What's wrong with this SQL command?
Question
I have a problem with a SQL Command.
I have a string that holds a SQL command, but when I run, it returns me an error: Column n1 does not exist Note: n1 is what I typed in my textField.
Code:
String nameprod tf_NameProd.getText = ();
String sql = "select * from Product where prod_name =" + nameprod;//<-- this is my query
iaeprod.Table(sql, tbl_Prod);
Any idea where I am missing?
4 answers
solution1
2 2015-07-09 07:30:40
String sql = "select * from Product where prod_name = '" + nameprod + "'";
solution2
2 ACCPTED 2015-07-09 07:31:07
You need to put single quotes around the string in your SQL. For example in your case it should be
"select * from Product where prod_name = '" + nameprod + "'";
solution3
2 2015-07-09 07:31:27
because prod_name is a String use single quotes around the value
String sql = "select * from Product where prod_name ='" + nameprod+"'";
it will better to use prepared statement
solution4
1 2015-07-09 11:30:43
Use this method instead:
Connection dbConnection = getDBConnection();
PreparedStatement stmt = null;
String nameProd = "select * from Product where prod_name = ?";
stmt = connection.prepareStatement(nameProd);
stmt.setString(1, tf_NameProd.getText() );
ResultSet rs = stmt.executeQuery();
PS: I haven't compiled this code. Please put try and catch statements at appropriate places
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.