Column position '0' is out of range. The number of columns for this ResultSet is '3'

StackOverflow https://stackoverflow.com/questions/8196355

Question

In a previous piece of code I received the exact same error I listed in the title.

I had a username validator in my code but forgot to include the following code:

password =ESAPI.validator().getValidInput("Login password", password, "Password", 20, false);

After adding that I resolved the issue.

Now in my next java page I have run into the same problem and reviewed the code and have not been able to find what I am missing, if I am in fact missing something.

I had this same error with another piece of code I was working on and was able to resolve it as I had forgot to include another line of code.

For this piece of code however I have gone over it several times and cannot figure what is wrong with it.

Here is the code:

    package com.tunestore.action;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import org.apache.struts.action.DynaActionForm;
import org.apache.struts.util.MessageResources;
import org.owasp.esapi.ESAPI;

import com.tunestore.util.IWithDataSource;

public class RegisterAction extends Action implements IWithDataSource {
  private DataSource dataSource;

  public void setDataSource(DataSource dataSource) {
    this.dataSource = dataSource;
  }

  public ActionForward execute(ActionMapping mapping, ActionForm form,
      HttpServletRequest request, HttpServletResponse response)
      throws Exception {
    DynaActionForm daf = (DynaActionForm)form;
    ActionMessages errors = new ActionMessages();
    ActionForward forward = mapping.getInputForward();
    MessageResources resources = getResources(request);


    //ESAPI START
    if (!ESAPI.validator().isValidInput("Register username", daf.getString("username"), "SafeString", 20, false)) {
    //ESAPI END


      errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("errors.required", resources.getMessage("prompt.username")));
    }


    //ESAPI START
    if (!ESAPI.validator().isValidInput("Register password", daf.getString("password"), "password", 20, false)) {
    //ESAPI END


      errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("errors.required", resources.getMessage("prompt.password")));
    }


    //ESAPI START
    if (!ESAPI.validator().isValidInput("Register confirm password", daf.getString("rptpass"), "password", 20, false)) {
    //ESAPI END 


      errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("errors.required", resources.getMessage("prompt.rpt")));
    }
    if ((null != daf.getString("password")) && (null != daf.getString("rptpass"))) {
      if (! daf.getString("password").equals(daf.getString("rptpass"))) {
        errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("error.rptpass.nomatch"));
      }
    }

    Connection conn = null;
    try {
      conn = dataSource.getConnection();
      Statement stmt = conn.createStatement();
      ResultSet rs = stmt.executeQuery("SELECT COUNT(*) USERCNT "
          + "FROM TUNEUSER "
          + "WHERE USERNAME = '"
          + daf.getString("username")
          + "'");
      rs.next();
      if (rs.getInt("USERCNT") > 0) {
        errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("error.user.exists"));
      } else if (errors.isEmpty()) {



          //ESAPI START
          String sql = "INSERT INTO TUNEUSER (USERNAME,PASSWORD,BALANCE) VALUES (?, ?, ?)";
          PreparedStatement pStmt = conn.prepareStatement(sql);
          pStmt.setString(0, daf.getString("username"));
          pStmt.setString(1, daf.getString("password"));
          pStmt.setDouble(2, 0.00);
          pStmt.executeUpdate();
          //ESAPI END



        ActionMessages msgs = getMessages(request);
        msgs.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("user.added"));
        forward = mapping.findForward("success");
      }
    } catch (Exception e) {
      e.printStackTrace();
      throw e;
    } finally {
      if (conn != null) {
        try { conn.close(); } catch (Exception e) {}
      }
    }

    request.setAttribute("ERRORS.REGISTER", errors);
    return forward;
  }
}

The code is for a registration form. When someone tries to register though the following error is given in return.

    java.sql.SQLException: The column position '0' is out of range.  The number of columns for this ResultSet is '3'.
    at org.apache.derby.client.am.SQLExceptionFactory40.getSQLException(Unknown Source)
    at org.apache.derby.client.am.SqlException.getSQLException(Unknown Source)
    at org.apache.derby.client.am.ColumnMetaData.getColumnType(Unknown Source)
    at org.apache.derby.client.am.PreparedStatement.setString(Unknown Source)
    at org.apache.commons.dbcp.DelegatingPreparedStatement.setString(DelegatingPreparedStatement.java:132)
    at com.tunestore.action.RegisterAction.execute(RegisterAction.java:90)
    at org.springframework.web.struts.DelegatingActionProxy.execute(DelegatingActionProxy.java:110)
    at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
    at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
    at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:190)
    at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:304)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:190)
    at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:306)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at com.tunestore.servlet.PersistenceFilter.doFilter(PersistenceFilter.java:77)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:244)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:108)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:558)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:379)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:243)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:259)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:281)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.derby.client.am.SqlException: The column position '0' is out of range.  The number of columns for this ResultSet is '3'.
    at org.apache.derby.client.am.ColumnMetaData.checkForValidColumnIndex(Unknown Source)
    ... 34 more



ROOT CAUSE
org.apache.derby.client.am.SqlException: The column position '0' is out of range.  The number of columns for this ResultSet is '3'.
    at org.apache.derby.client.am.ColumnMetaData.checkForValidColumnIndex(Unknown Source)
    at org.apache.derby.client.am.ColumnMetaData.getColumnType(Unknown Source)
    at org.apache.derby.client.am.PreparedStatement.setString(Unknown Source)
    at org.apache.commons.dbcp.DelegatingPreparedStatement.setString(DelegatingPreparedStatement.java:132)
    at com.tunestore.action.RegisterAction.execute(RegisterAction.java:90)
    at org.springframework.web.struts.DelegatingActionProxy.execute(DelegatingActionProxy.java:110)
    at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
    at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
    at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:190)
    at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:304)
    at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:190)
    at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:306)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at com.tunestore.servlet.PersistenceFilter.doFilter(PersistenceFilter.java:77)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:244)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:108)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:558)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:379)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:243)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:259)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:281)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)

The error appears to be pointing to line 90 of my code which is:

pStmt.setString(0, daf.getString("username"));

Yet this line of code looks correct to me. What could I be missing?

Was it helpful?

Solution

Column indexes start at 1 in JDBC

I can't see you calling setString in the code, but the stack trace clearly says execute is calling setString at line #90. Is the code you posted exactly what's running when you get this exception?

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top