Im getting an sql syntax error somewhere at the end of this code line, i have tweaked it and mixed a bit with it but so far i haven't solved it.
strSQL="INSERT INTO " + tableName + " VALUES " + "(" + id + ",'" + rname + "','" + rfn + "','" + rmn + ")";
Any help appreciated!
You are missing a quote at the end
+ rmn + " )";
^---------here
But actually you should rather use Prepared Statements.
You have missed several ' signs. (not only in the end, but before and after the id)
strSQL="INSERT INTO " + tableName + " VALUES " + "('" + id + "','" + rname + "','" + rfn + "','" + rmn + "')";
Not related to the question, but strongly related to the proper creation of queries in Java:
You should avoid constructing queries with String contatenation. Instead, use PreparedStatement parameters. For example, you query would look like this:
strSQL="INSERT INTO " + tableName + " VALUES (?, ? , ? , ?)";
There is no field name specified.write like this
INSERT INTO tbl_name (col1,col2) VALUES(val1, vale2);
Check url:http://dev.mysql.com/doc/refman/5.6/en/insert.html
Related
I want to insert the SUM of Somme_versee (column in table Versement) in the column Versement_total.
This is a part of my code:
statement.executeUpdate("INSERT INTO Versement ( Nom , Prenom, Date , Somme_versee,Prix_du_logement, Nom_du_projet) VALUES('" + nom.getText() +"','" +prenom.getText() +"','" +date.getText() + "'," + verse.getText() + ", " + "(SELECT Prix_du_logement FROM Client WHERE Nom='"+ nom.getText() +"' AND Prenom='"+ prenom.getText() + "')," + " (SELECT Nom_du_projet FROM Client WHERE Nom='" + nom.getText()+ "' AND Prenom='" +prenom.getText() + "'))");
statement.executeUpdate("UPDATE Versement SET Versement_total= SUM(Somme_versee) " );
When executing I get this error: misuse of aggregate function SUM()
You should never do this in the same table. And it will get worse when the table gets more records. But what you seem to want is:
UPDATE Versement SET Versement_total = (SELECT SUM(Somme_versee) FROM Versement)
I have some problems with an application developed in Java that uses postgreSQL as a DB. I managed to make a dummy query as follows:
String sql = "INSERT INTO voicemessages (UNIQUEID,MSGNM,DIR,CONTEXT,MACROCONTEXT,CALLERID, ORIGTIME,DURATION, FLAG,MAILBOXUSER,MAILBOXCONTEXT,RECORDING, LABEL, read ) "
+ "VALUES (1, 1, 'dir/dir1/msgs', 'message', 'message', '6001', '15/01/2015 13:31:25', '1:32', 'flag', 'Georgi Georgiev', 'Georgi Georgiev', '12314124', 'some label', false);";
And it works perfect when I execute the statement. A row in the DB is created and I am able to display the data using:
SELECT * FROM voicemessages;
The problem is when I create my own VoiceMail class and when I create an object from this type and put in the query the getters and setters for this object I receive some kind of an error:
org.postgresql.util.PSQLException: ERROR: column "dir" does not exist Hint:There is a column named "dir" in table "voicemessages", but it cannot be referenced from this part of the query.Position: 169
I am trying to insert a row by using and executing this:
String sql = "INSERT INTO voicemessages (UNIQUEID,MSGNM,DIR,CONTEXT,MACROCONTEXT,CALLERID, ORIGTIME,DURATION, FLAG,MAILBOXUSER,MAILBOXCONTEXT,RECORDING, LABEL, read ) "
+ "VALUES (" + message01.getUniqueId() + ", " + message01.getMessageNumber() + ", " + message01.getDirectory() + ", " + message01.getContext() + ", " + message01.getMacroContext() + ", " + message01.getCallerId() + ", " +message01.getOrigTime() + ", " + message01.getDuration() + ", " + message01.getFlag() + ", " + message01.getMailboxUser() + ", " +message01.getMailboxContext() + ", " + message01.getRecording() + ", " + message01.getLabel() + ", " + message01.getRead()+ ");"+" ";
Any help or suggestion is appreciated.
Thank you in advance!
Do not use Direct values use parameters for safety, What happens is that the SQL statement you passĀ is parsed to prepare and compiled by the database. So by sending the actual SQL separately from the parameters, you limit the risk of SQL injection
I have got a problem in inserting value in rewards table. Try to solve it and found other post as well but I could not find any solution.
String sql1 = "INSERT INTO rewards(project_id, 1st_reward,1st_description, 2nd_reward, 2nd_description, 3rd_reward, 3rd_description, 4th_reward, 4th_description, 5th_reward, 5th_description) "
+ "values('"
+ projectId
+ "','"
+ rwd1.getText().toString()
+ "','"
+ rwd1Desc.getText().toString()
+ "','"
+ rwd1.getText().toString()
+ "','"
+ rwd2.getText().toString()
+ "','"
+ rwd2Desc.getText().toString()
+ "','"
+ rwd3.getText().toString()
+ "','"
+ rwd3Desc.getText().toString()
+ "','"
+ rwd4.getText().toString()
+ "','"
+ rwd4Desc.getText().toString()
+ "','"
+ rwd5.getText().toString()
+ "','"
+ rwd5Desc.getText().toString()
+ "')";
stmt.executeUpdate(sql1);
You have 11 columns, and 12 values...
you have one extra
+ "','"
+ rwd1.getText().toString()
+ "','"
You have mentioned 11 columns in your SQL statement but setting 12 values for it. This is causing
Column count doesn't match value count at row 1 in java with mysql
database
Update your query to use the right number of columns and then use the same number and type of values.
The duplicate column others are mentioning in your values is one of the rwd1.getText().toString() calls:
...
+ rwd1.getText().toString()
+ "','"
+ rwd1Desc.getText().toString()
+ "','"
+ rwd1.getText().toString()
...
Another way to more cleanly assemble your query would be:
EntityManager em;
Query query = em.createQuery("INSERT INTO rewards(project_id,1st_reward,1st_description,2nd_reward,2nd_description,3rd_reward,3rd_description,4th_reward,4th_description,5th_reward,5th_description) values (:projectId,:rwd1,:rwd1Desc,:rwd2,:rwd2Desc,:rwd3,:rwd3Desc,:rwd4,:rwd4Desc,:rwd5,:rwd5Desc)");
query.setParameter("projectId", projectId);
query.setParameter("rwd1", rwd1.getText().toString());
query.setParameter("rwd1Desc", rwd1Desc.getText().toString());
query.setParameter("rwd2", rwd2.getText().toString());
query.setParameter("rwd2Desc", rwd2Desc.getText().toString());
query.setParameter("rwd3", rwd3.getText().toString());
query.setParameter("rwd3Desc", rwd3Desc.getText().toString());
query.setParameter("rwd4", rwd4.getText().toString());
query.setParameter("rwd4Desc", rwd4Desc.getText().toString());
query.setParameter("rwd5", rwd5.getText().toString());
query.setParameter("rwd5Desc", rwd5Desc.getText().toString());
query.executeUpdate();
Here are some more resources for this method: here, here, and here.
This fails: db.prepareStatement("SELECT * FROM " + table + " WHERE " + column + " LIKE '?%'");
Because the ? is not recognized as a placeholder for a value. How should I work around this?
Put the wildcard in the variable, rather than in the statement, like:
stmt = db.prepareStatement("SELECT * FROM " + table + " WHERE " + column + " LIKE ?");
stmt.setString(1, "myterm%");
Pass your value into the CONCAT() function:
db.prepareStatement("SELECT * FROM " + table
+ " WHERE " + column
+ " LIKE CONCAT(?, '%')");
The advantage of doing it this way is the code making the call doesn't need to know that the parameter is being used with a LIKE, so you could use the same parameter value with other non-LIKE queries.
Try including the percent sign as part of the LIKE parameter:
db.prepareStatement("SELECT * FROM " + table + " WHERE " + column + " LIKE ?");
I don't like the query much. I don't think you're saving much by concatenating table and column in this way.
Using Derby as my data base driver and tying to execute SQL query through java,
there was a error that was encounter, when tried to execute this particular query
stmt.executeQuery("insert into " + "TEST " + "values (" + dataTimeRev + ", "
+ dataType + "," + obj + ")" );
Here dataTimeRev, dataType and obj are variables with data.
The error that was stated was like this
java.sql.SQLSyntaxErrorException: VALUES clause must contain at least one element. Empty elements are not allowed.
if the column data type is VARCHAR you will have to pass the value in qoutes like 'value' for that you should do as below
String query = "insert into TEST values('"+dataTimeRev+"', '"+dataType+"','"+obj+"')";
stmt.executeQuery(query);
Verify that dataTimeRev, dataType and obj are not null and not blank.
I am not sure if Derby follows SQL syntax. But if the values are of type varchar, then it should be enclosed in single quotes ('). For example:
stmt.executeQuery("insert into " + "TEST " + "values ('" + dataTimeRev + " ', ' "
+ dataType + " ',' " + obj + " ')" );
Try this:
stmt.executeQuery("insert into TEST values ('" + dataTimeRev + "', "'+ dataType + "',"' + obj + "')" );
One of the causes of this error is trying to insert a Type that isn't a String (Date, Double, Integer e.t.c, surrounded by the single quotation mark ''
For example my table was declared like this:
String createTableStatement = "CREATE TABLE PRODUCT"+ "(product_id INTEGER NOT NULL PRIMARY KEY GENERATED ALWAYS AS IDENTITY (START WITH 1, INCREMENT BY 1)," +
"product_name CHAR(80), "+
"price DOUBLE," +
"supplier CHAR(50))";
So I was doing:
statement.executeUpdate("INSERT INTO PRODUCT (PRODUCT_NAME, PRICE, DATE_SUPPLIED, QUANTITY, SUPPLIER) VALUES " +
"('" + productName + "', " + "'" + price + "', " + "'" + supplier +"')");
instead of:
statement.executeUpdate("INSERT INTO PRODUCT (PRODUCT_NAME, PRICE, DATE_SUPPLIED, QUANTITY, SUPPLIER) VALUES " +
"('" + productName + "', " + price + ", " + "'" + supplier +"')");