I need to select rows from mysql table based on various criteria, for example Colour= Black, or size= L.
The code works without the preparedstatement and the question marks, but whenever I attempt to use the question marks the code does not run.
I have read something about typing the question mark like ‘?’// but I am not sure about the exact format.
String URL = "jdbc:mysql://localhost:3306/clothing"; String USERNAME = "root"; String PASSWORD = "password"; Connection con = DriverManager.getConnection(URL, USERNAME, PASSWORD); Statement stmt = con.createStatement(); String sql= "SELECT * FROM clothing.Lostandfound WHERE Colour = ? AND Size = ?;"; ResultSet rs = stmt.executeQuery(sql); PreparedStatement preparedStmt = con.prepareStatement(sql); preparedStmt.setString(1, Data1); preparedStmt.setString(2, Data2);
Also, Size is written out in orange colour, but the error happens also when I only use this sql String
String sql= "SELECT * FROM clothing.Lostandfound WHERE Colour = ?;";
I have looked at like 20 different answers, but didnt find anything helpful, so thanks in advance for any help!
Advertisement
Answer
You are executing the query using a normal java.sql.Statement, not using a java.sql.PreparedStatement. This won’t work because a normal Statement does not support parameterized queries. So, remove the creation and execution of the Statement, and make sure you execute the statement using the PreparedStatement:
String URL = "jdbc:mysql://localhost:3306/clothing";
String USERNAME = "root";
String PASSWORD = "password";
String sql= "SELECT * FROM clothing.Lostandfound WHERE Colour = ? AND Size = ?;";
try (Connection con = DriverManager.getConnection(URL, USERNAME, PASSWORD);
PreparedStatement preparedStmt = con.prepareStatement(sql)) {
preparedStmt.setString(1, Data1);
preparedStmt.setString(2, Data2);
try (ResultSet rs = preparedStmt.executeQuery()) {
// process result set
}
}
Also note the addition of try-with-resources, which will ensure connections, statements and result sets are closed correctly.