We Keep Coding

How to pass multiple parameters in sql query using Java?

I have sql query which is shown below its a select statement I want to pass dynamically the values but I am not aware how can we do it .here I want to pass product and location dynamically
can anyone help in this ..
public static ResultSet RetrieveData() throws Exception {
PreparedStatement statement;
String sql = "select * FROM Courses WHERE "
+ "product = product? "
+ "and location = location? ";
System.out.println(sql);
DriverManager.registerDriver(new com.mysql.cj.jdbc.Driver());
String mysqlUrl = "jdbc:mysql://localhost:3306/wave1_build";
Connection con = DriverManager.getConnection(mysqlUrl, "root", "root");
statement = con.prepareStatement(sql);
ResultSet rs = statement.executeQuery(sql);
return rs;

One approach is to use plain ? placeholders along with the appropriate setters to bind values:
String sql = "SELECT * FROM Courses WHERE product = ? AND location = ?";
statement = con.prepareStatement(sql);
statement.setString(1, "some product");
statement.setString(2, "some location");
// NOTE: executeQuery() when used with prepared statements does NOT take any parameters
ResultSet rs = statement.executeQuery();

PreparedStatement not executing the query

I am trying to move all query executions from Statement to PreparedStatement due to SQL injection. My original issue was with update statement, but I wanted to try it with select statement as well. When I execute the below line of code, the statement returns nothing.
String selectQuery = "select is_enabled, syllabus_id from ic_syllabus where syllabus_id=?";
PreparedStatement pstmt = conn.prepareStatement(selectQuery);
pstmt.setString(1, "25AC1CFB7C1A2CF07F176BD3A296F229");
ResultSet rs = pstmt.executeQuery();
while(rs.next()){
String flag = rs.getString(1);
String sybsId = rs.getString(2);
}
I am using Oracle database and am not getting any exceptions either.

PreparedStatement nsert logical operation (=,<,>=,<,>=) in my sql

I want to insert logical operations (=,<,>=,<,>=) in my sql
try {
String sql = "SELECT id,name,date_N FROM LECTEUR WHERE date_N ?,?";
Connection con = DBinfo.getConnection();
PreparedStatement ps = (PreparedStatement) con.prepareStatement(sql);
ps.setString(1, operationCB.getValue());
ps.setString(2, date1.toString());
ResultSet resultSet = ps.executeQuery();
output:
Incorrect syntax near '#P0'.

You can only insert values as parameters of the PreparedStatement.
If you want the operation to be dynamic, use a StringBuilder to build the query String:
StringBuilder sql = new StringBuilder();
sql.append("SELECT id,name,date_N FROM LECTEUR ");
sql.append("WHERE date_N ");
sql.append(operationCB.getValue());
sql.append(" ?");
Connection con = DBinfo.getConnection();
PreparedStatement ps = (PreparedStatement) con.prepareStatement(sql.toString());
ps.setString(1, date1.toString());
ResultSet resultSet = ps.executeQuery();

You cannot bind a logical operator to a prepared statement using a ? placeholder. One workaround would be to maintain separate queries for the various logical operations:
Map<String, String> queryMap = new HashMap<>();
queryMap.put("=", "SELECT id, name, date_N FROM LECTEUR WHERE date_N = ?");
queryMap.put(">", "SELECT id, name, date_N FROM LECTEUR WHERE date_N > ?");
// etc.
try {
String sql = queryMap.get(operationCB.getValue()); // fetch the appropriate statement
Connection con = DBinfo.getConnection();
PreparedStatement ps = (PreparedStatement) con.prepareStatement(sql);
ps.setDate(1, date1);
ResultSet resultSet = ps.executeQuery();
} catch (SQLException e) {
// handle exception
}

Insert multiple data (List) in MySQL using JDBC

I am trying it from last 2 hour i dont know what is going wrong. also let me know how could i test if the connection is successfull or not.. it is for now.. but still i wanted to know..
Error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, ?)'
My code:
static final String JDBC_DRIVER = "com.mysql.jdbc.Driver";
static final String DB_URL = "jdbc:mysql://localhost:3306/medicinedb";
static final String USER = "root";
static final String PASS = "";
static final String DRIVER = "com.mysql.jdbc.Driver";
public boolean saveMedicine(List<MedicineName> medicineName) throws ClassNotFoundException {
Connection conn = null;
Statement stmt = null;
try {
Class.forName(DRIVER);
//STEP 3: Open a connection
System.out.println("Connecting to database...");
conn = DriverManager.getConnection(DB_URL, USER, PASS);
//STEP 4: Execute a query
System.out.println("Creating statement...");
stmt = conn.createStatement();
for (MedicineName element : medicineName) {
String sql;
sql = " insert into medicinename (name, pgurl)" + " values
( ?, ?)";
System.out.println(conn);
PreparedStatement preparedStmt = conn.prepareStatement(sql);
preparedStmt.setString(1, element.getName());
preparedStmt.setString(2, element.getPgurl());
stmt.executeUpdate(sql);
}
stmt.close();
conn.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return true;
}

Why you are using Statement and Prepared statement. You are performing operations with Statement. Thus it does not have value. Remove the Statement
stmt = conn.createStatement();
And do the following
PreparedStatement preparedStmt = conn.prepareStatement(sql);
preparedStmt.setString(1, element.getName());
preparedStmt.setString(2, element.getPgurl());
//stmt.executeUpdate(sql);
preparedStmt .executeUpdate(sql);

use
String sql = "insert into medicinename (name, pgurl) values (?, ?)";
PreparedStatement preparedStmt = conn.prepareStatement(sql);
preparedStmt.setString (1, element.getName());
preparedStmt.setString (2, element.getPgurl());
preparedStmt.executeUpdate();
you should delete executeUpdate(sql); to executeUpdate();

You mix between your stm and preparedStmt, you have to execute preparedStmt and not stm.
Another thing when you want to executing multiple statements as one unit, its good to work with Statement Batching instead for example :
PreparedStatement preparedStmt;
String sql;
conn.setAutoCommit(false);
for (MedicineName element : medicineName) {
sql = "insert into medicinename (name, pgurl) values (?, ?)";
System.out.println(conn);
preparedStmt = conn.prepareStatement(sql);
preparedStmt.setString(1, element.getName());
preparedStmt.setString(2, element.getPgurl());
preparedStmt.addBatch(sql);
}
preparedStmt.executeBatch();
conn.commit();

Set Default Database name for queries in TERADATA

I have this query:
Connection conn = null;
stmt = conn.createStatement();
stmt.execute("SELECT * FROM school.users");
and I got results from that query. If I try to implement this following code in java to set a default database:
stmt.execute("database school");
ResultSet rs = stmt.executeQuery("SELECT * FROM users");
I have this error:
Exception-> [Teradata Database] [TeraJDBC 14.10.00.17] [Error 3807] [SQLState 42S02] Object 'users' does not exist
Can You see what is Wrong?

Add DATABASE param in the url and try.
eg. url="jdbc:teradata://exampleDns/DATABASE=school"
I hope this is what you are looking for

Try this:
Connection conn = null;
Statement stmt = null;
try{
conn = DriverManager.getConnection(DB_URL, USER, PASS);
stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("SELECT * FROM users");
}
catch(SQLException se){
se.printStackTrace();
finally{
stmt.close();
conn.close();
}

What if you use the executeUpdate "method" of the Statement?
conn = DriverManager.getConnection(DB_URL, USER, PASS);
stmt = conn.createStatement();
stmt.executeUpdate("database school");
ResultSet rs = stmt.executeQuery("SELECT * FROM users");