MySQLSyntaxErrorException in SQL syntax

577 views Asked by At

I am trying to select data from a table using prepared statement. But it seems like I am getting syntax error which I cannot solve alone.

try {

        Class.forName("com.mysql.jdbc.Driver");
        String url = "jdbc:mysql://localhost:3306/mydb";
        String dbusername = "root";
        String dbpassword = ""; // Change it to your Password

        // Setup the connection with the DB
        connection = DriverManager.getConnection(url, dbusername,
                dbpassword);

        String query = "SELECT * FROM admin WHERE username = ? AND password = ?";

        try {
            // connection.setAutoCommit(false);
            selectUser = connection.prepareStatement(query);
            selectUser.setString(1, username);
            selectUser.setString(2, password);
            // Execute preparedstatement
            ResultSet rs = selectUser.executeQuery(query);

            // Output user details and query
            System.out.println("Your user name is " + username);
            System.out.println("Your password is " + password);
            System.out.println("Query: " + query);

            boolean more = rs.next();

            // if user does not exist set the validity variable to true
            if (!more) {
                System.out
                        .println("Sorry, you are not a registered user! Please sign up first!");
                user.setValid(false);
            }

            // if user exists set the validity variable to true
            else if (more) {
                String name = rs.getString("name");

                System.out.println("Welcome " + name);
                user.setName(name);
                user.setValid(true);
            }


        } catch (Exception e) {
            System.out.println("Prepared Statement Error! " + e);
        }   
    } catch (Exception e) {
        System.out.println("Log in failed: An exception has occured! " + e);
    } finally {
    }
    if (connection != null) {
        try {
            connection.close();
        } catch (Exception e) {
            System.out.println("Connection closing exception occured! ");
        }
        connection = null;
    }

    return user;
}

I get following error.

Prepared Statement Error! com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? AND password = ?' at line 1

But I don't see any error in that code line.

3

There are 3 answers

1
singhakash On BEST ANSWER

Change

 ResultSet rs = selectUser.executeQuery(query);

to

 ResultSet rs = selectUser.executeQuery();

when you already prepared the statement in connection.prepareStatement(query); then why to pass the query again in selectUser.executeQuery(query);

0
Scary Wombat On

what you want to do is use this method

 ResultSet rs = selectUser.executeQuery();
0
Santhosh On

You have already loaded your query inside the prepared statement here ,

selectUser = connection.prepareStatement(query);

so execute it by ,

 ResultSet rs = selectUser.executeQuery();

Also read ,

How does PreparedStatement.executeQuery work?