Re: [OT] RE: IE causes an ORA-00936 error, but not Firefox?
Here's another thought: "ORA-00936: missing expression" means that your Oracle SQL is malformed. If invalid browser input can cause a malformed SQL, you're potentially exposing yourself to a SQL injection attack (http://en.wikipedia.org/wiki/SQL_injection). Try to make sure that your SQL is constant and only prepared statement's bind variables change based on the browser request. Personally, I use Charles Web Debugging Proxy to compare browser requests coming from different browsers (http://www.xk72.com/charles/) On Friday 28 March 2008 14:21, Brian Munroe wrote: > [snip very helpful suggestions] > > Holy crap guys! This is awesome, I've never had this much response > from the users@ (and be it an off-topic too!) > > Once I get the code in hand, that's when the fun will begin! > [...] > org.apache.jsp.splash_jsp threw > exception > java.sql.SQLException: ORA-00936: missing expression -- Nicholas Sushkin, Senior Software Engineer http://www.openfinance.com http://www.wealthinformationexchange.com smime.p7s Description: S/MIME cryptographic signature
Re: [OT] RE: IE causes an ORA-00936 error, but not Firefox?
[snip very helpful suggestions] Holy crap guys! This is awesome, I've never had this much response from the users@ (and be it an off-topic too!) Once I get the code in hand, that's when the fun will begin! thanks everyone -- brian - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [OT] RE: IE causes an ORA-00936 error, but not Firefox?
see if you can do an out.print from within the JSP of the results sets. -Original Message- From: Peter Crowther [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2008 12:28 PM To: 'Tomcat Users List' Subject: [OT] RE: IE causes an ORA-00936 error, but not Firefox? [Marked off-topic as this is almost certainly an application, not Tomcat, issue] > From: Brian Munroe [mailto:[EMAIL PROTECTED] > I don't have access to the JSPs at > the moment (I believe it is a model I application - JSP only) so I > can't look at the code - just functional testing for now. > > But this error only occurs in IE (both 6 and 7) - I've tried googling, > but without much luck. Has anyone ever experienced this issue? [...] > at org.apache.jsp.splash_jsp._jspx_meth_sql_query_1(splash_jsp.java:654) You'll need the JSPs. Then you'll need to find out what misfeature of splash.jsp is causing it to construct a correct SQL query with Firefox, but an incorrect one with IE. If you want further evidence, find a way of snooping Oracle's queries. Bet you'll see a malformed one coming in, that's being constructed by this JSP. I'm not an Oracle expert, so don't know how to look at the queries. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: IE causes an ORA-00936 error, but not Firefox?
is javascript within the JSP anywhere altering the "missing expression"? -Original Message- From: Brian Munroe [mailto:[EMAIL PROTECTED] Sent: Friday, March 28, 2008 12:15 PM To: Tomcat Users List Subject: IE causes an ORA-00936 error, but not Firefox? Ok, here is a weird one. I don't believe it is related to Tomcat specifically, but I'd like to tap the community and see if someone else has ever experienced this issue. I am troubleshooting an app, which was originally designed using Firefox. Now that we are testing with IE (IE 6 and 7), we are running into an unusual error (see below). I don't have access to the JSPs at the moment (I believe it is a model I application - JSP only) so I can't look at the code - just functional testing for now. But this error only occurs in IE (both 6 and 7) - I've tried googling, but without much luck. Has anyone ever experienced this issue? thanks -- brian [28 Mar 2008 12:58:39,522] ERROR TP-Processor7 org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/csstest].[org.apache.jsp.splash_jsp] - Servlet.service() for servlet org.apache.jsp.splash_jsp threw exception java.sql.SQLException: ORA-00936: missing expression at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:331) at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:288) at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:745) at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:216) at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:810) at oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1039) at oracle.jdbc.driver.T4CPreparedStatement.executeMaybeDescribe(T4CPreparedStatement.java:850) at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1134) at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3339) at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3384) at org.apache.tomcat.dbcp.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:92) at org.apache.taglibs.standard.tag.common.sql.QueryTagSupport.doEndTag(QueryTagSupport.java:215) at org.apache.jsp.splash_jsp._jspx_meth_sql_query_1(splash_jsp.java:654) at org.apache.jsp.splash_jsp._jspService(splash_jsp.java:104) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at eis.doe.ghg.AuthFilter.doFilter(AuthFilter.java:38) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:201) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685) at java.lang.Thread.run(Thread.java:595) - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE causes an ORA-00936 error, but not Firefox?
It *might* be enough, if you at least know what parameters are being used, to look in Firebug or some similar tool to see what's being transmitted across the wire... if you're lucky it's something obvious and visible there and you won't have to hunt it down further back on the server. -- Frank W. Zammetti Author of "Practical DWR 2 Projects" (2008, Apress, ISBN 1-59059-941-1) and "JavaScript, DOM Scripting and Ajax Projects" (2007, Apress, ISBN 1-59059-816-4) and "Practical Ajax Projects With Java Technology" (2006, Apress, ISBN 1-59059-695-1) Java Web Parts - http://javawebparts.sourceforge.net Supplying the wheel, so you don't have to reinvent it! On Fri, March 28, 2008 1:30 pm, Brian Munroe wrote: > On Fri, Mar 28, 2008 at 10:27 AM, Frank W. Zammetti <[EMAIL PROTECTED]> > wrote: > >> My first guess (and that's all it is, a guess!) is that you're trying to >> insert something coming from the client into a SQL query and for >> whatever >> reason it's being transmitted differently from IE than FF and is >> somehow > > Thanks Frank, Peter > > Those answers sound logical to me. Now if I can just get my hands on > the source > > -- brian > > - > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE causes an ORA-00936 error, but not Firefox?
On Fri, Mar 28, 2008 at 10:27 AM, Frank W. Zammetti <[EMAIL PROTECTED]> wrote: > My first guess (and that's all it is, a guess!) is that you're trying to > insert something coming from the client into a SQL query and for whatever > reason it's being transmitted differently from IE than FF and is somehow Thanks Frank, Peter Those answers sound logical to me. Now if I can just get my hands on the source -- brian - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] RE: IE causes an ORA-00936 error, but not Firefox?
[Marked off-topic as this is almost certainly an application, not Tomcat, issue] > From: Brian Munroe [mailto:[EMAIL PROTECTED] > I don't have access to the JSPs at > the moment (I believe it is a model I application - JSP only) so I > can't look at the code - just functional testing for now. > > But this error only occurs in IE (both 6 and 7) - I've tried googling, > but without much luck. Has anyone ever experienced this issue? [...] > at org.apache.jsp.splash_jsp._jspx_meth_sql_query_1(splash_jsp.java:654) You'll need the JSPs. Then you'll need to find out what misfeature of splash.jsp is causing it to construct a correct SQL query with Firefox, but an incorrect one with IE. If you want further evidence, find a way of snooping Oracle's queries. Bet you'll see a malformed one coming in, that's being constructed by this JSP. I'm not an Oracle expert, so don't know how to look at the queries. - Peter - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IE causes an ORA-00936 error, but not Firefox?
My first guess (and that's all it is, a guess!) is that you're trying to insert something coming from the client into a SQL query and for whatever reason it's being transmitted differently from IE than FF and is somehow breaking the query. I'd suggest looking at the query that's being executed in both cases, the real, final one that's being sent to the database, and see if there's any difference... and I'd go so far as to compare it at a low level to make sure there's not some stupid low-ASCII (non-visible) value mixed in somewhere. -- Frank W. Zammetti Author of "Practical DWR 2 Projects" (2008, Apress, ISBN 1-59059-941-1) and "JavaScript, DOM Scripting and Ajax Projects" (2007, Apress, ISBN 1-59059-816-4) and "Practical Ajax Projects With Java Technology" (2006, Apress, ISBN 1-59059-695-1) Java Web Parts - http://javawebparts.sourceforge.net Supplying the wheel, so you don't have to reinvent it! On Fri, March 28, 2008 1:15 pm, Brian Munroe wrote: > Ok, here is a weird one. I don't believe it is related to Tomcat > specifically, but I'd like to tap the community and see if someone > else has ever experienced this issue. > > I am troubleshooting an app, which was originally designed using > Firefox. Now that we are testing with IE (IE 6 and 7), we are running > into an unusual error (see below). I don't have access to the JSPs at > the moment (I believe it is a model I application - JSP only) so I > can't look at the code - just functional testing for now. > > But this error only occurs in IE (both 6 and 7) - I've tried googling, > but without much luck. Has anyone ever experienced this issue? > > thanks > > -- brian > > > [28 Mar 2008 12:58:39,522] ERROR TP-Processor7 > org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/csstest].[org.apache.jsp.splash_jsp] > - Servlet.service() for servlet org.apache.jsp.splash_jsp threw > exception > java.sql.SQLException: ORA-00936: missing expression > > at > oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112) > at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:331) > at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:288) > at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:745) > at > oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:216) > at > oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:810) > at > oracle.jdbc.driver.OracleStatement.executeMaybeDescribe(OracleStatement.java:1039) > at > oracle.jdbc.driver.T4CPreparedStatement.executeMaybeDescribe(T4CPreparedStatement.java:850) > at > oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1134) > at > oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3339) > at > oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3384) > at > org.apache.tomcat.dbcp.dbcp.DelegatingPreparedStatement.executeQuery(DelegatingPreparedStatement.java:92) > at > org.apache.taglibs.standard.tag.common.sql.QueryTagSupport.doEndTag(QueryTagSupport.java:215) > at > org.apache.jsp.splash_jsp._jspx_meth_sql_query_1(splash_jsp.java:654) > at org.apache.jsp.splash_jsp._jspService(splash_jsp.java:104) > at > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) > at eis.doe.ghg.AuthFilter.doFilter(AuthFilter.java:38) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:201) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) > at > org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200) > at > org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) > at > org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773) > at > org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703) > at > org.apache.jk.common.ChannelSocket$SocketConnection.ru
