I am trying to delete the record from my "student" table, the table has two column rollno and student name.
I am using a PreparedStatement but I am getting some error. I could not understand the error. The error is:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1
here is my code
String query = "delete from student where rollno = ?";
PreparedStatement pst = con.prepareStatement(query);
pst.setInt(1, 7);
pst.executeUpdate(query);
Likely you are calling the execute like this:
pst.executeUpdate(query);
This will execute the raw query, without the parameter you set before.
You want to execute the prepared query instead, so just use:
pst.executeUpdate();
Related
I have a preparedStatement for select query in mySQL.
this is what I wrote:
String sQuery = "SELECT Password FROM test WHERE Email = ?";
st = DB.prepareStatement(sQuery);
st.setString(1, email);
ResultSet rs = st.executeQuery(sQuery);
but i'm getting an exception from the glassfish server that says:
Severe: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:
You have an error in your SQL syntax; check the manual that corresponds
to your MySQL server version for the right syntax to use near '?' at line 1
I don't understand what is the problem.. all the samples i saw, use that syntax..
You must call st.executeQuery(), without the query as argument. The query has already been passed to the statement when it was prepared.
See http://docs.oracle.com/javase/7/docs/api/java/sql/PreparedStatement.html#executeQuery%28%29
st.executeQuery() i.e. no param to executeQuery
I am trying a update an entry in my SQL table which has a column name "from" in JDBC.
Following is the SQL command that I am trying to execute:
sql = "Update email_template set [from]="+"'"+3+"'"+" WHERE id="+idno;
stmt.executeUpdate(sql);
However it shows the following error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[from]='Akshit' WHERE id=1' at line
MySQL's way of escaping column names is by using backticks:
sql = "Update email_template set `from`="+"'"+3+"'"+" WHERE id="+idno;
I recommend using java.sql.PreparedStatement when handling SQL in Java. It can be used for batches and ensures malicious SQL is not injected as part of the SQL code.
This is how your code looks with a PreparedStatement:
PreparedStatement stmt = connection.prepareStatement("UPDATE `email_template` SET `from` = ? WHERE id = ?");
stmt.setInt(1, 3);
stmt.setInt(2, idno);
stmt.executeUpdate();
If this is an operation you execute for many rows in one go, replace stmt.executeUpdate() with stmt.addBatch() (likely in some loop) and when you're ready to execute the batched updates you call stmt.executeBatch().
Note that both executeUpdate() and executeBatch() return how many rows were affected; which is something you may want to validate after a commit.
So I am using SQL with phpMyAdmin. Now I want to make an update to my database with a prepared statement but doind it gives me the following error:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'autor='Lol' WHERE id=44' at line 1
And this is how my statement looks like:
command = connection.prepareStatement("UPDATE books SET name=? author=? WHERE id=?");
command.setString(1, name.getText());
command.setString(2, author.getText());
command.setInt(3, IDx);
command.execute();
Wat is wrong with the statement I have made? It should be working In my opinion.
You need to separate the updated fields in a comma like:
command = connection.prepareStatement("UPDATE books SET name=?, author=? WHERE id=?");
You forgot a comma before author
UPDATE books
SET name = ?, author = ?
WHERE id = ?
in query "_latin" is getting concatenated before every param
java code :
PreparedStatement prepStmt = null;
QueryString = "SELECT FROM Student WHERE username=? AND password=? ";
prepStmt=con.prepareStatement(QueryString);
prepStmt.setString(1,un);
prepStmt.setString(2,pwd);
ResultSet rs;
System.out.println(prepStmt);
rs = prepStmt.executeQuery();
error :
java.sql.SQLException: [MySQL][ODBC 5.1 Driver][mysqld-5.5.24-log]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM Student WHERE username=_latin1'wow' AND password=_latin1'hell'' at line 1
why its happening , whats the solution
and this is table :
You are missing the column list from your query. You have to either specify explicitly the columns you want, or retrieve all via wildcard. Instead of:
SELECT FROM Student WHERE username = ? AND password = ?
You want something like:
SELECT * FROM Student WHERE username = ? AND password = ?
Note that its almost always better to explicitly define the columns you want to retrieve, rather than using the wildcard expression.
I am using PreparedStatement to query my table. Unfortunately, I have not been able to do so.
My code is as simple as this:
PreparedStatement preparedStatement = connection.prepareStatement(
"Select favoritefood from favoritefoods where catname = ?");
preparedStatement.setString(1, "Cappuccino");
ResultSet resultSet = preparedStatement.executeQuery();
The error thrown is java.sql.SQLException: ORA-00911: invalid character. As if it never run through the parameter given.
Thanks for your time. I've spend a day to debug this yet still unsuccessful.
As mention by Piyush, if I omit the semicolon at the end of statement, a new error is thrown. java.sql.SQLException: ORA-00942: table or view does not exist. But I can assure you this table is indeed exist.
UPDATE
shoot. i edited the wrong sql. now it is successful. thx for your time.
Do you get this error if you try binding values from the shown sql and excute it from the SQL prompt or any SQL editor?
Make sure your query is not having semicolon (";") at the end of it or anywhere in the query.
try giving it this way..
String query="Select favoritefood from favoritefoods where catname = ?";
preStat = conn.preparedStatement(query); // conn is the connection object
preStat.setString(1,"Cappuccino");
ResultSet resultSet=preStat.executeQuery();