I am doing a very simple web application that has a Microsoft Access database as the data source. I have been able to sucessfully create update and query statements using parameters but am having issues with an insert statement. I am using JSTL 1.1.2
The following code creates the data type mismatch error.
<sql:update
sql="insert into tblTtoF(TFToolID,TFFeatID) values(?,?)">
<sql:param value='$(ID}'/>
<sql:param value='${feature}'/>
</sql:update>
The table has NUMBER as the data type for both of these fields and the variables I am feeding into it are both numbers. If I hard code the first number into the sql statement then it works. I have tried swapping the variables around and as long as the first one is hard coded the parameter for the second one works no matter which is first or second.
However I can get the following code to work, which of course leaves me vulnerable to sql injection attacks which is not really a good thing.
<sql:update>
insert into tblTtoF(TFToolID,TFFeatID) values('<c:out value="${ID}"/>','<c:out value="${feature}"/>')
</sql:update>
So I am just looking for any suggestions as to why my first piece of code doesn't work seeing as it is the simplest of SQL statements and the most standard syntax.
Thanks