1

I have one table called test, which has 4 columns:

id     INT
v_out  INT
v_in   INT
label  CHARACTER

I'm trying to update the table with the following query:

String sql = "
update
    test
set
    v_out = temp.outV
    , v_in = temp.inV
    , label = temp.label
from (
        values
            (1,234,235,'[abc]') // these value are read from other places
            ,(2,234,5585,'[def]') //[abc] = object.toString();
    ) as temp (e_id, outV, inV, label)
where
    id = temp.e_id;

When I execute it, I got the error: org.postgresql.util.PSQLException: ERROR: syntax error at or near "["

before get this error, i already update over 3000 rows.

so whats the reason caused this? is it because "[" this character? this is the original table:

create table edges(
 id serial not null primary key,
 vertex_out int, 
 vertex_in int, 
 label character varying(255),
 constraint fk_vertex_out foreign key (vertex_out) references vertices(id) on delete cascade,
 constraint fk_vertex_in foreign key (vertex_in) references vertices(id) on delete cascade
);
Improve this question
8
  • This looks good: sqlfiddle.com/#!15/d7f14/2 there must be something you are not telling us.
    – user330315
    Commented Jul 31, 2014 at 14:56
  • I doubt that label is of type CHARACTER. (This would be a single character, same as char(1).) Please provide your actual table definition - what you get with \t tbl in psql.
    – Erwin Brandstetter
    Commented Jul 31, 2014 at 14:56
  • CREATE TABLE edges ( id SERIAL NOT NULL PRIMARY KEY, vertex_out INT, vertex_in INT, label CHARACTER VARYING (255), CONSTRAINT fk_vertex_out FOREIGN KEY (vertex_out) REFERENCES vertices (id) ON DELETE CASCADE , CONSTRAINT fk_vertex_in FOREIGN KEY (vertex_in) REFERENCES vertices (id) ON DELETE CASCADE );
    – user3895614
    Commented Jul 31, 2014 at 15:04
  • (1) Are those // "comments" really in your SQL? (2) Are you using string interpolation to build your SQL?
    – mu is too short
    Commented Jul 31, 2014 at 15:19
  • No, I just added them there to let people understand. when i update, these comments are removed.
    – user3895614
    Commented Jul 31, 2014 at 15:25

1 Answer 1

Reset to default
0

The most likely problem here is string interpolation in SQL query (it is a very bad practice).

Look at this example:

  values
      (1,234,235,'[abc]''),
      (2,234,5585,'[def]')

The ' symbol in the name of the first object breaches the string boundaries causing ERROR: syntax error at or near "[": on the second line.

You can search for SQL Injection in the internet to get details about this problem.

Improve this answer
5
  • i didnot have 2 ' ' in the first object.
    – user3895614
    Commented Jul 31, 2014 at 16:02
  • could u explain a bit more about it. becuase when obj.toString() = abc, it could update table with 'abc' value. when obj.toString() = [abc], i cant update with this '[abc]'
    – user3895614
    Commented Jul 31, 2014 at 16:04
  • @user3895614 Can you get a raw query, that is send to Postgres? After the query is built in your application. Or just show the application code.
    – Ihor Romanchenko
    Commented Jul 31, 2014 at 16:04
  • btw, i think it might because of ";", my data is '[QIOException;]', maybe not caused by "[" but ";" ???? before i update, object [QIOException] is converted to string, so it shouldnot cause the problem
    – user3895614
    Commented Jul 31, 2014 at 16:13
  • @user3895614 You are getting syntax error at or near "[". This means that the symbol [ is outside the string (outside a pair if '). This can happen in 2 cases: 1) You forgot to add ' 2) Something "broke" your string. The string can be brocken by ' or some other symbols, but not by [ or ;
    – Ihor Romanchenko
    Commented Jul 31, 2014 at 17:08

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.