stackoom
  简体   繁体   中英

Keep getting ORA-0096 missing expression for oracle db in c# application

 原文  2016-01-20 12:43:29       c#/ oracle

Question

Question In my select variable I cant get it to work correctly each time I run it get

ORA-0096 missing expression

I'm thinking it has something to do with the quotes. What I want to do do is search all of my records where the date is between my start_dp(datetimepicker) and my end_dp(datetimepicker) Any help would be greatly appreciated. 

 string cr; 
 cr = "SELECT * FROM con_dates WHERE DATE BETWEEN " + start_dp.Value.Date + " and " + end_dp.Value.Date + "";

I tried this expression with params but still the same exact error for oracle Date is a datetime data type and the value.date of both pickers should just be the date so I am not sure what is going on here... 

OracleCommand cmd = new OracleCommand("SELECT * FROM con_dates WHERE ""date"" between :start and :end", dvconn);

cmd.Parameters.Add(new OracleParameter("start", start_dp.Value.Date));
cmd.Parameters.Add(new OracleParameter("end", end_dp.Value.date));

3 answers

solution1
 2  2016-01-20 12:50:46

I think since DATE is a reserved keyword in Oracle, it does not sees your DATE as a column name but sees it as a function as DATE(expr) . That's why it expects an expression after it.

You can escape it with using " as "DATE" but as a better way, change it to non -reserved word.

But more important, you should always use parameterized queries . This kind of string concatenations are open for SQL Injection attacks.

solution2
 0  2016-01-20 12:59:28

尝试将别名添加到表名(例如con_dates c),然后使用c.DATE。

solution3
 0 ACCPTED  2016-01-20 15:42:44

Here is an example of how you would use the parameters on your example: 

OracleCommand cmd = new OracleCommand(
    "SELECT * FROM con_dates WHERE \"date\" between :start and :end", dvconn);
cmd.Parameters.Add(new OracleParameter("start", OracleDbType.Date));
cmd.Parameters.Add(new OracleParameter("end", OracleDbType.Date));

cmd.Parameters[0].Value = start_dp.Value;
cmd.Parameters[1].Value = end_dp.Value;

OracleDataReader reader = cmd.ExecuteReader();

while (reader.Read())
{

}

reader.Close();

Some notes:

  • It looks like you were escaping your quotes VBA style... to escape them in C# use the \\ backslash
  • I am assuming start_dp and end_dp are date time edits or something where the Value property is an actual DateTime . If not, then these need to be converted to actual date times. ODP handles the dirty work, but the datatypes are important when you pass them to the parameters.
  • If you can avoid it, I would seriously not name columns after datatypes, keywords, reserved words, etc...

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using Oracle DB in a C# WinForms application Oracle.DataAccess.Client.OracleException: ORA-00936: missing expression ORA-01036: illegal variable name/number error while updating Oracle DB in C# Getting DB error: data type mismatch in criteria expression c# Oracle data access error: ORA-00936: missing expression Getting a syntax error (missing operator) in query expression in C# Getting values from Oracle DB table into listbox in c# /wpf C# connection to oracle DB ORA-00936: missing expression while executing in C#. ASP.NET C# Missing Expression Error during Oracle insert
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM