I'm recently developing database api using java, vertx, gradle and mysql. I think I made a correct query but it shows me an error. Anybody knows the problem? Thanks in advance.
Query :
INSERT INTO USER VALUES('test#test.co.kr', 'test', 'password')
WHERE NOT EXISTS (SELECT * FROM USER WHERE email='test#test.co.kr')
Error :
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IF NOT EXISTS (SELECT * FROM USER WHERE email='test#test.co.kr')' at line 1
I believe you should mention column names after INSERT INTO USER .
Something like this;
INSERT INTO USER (email, username, password)
VALUES('test#test.co.kr', 'test', 'password')
WHERE NOT EXISTS
(SELECT * FROM USER WHERE email='test#test.co.kr')
I think you should do it like this:
INSERT INTO USER
SELECT 'test#test.co.kr', 'test', 'password'
FROM DUAL
WHERE NOT EXISTS (SELECT 1 FROM USER WHERE email='test#test.co.kr')
Related
I am trying to make a project in java but I'm having problems with MySQL, after trying to get the material inside the table I get this error message:
java.sql.SQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'table' at line 1
String sql = "SELECT Name, OS, Disk, Office, Serialnomain, Serialnotast, Serialnoscreen, Serialnomouse FROM table ";
ResultSet rs = stmt.executeQuery(sql);
Change your name from table to anything else and will work fine.
table is a reserved word in mariadb
so rename your table and it will run
The SQL Language has some keywords which you should not use in your statement, table is one of them just rename your table to myTable
I'm testing SQL injection in my lab and need to combine two SQL queries using UNION to bypass authentication, so I would like to know if there is a way to set static values in second query, so that my JAVA code will check will only check for the user password I send as static password : The SQL Query should be like this :
SELECT * FROM users WHERE user = 'user1' UNION SELECT user AS
user1, password AS password FROM users ;'
My JAVA code reports an error :
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to
use near
First, eliminate the use of SELECT * to make sure both queries return the same number of columns. Then you can hard code your static values in the second query.
SELECT user, password
FROM users
WHERE user = 'user1'
UNION
SELECT 'user', 'password';
Using union
You must select the corresponding number type of column eg:
SELECT user, password
FROM users
WHERE user = 'user1'
UNION
SELECT 'user', 'password'
;
I need some help. I'm using Liquibase im my project and after creation of tables trying to import data, but getting MySQLSyntaxErrorException.
This line in my import.sql
INSERT INTO visitors(id, name, password, email, created) VALUES(1,
'user', 'password', 'valid#mail', '1945-09-09 05:55:00');
generates this exception:
Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'INSERT INTO visitors(id, name, password, email, created)
VALUES(1, 'user', 'password', 'valid#mail', '1945-09-09 05:55:00');'
But when I execute it from MySQL CLI - data is successfully inserted. Have no idea where to look for. Could you, please, give some suggestions where to look for root cause?
For some reason when my java code attempts to execute a query that is using a variable I receive a syntax error.
String query = "SELECT userName, email, address FROM users,requests"
+ "WHERE requestingUser = userID AND rideID = ?";
ps = connection.prepareStatement(query);
ps.setInt(1, rideID);
results = ps.executeQuery()
This code produces the following MySQL error:
"You have an error in your SQL syntax; check the manual that corresponds to your
MySQL server version for the right syntax to use near '= userID AND rideID = 34' at
line 1"
I have tried this both with and without using PreparedStatments, and I only receive an error for those queries for which I pass in a variable. Simple queries like "SELECT field FROM table" work fine. I feel like I am going insane, I appreciate any help I can get.
You are missing a space between requests and WHERE
I am working on a mini application and I have to retrieve and save USER_ID in a table.
It works like this; I input the email address of the user and then the statement has to retrieve USER_ID and save it into a table.
I am having problem with my SQL Like statement. Its just that I have to insert only the first part of the email address. For example, "thomas#yahoo.com". I insert only "thomas"; not remaining part.
Here are sample of the statement and resulting message I am getting in my Java console:
Code:
String ea = txt_email.getText();
String lid = "SELECT USER_ID FROM user WHERE email_address Like '"+ea+"%' ";
Error Message:
Error: java.sql.SQLException: [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''SELECT USER_ID FROM user WHERE email_address Like 'thomas%' ''.
Try using * instead of %. MS ACCESS uses * instead of % for the LIKE statement.
Hope this helps
use PreparedStatement
PreparedStatement _query = con.prepareStatement(
"SELECT USER_ID FROM user WHERE email_address Like ?");
_query.setString(1, ea + "*"); // <== use *
_query.executeQuery();
where con is your active connection object.
One advantage of using PreparedStatement is protect from SQL Injection