List:MySQL on Win32« Previous MessageNext Message »
From:Cadbury Date:August 5 2004 2:24am
Subject:Re: Ignoring or filtering ' char
View as plain text  
oh My God, i didn't see that...
thanx a lot Tiago for helping... :)

--- Tiago Serafim <tserafim@stripped> wrote:

> Hi, 
> 
> In your code you are creating the PreparedStatement,
> but you still
> querying the raw sql string
> 
> > query = "select * from emaildata where UserEmail
> =?
> > order by EmailDate desc limit 1;";
> > ps=con.prepareStatement(query);
> > ps.setString(1,UserLogin);
> > 
> > rs = ps.executeQuery(query); // <<<<------- Here
> is your error
> 
> instead of this line you should use:
> rs = ps.executeQuery(); 
> 
> Hope I helped, 
> 
> 
> On Wed, 4 Aug 2004 03:52:40 -0700 (PDT), Cadbury
> <codename13th@stripped> wrote:
> > gee,thank god,thanx tiago for helping...i'm sorry
> for
> > the late reply..
> > 
> > it does solve my problem..however one problem
> occured
> > when i try to use the preparedstatement twice..
> here's
> > what i mean..before that here's a part of my
> source
> > code.
> > 
> >
> ----------------------------------------------------
> > query = "select status from userinfo where
> UserEmail=?
> > and password =?;";
> > PreparedStatement ps =
> con.prepareStatement(query);
> > ps.setString(1,UserLogin);
> > ps.setString(2,UserPassword);
> > rs = ps.executeQuery();
> > 
> > while (rs.next()){
> >    st = rs.getString("status");
> > }
> > 
> > query = "select * from emaildata where UserEmail
> =?
> > order by EmailDate desc limit 1;";
> > ps=con.prepareStatement(query);
> > ps.setString(1,UserLogin);
> > 
> > rs = ps.executeQuery(query);
> > 
> >
> ----------------------------------------------------
> > the error msg below will appear:
> >
> ----------------------------------------------------
> > Some exception: Syntax error or access violation,
> > message from server: "You have an error in your
> SQL
> > syntax. Check the manual that corresponds to your
> > MySQL server version for the right syntax to use
> near
> > '? order by EmailDate desc limit 1' at line 1"
> >
> ----------------------------------------------------
> > it seems that my second part of the
> > ps=con.prepareStatement(query);
> > can't be executed, although the syntax is
> correct..
> > did i miss anything?
> > 
> > thanks a lot for helping.
> > 
> > 
> > 
> > 
> > --- Tiago Serafim <tserafim@stripped> wrote:
> > 
> > > Hi,
> > >
> > > Here is a tip for you, try to make all your
> inserts
> > > statements
> > > declaring all the fields, like this:
> > > insert into tablename (field1, field2) values
> > > (value1, value2)
> > >
> > > This will avoid lots of troubles when your table
> > > structure changes...
> > >
> > > In Java, you should avoid to create raw querys,
> > > insted use a
> > > PreparedStatement, a PreparedStatement use yours
> > > mysql connector
> > > implemetation to put data in right format....
> > >
> > > Here is a example how your code might look:
> > >
> > > String sql = "INSERT userinfo
> (yourFieldNameHere)
> > > VALUES (?)";
> > >
> > > PreparedStatement ps =
> conn.prepareStatement(sql);
> > >
> > > ps.setString(1, emailSubject);
> > >
> > > ps.execute();
> > >
> > >
> > > Look the javadoc for all methods:
> > >
> >
>
http://java.sun.com/j2se/1.4.2/docs/api/java/sql/PreparedStatement.html
> > >
> > > Hope it helps you....
> > >
> > > ps:sorry my bad english
> > >
> > > Regards,
> > >
> > > On Thu, 29 Jul 2004 19:47:10 -0700 (PDT),
> Cadbury
> > > <codename13th@stripped> wrote:
> > > > hi
> > > >
> > > > i'm using Java to write a program that access
> > > mysql
> > > > database. here's a part of the java program
> source
> > > > code:
> > > >
> > > >
> > >
> >
>
---------------------------------------------------------
> > > > query = "insert into userinfo values ('" +
> > > > emailSubject + "');";
> > > > executeUpdate(query);
> > > >
> > >
> >
>
---------------------------------------------------------
> > > >
> > > > basically what the program does is it will
> insert
> > > an
> > > > incoming email's subject into a mysql table.
> > > >
> > > > the problem occurs when the subject has the
> > > character
> > > > ' in it. For example if the subject is
> something
> > > like
> > > > :"You've got a mail",mysql will give an
> exception
> > > > which looks something like this:
> > > >
> > > >
> > >
> >
>
------------------------------------------------------
> > > > java.sql.SQLException: Syntax error or access
> > > > violation,  message from server: "
> > > > You have an error in your SQL syntax.  Check
> the
> > > > manual that corresponds to your MySQL server
> > > version
> > > > for the right syntax to use near 've got
> > > >
> > > > ','Fri Jul 30 10:11:04 GMT+08:00 2004')' at
> line
> > > 1"
> > > >
> > >
> >
>
------------------------------------------------------
> > > > from what I can see MySql treats the ' char as
> > > part of
> > > > mysql syntax. how can i overcome this problem?
> any
> > > > help are greatly appreciated.
> > > >
> > > > Thanx.
> > > >
> > > > __________________________________
> > > > Do you Yahoo!?
> > > > New and Improved Yahoo! Mail - 100MB free
> storage!
> > > > http://promotions.yahoo.com/new_mail
> > > >
> > > > --
> > > > MySQL Windows Mailing List
> > > > For list archives:
> http://lists.mysql.com/win32
> 
=== message truncated ===



		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
http://promotions.yahoo.com/new_mail 
Thread
Using a Blob with the ByteFX data providerNick Randell16 Jul
  • RE: Using a Blob with the ByteFX data providerReggie Burnett19 Jul
    • RE: Using a Blob with the ByteFX data providerNick Randell20 Jul
      • Suggested settings for dual processor machine?East Bay Technologies20 Jul
      • RE: Using a Blob with the ByteFX data providerReggie Burnett20 Jul
      • Should I use myISAM or InnoDB??East Bay Technologies21 Jul
      • Should I use myISAM or InnoDB??East Bay Technologies23 Jul
      • Suggested settings for dual processor machine?East Bay Technologies23 Jul
RE: Should I use myISAM or InnoDB??PF: MySQL23 Jul
  • Question about Insert StatementDanny Willis23 Jul
    • Re: Question about Insert StatementTata Respecia24 Jul
      • Ignoring or filtering ' charCadbury30 Jul
        • Strange site error.Danny Willis30 Jul
        • Re: Ignoring or filtering ' charTiago Serafim30 Jul
          • Re: Ignoring or filtering ' charCadbury4 Aug
            • Re: Ignoring or filtering ' charTiago Serafim4 Aug
              • Re: Ignoring or filtering ' charCadbury5 Aug
        • Re: Ignoring or filtering ' charPetr Vileta30 Jul
          • Re: Ignoring or filtering ' charTiago Serafim30 Jul
Re: Question about Insert StatementRandy Clamons24 Jul