This question already has an answer here:
insert query with varchar as data type for primary key
(1 answer)
Closed 8 years ago.
hello i have a problem with this resultset.
public ResultSet seleccionar(String id, String pass) throws SQLException {
PreparedStatement stmt;
String consulta = "SELECT iduser from personas ";
consulta+= " WHERE nombre=?";
consulta+= " AND pass= ?";
objetoConexion = Conexion.getInstance().getConnection();
stmt = objetoConexion.prepareStatement(consulta);
stmt.setString(1,id);
stmt.setString(2,pass);
ResultSet rs = stmt.executeQuery(consulta);
rs.first();
return rs;
this is my error
.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? AND pass= ?' at line 1
You need to check you spaces on your String consulta.
Have you considered using a StringBuffer and logging your SQL statements to the console so you can see what the queries look like?
You have to put a space before AND.
String consulta = "SELECT iduser from personas ";
consulta+= " WHERE nombre='?";
consulta+= "' AND pass='?'";
Related
does anybody know why an INSERT with sha512 is working without any problem:
String query = " insert into user (username, password, surname, lastname, email, admin)"
+ " values (?, sha2(?, 512), ?, ?, ?, ?)";
System.out.println("query: " + query);
// create the java statement
PreparedStatement ps = conn.prepareStatement(query);
ps.setString(1, newUser.getUsername());
ps.setString(2, getPsw());
ps.setString(3, newUser.getSurename());
ps.setString(4, newUser.getLastname());
ps.setString(5, newUser.getEmail());
......
......
and an UPDATE query not:
String query = "update user set password = sha2(?, 512) where id = "+getId()+")";
System.out.println("query: " + query);
// create the java statement
PreparedStatement ps = conn.prepareStatement(query);
ps.setString(1, psw_edit);
I get the following MySQLSyntaxErrorException:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
You have an extra closing brace ) in your UPDATE code
Try changing it to
String query = "update user set password = sha2(?, 512) where id = "+getId();
It seems that mySQL have a problem with password. Possibly it notices password as a mySQL Keyword. The solution is to write it on this way: password
But still a better solution is to hash a password directly in JAVA. Even better to create a salted hash first.
I am trying to update column "Name" in table "changerequest":
Class.forName("com.mysql.jdbc.Driver");
Connection con=DriverManager.getConnection("jdbc:mysql://localhost:3306/ccb-dbf", "root", "1234");
String N= name;
String yy="Accepted";
Statement st2= con.createStatement();
st2.executeUpdate("UPDATE changerequest SET Status="+yy+"Where Name="+N);
What is the syntax error here?
Variable yy and N both are String so after concatenation your query
UPDATE changerequest SET Status=AcceptedWhere Name=someName
No space between Accepted and Where, Which is not a valid sql query.
Try
String query = "UPDATE changerequest SET Status = " + yy + " Where Name = " + N;
Statement st2= con.createStatement();
st2.executeUpdate(query);
try this one:-
st2.executeUpdate("UPDATE changerequest SET Status=" +yy+ " Where Name="+N);
Note:make a space between set status=? and where clause
i have a form and onClick listener i want to update some data on my database exception says that i have a syntax error but when i execute query at mysql console it works here is my code all variables are checked
String temp = itemList.getModel().getElementAt(itemList.getSelectedIndex()).toString();
PreparedStatement pt = supplies.con.prepareStatement("update prods set pquant = pquant + ? where pname = ?");
pt.setInt(1, Integer.parseInt(empsalary.getText()));
pt.setString(2, temp);
supplies.pst.executeQuery(temp);
Error
com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'DVD Verdatim' at line 1
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:936)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:2985)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1631)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1723)
at com.mysql.jdbc.Connection.execSQL(Connection.java:3277)
at com.mysql.jdbc.Connection.execSQL(Connection.java:3206)
at com.mysql.jdbc.Statement.executeQuery(Statement.java:1232)
at buy$1.actionPerformed(buy.java:62)
As the compiler mentioned, there is indeed a Syntax error in your SQL query. Try:
String temp = itemList.getModel().getElementAt(itemList.getSelectedIndex()).toString();
PreparedStatement pt = supplies.con.prepareStatement("update prods set pquant = #0 + 21" + "'variableForPquant'" "where pname = #1" + "'variableForPname'");
pt.setInt(1, Integer.parseInt(empsalary.getText()));
pt.setString(2, temp);
supplies.pst.executeQuery(temp);
You need to use quotes when you are using variables in your SQL query. I believe it is either
"'variableName'" or '"variableName'"
I found my error i declare a variable pt and i execute the query from the statement that is empty pst i change to pt.executeUpdate(); and its ok now
Using a try-catch phrase I catch an error in the following code:
ResultSet rs = stmt.executeQuery("select * from 'user_tbl' where user_id = '"+user+"' ");
The error details are as follows:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''user_tbl' where user_id = '12345678'' at line 1
Is there anything wrong with my syntax here? I'm using Netbeans as my IDE.
Single quotes are not required, try this:
ResultSet rs = stmt.executeQuery("select * from user_tbl where user_id = " + user);
If user_id is non-integer then enclose user variable in single quotes
You shouldn't have user_tbl inside ' marks, try removing them so it reads:
ResultSet rs = stmt.executeQuery(
"select * from user_tbl where user_id = '"+user+"' ");
conn = DriverManager.getConnection(connURL);
String sqlStr = "Select * from inventory where functions" + "like ? order by brand, model";
PreparedStatement pstmt = conn.prepareStatement(sqlStr);
pstmt.setString(1, "%" + search + "%");
ResultSet rs = pstmt.executeQuery();
Hi guys, i am having error with this code at line 2 and line 4. I believe that my coding contains errors.
I have a doubt that my SQL query is not correctly formatted. The pstmt.setString will set the search value to the ? in the SQL query.
The error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''%null%' order by brand, model' at line 1
The syntax of your sql query declaration is wrong. That is why you're getting that error. Why are you including + in between ?
Try
conn = DriverManager.getConnection(connURL);//this is bad use a connection pool
StringBuilder sb = new StringBuilder().append("Select * from inventory where functions");
sb.append(" like ? order by brand, model");
String sqlStr = sb.toString().intern();//use intern if this function is used many times