java - Prepared statement execute query error (com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException) -

August 15, 2012

i have written simple method string out of database:

    public string getuserstring(int id, string table, string column) {     string output = null;     try {         string sql = "select ? ? id=?;";         preparedstatement preparedstatement = getconnection().preparestatement(sql);         preparedstatement.setstring(1, column);         preparedstatement.setstring(2, table);         preparedstatement.setint(3, id);         resultset resultset = preparedstatement.executequery();         while (resultset.next()) {             output = resultset.getstring(column);         }     } catch (sqlexception e) {         e.printstacktrace();     }     return output; }

but when try use this: coremysql.getuserstring(1, "economy", "balance");

i error: https://pastebin.com/bmamn4xh

you can't set table name , column names setxxx method(s) preparedstatement. can used set values.

however, can simple string replace substitute table names , column names, e.g.:

string query = select <column> <table> id=?; string sql = query.replaceall("<column>", column).replaceall("<table>", table); preparedstatement preparedstatement = getconnection().preparestatement(sql); preparedstatement.setint(1, id); resultset resultset = preparedstatement.executequery(); while (resultset.next()) {     output = resultset.getstring(column); }

Search This Blog

TY

java - Prepared statement execute query error (com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException) -

Comments

Post a Comment

Popular posts from this blog

networking - Vagrant-provisioned VirtualBox VM is not reachable from Ubuntu host -

c# - ASP.NET Core - There is already an object named 'AspNetRoles' in the database -

ruby on rails - ArgumentError: Missing host to link to! Please provide the :host parameter, set default_url_options[:host], or set :only_path to true -