Correct use of Prepared statements in java



  • https://ru.stackoverflow.com/questions/574230/prepared-statements-%D0%B2-java-%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0-%D0%B2-%D1%81%D0%B8%D0%BD%D1%82%D0%B0%D0%BA%D1%81%D0%B8%D1%81%D0%B5 , after which I changed the code, adding an example:

      protected static boolean postDatabase(String [] loginData, HttpServletResponse response) throws IOException {
    
    try {
    
        output = response.getWriter();
    
        Class.forName("com.mysql.jdbc.Driver");
    
        connection = DriverManager.getConnection(URL,USER_NAME,PASSWORD);
    
        String checkingUser = "SELECT nick_name,email,password FROM users WHERE nick_name = ?";
    
        PreparedStatement preparedStatement = connection.prepareStatement(checkingUser);
        preparedStatement.setString(1,loginData[0]);
        ResultSet resultSet = preparedStatement.executeQuery(checkingUser);
    
        int passwordColumn = resultSet.findColumn("password");
    
        if(resultSet.getString(passwordColumn).equals(loginData[1])) {
    
            int emailColumn = resultSet.findColumn("email");
    
            if(resultSet.getString(emailColumn).equals(loginData[2])){
                return  true;
            }
        }
    
    } catch (IOException ioError) {
        ResponseDataHandler.ToJSONresponse(ioError.toString(),response);
    } catch (ClassNotFoundException notFound) {
        ResponseDataHandler.ToJSONresponse(notFound.toString(),response);
    } catch (SQLException sql) {
        ResponseDataHandler.ToJSONresponse(sql.toString(),response);
    }finally {
        try {
            connection.close();
        } catch (SQLException sql) {
            ResponseDataHandler.ToJSONresponse(sql.toString(),response);
        }
    }
    
    return false;
    

    }

    }

    com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1

    But this code is below:

    protected void postDataBase(User user, HttpServletResponse response) throws IOException {

    try {
    
        output = response.getWriter();
    
        System.out.print(user);
    
        Class.forName("com.mysql.jdbc.Driver");
    
        connection = DriverManager.getConnection(URL,USER_NAME,PASSWORD);
    
        String creatingUser = "INSERT INTO coupon_system.users(nick_name, first_name, last_name, password, email) VALUES (?,?,?,?,?)";
    
        String creatingUserRole = "INSERT INTO roles (rol, nickname) VALUES (?,?)";
    
        PreparedStatement createUser = connection.prepareStatement(creatingUser);
        createUser.setString(1,user.getNickName());
        createUser.setString(2,user.getFirstName());
        createUser.setString(3,user.getLastName());
        createUser.setString(4,user.getPassword());
        createUser.setString(5,user.getEmail());
        createUser.execute();
    
        PreparedStatement createRole = connection.prepareStatement(creatingUserRole);
        createRole.setString(1,user.getCustomerType());
        createRole.setString(2,user.getNickName());
        createRole.execute();
    
        ResponseDataHandler.ToJSONresponse("Success",response);
    
    } catch (com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException duplicate){
    
        ResponseDataHandler.ToJSONresponse(duplicate.toString(),response);
    
    }catch (ClassNotFoundException notFound){
    
        ResponseDataHandler.ToJSONresponse(notFound.toString(),response);
    }
    catch (SQLException sql){
    
        ResponseDataHandler.ToJSONresponse(sql.toString(),response);
    }catch (IOException io){
    
        ResponseDataHandler.ToJSONresponse(io.toString(),response);
    } finally {
    
        try {
            connection.close();
        } catch (SQLException sql) {
    
            ResponseDataHandler.ToJSONresponse(sql.toString(),response);
        }
    }
    

    }
    }

    I can't understand the mistake I'm getting. If there was a connection to the MySQL Server version of my PC, this design was also not supposed to work. If anyone's faced with this, I'm happy to help!



  • According to the en-so, you need to start asking without argument.

    https://stackoverflow.com/a/24692705/3212712

    ResultSet resultSet = preparedStatement.executeQuery();




Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2