Win a copy of Murach's Java Programming this week in the Beginning Java forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax;  RSS feed

 
tangara goh
Ranch Hand
Posts: 240
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

Can someone tell me what's wrong with the below sql please cos I thought it is the same format at my the other sql statement....

project being the database name follows by the table name (teaches_subject) and then the column name...

Basically, I am using this in a GeneratedKeys() code;

the tutor_id will be the value of the generated keys.





Eclipse said that my sql has error... so I am showing my sql here...

Hope someone can tell me the wrong error...

tks.
 
Ron McLeod
Saloon Keeper
Posts: 1527
210
Android Angular Framework Eclipse IDE Java Linux MySQL Database Redhat TypeScript
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
tangara goh wrote:Eclipse said that my sql has error...

What exactly was the message?
 
Brian Tkatch
Bartender
Posts: 593
25
Linux Notepad Oracle
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
project being the database name follows by the table name (teaches_subject) and then the column name...

Table name comes after the schema, not the database name. In SQL Server, you can use database..table, if you want to specify the database name but not the schema name.
 
tangara goh
Ranch Hand
Posts: 240
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ron McLeod wrote:
tangara goh wrote:Eclipse said that my sql has error...

What exactly was the message?


Hi Ron,

Here's the error message


 
Jesper de Jong
Java Cowboy
Sheriff
Posts: 15985
86
Android IntelliJ IDE Java Scala Spring
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Aha. Can you show how you are using this SQL statement exactly? The error is most likely in that piece of code.

You should use this SQL statement with class PreparedStatement, and set the appropriate parameter on the PreparedStatement object.
 
tangara goh
Ranch Hand
Posts: 240
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I managed to find the error now :

"INSERT INTO table name(tutor_id)"
+ "VALUES ('" +
+ tutor_Id
+ "' )";
 
Knute Snortum
Sheriff
Posts: 3830
91
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm not sure that's a good solution.  It leaves you vulnerable to SQL injection attacks.  I'd follow Jesper's suggestion about using a PreparedStatement.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!