......)均为空date2的参数。要修复,它,改变你的xmlHttp.send()到:

xmlHttp.send("date1=" + document.getElementById('date1').value + "&date2=" + document.getElementById('date2').value);

其次,连接JSP,你必须净化你的输入。您当前的代码不检查是否设置了所需的参数,并且还允许进行SQL注入攻击,因为您将请求参数直接插入到SQL查询中。尝试这样的事情:

String a=request.getParameter("date1"); 
String b=request.getParameter("date2"); 

if (a == null || b == null) { 
    // bail out here 
    out.print('data1 and date2 are required'); 
} else { 
    // use a prepared statement where we can safely insert the parameters 
    sql="select * from [Sheet1$] where [Date Request received] between ? and ?"; 
    stmt=conn.prepareStatement(sql); 
    stmt.setString(1, a); 
    stmt.setString(2, b); 
    rs=stmt.executeQuery(); 
}

来源

2013-08-19 15:50:38

+0

谢谢@Jonathan这工作,但你能告诉我,我怎么形成该网址PLZ。谢谢 – user2423959

+0

当然,传递给send()的字符串是一个标准的“查询字符串”。它是由&s加入的key = value对,例如。键1 =值&键2 =值&KEY3 =值3。查询字符串将被Java理解,因此您可以使用request.getParameter([param name])获取您的值。 –

+0

非常感谢你:) – user2423959

相关问题

 相关问题