So I am trying to practice working with databases and I decided to make a Banking System. I am using MariaDB. I wanted to make it so the user can login and if the info doesnt match anything in the database, they have to re-enter the username and password until it matches but I cannot figure it out. This is my first time implementing sql into java so I apologize if i made any mistakes. I have researched, but the solutions I could find were using swing or javafx but i am not looking to make a gui right now. Anyway, I am not really sure what I am doing in this part.
public void loginAccount(Connection conn) throws SQLException {
String login;
ResultSet rs;
do {
System.out.print("Enter Username: ");
Username = in.nextLine();
System.out.print("Enter Password: ");
Password = in.nextLine();
login = "SELECT * FROM Person WHERE Username = ? AND AccPassword = ?";
PreparedStatement ps = conn.prepareStatement(login);
ps.setString(1, Username);
ps.setString(2, Password);
rs = ps.executeQuery(login);
} while (!rs.next());
}
I keep getting java.sql.SQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '? AND AccPassword =?' at line 1
Also, I originally had
login = "SELECT * FROM Person WHERE Username = " +Username+ " AND AccPassword = " + Password;
But i read somewhere that it is bad practice to use +. Not sure if that is true or not.
You are using the wrong method of PreparedStatement.
You should use
rs = ps.executeQuery();
so that your statement gets executed where the placeholders actually have values.
You intended to call PreparedStatement.executeQuery()
rs = ps.executeQuery();
but instead you called a static method Statement.executeQuery(String sql)
rs = ps.executeQuery(login);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.