1

I am trying to query a Firebird database from a Java application. This query contains 2 integer variables and 1 string. The query looks like this:

Statement statement = conn.createStatement();

ResultSet rs = statement.executeQuery("select * from table where
  column1 < " + intvariable1 + " and ( 
  column2 > " + intvariable2 +" or column2 = 0) and 
  column3 = '" + stringvariable + "' ";

Rs.next();
syso(rs.getInt(1));

It appears that the ResultSet is empty but when I use a hardcoded string value instead of a variable I get the expected result.

I also tried this with preparedstatements with the same result - it is only working without string variable.

Any ideas what I am doing wrong?

EDIT: Problem solved! The Stringvariable came from a BLOB Field and had some empty values within it. Calling the trim function deleted those.

Sven D
  • 53
  • 6
  • seems like the issue with data passed through the variables – Vasu Dec 01 '16 at 20:13
  • 2
    You have a leading and a trailing whitespace in your query, around the string value. Please, please learn to use prepared statements. – JB Nizet Dec 01 '16 at 20:13
  • 1
    Please show the values used, and the data in the table you expect to be returned. And please, use a prepared statement (and use it correctly!), do not concatenate values into a query string. – Mark Rotteveel Dec 02 '16 at 11:14

1 Answers1

0

I noticed that in the "column3" line you have a space after the opening quote and before the closing quote. Unless you are deliberately trying to match strings that start and end with a space, you won't find results. If not, cut out the spaces:

column3 = '" + stringvariable + "' ";
Jeremy Gurr
  • 1,613
  • 8
  • 11
  • Ye this was on purpose because when i wrote this on my Phone it seems to be pretty Hard to See the difference between " and '. Guess in the end it was even more missleading this way. Edited it – Sven D Dec 01 '16 at 20:43