-7
"SELECT * FROM products WHERE product_name = ?";

This is the error message i am getting

This is my code

String sql = "SELECT * FROM posdb.products WHERE products.product_name = ?";
PreparedStatement ps = myCon.CreateConnection().prepareStatement(sql);

This is the error message I am getting:

You have an error in your sql statement, check the manual that 
  corresponds to your MariaDB server version for the right 
  syntax to use near '?' at line 1
Andrew Thompson
  • 168,117
  • 40
  • 217
  • 433
Acid
  • 1
  • 2
  • 5
    Please post your error message and your code as code-formatted text. Otherwise it is hard for us to copy, paste and try to run it. Also some here cannot see images due to firewall restrictions. Also please put more detail into your question including explanatory text and background information -- anything that would help us to better understand your code, question and your problem. Please go through the [ask]. – Hovercraft Full Of Eels Jul 01 '18 at 12:20
  • This is the error message " You have an error in your sql statement, check the manual that corresponds to your MariaDB server version for the right syntax to use near '?' at line 1 – Acid Jul 01 '18 at 12:30
  • Possible duplicate of [mysql prepared statement java](https://stackoverflow.com/questions/14147963/mysql-prepared-statement-java) – KompjoeFriek Jul 01 '18 at 12:39

1 Answers1

0

When you use a PreparedStatement you need to replace each "?" with a valid value before doing the actual query.

So the basics of the code would be:

String sql = "Select * from SomeTable where SomeColumn = ?";

PreparedStatement stmt = connection.prepareStatement(sql);
stmt.setString(1, someColumnVariable);

ResultSet rs = stmt.executeQuery();
camickr
  • 321,443
  • 19
  • 166
  • 288