From: Date: August 5 2004 4:24am Subject: Re: Ignoring or filtering ' char List-Archive: http://lists.mysql.com/win32/15351 Message-Id: <20040805022433.56567.qmail@web60210.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii oh My God, i didn't see that... thanx a lot Tiago for helping... :) --- Tiago Serafim wrote: > Hi, > > In your code you are creating the PreparedStatement, > but you still > querying the raw sql string > > > query = "select * from emaildata where UserEmail > =? > > order by EmailDate desc limit 1;"; > > ps=con.prepareStatement(query); > > ps.setString(1,UserLogin); > > > > rs = ps.executeQuery(query); // <<<<------- Here > is your error > > instead of this line you should use: > rs = ps.executeQuery(); > > Hope I helped, > > > On Wed, 4 Aug 2004 03:52:40 -0700 (PDT), Cadbury > wrote: > > gee,thank god,thanx tiago for helping...i'm sorry > for > > the late reply.. > > > > it does solve my problem..however one problem > occured > > when i try to use the preparedstatement twice.. > here's > > what i mean..before that here's a part of my > source > > code. > > > > > ---------------------------------------------------- > > query = "select status from userinfo where > UserEmail=? > > and password =?;"; > > PreparedStatement ps = > con.prepareStatement(query); > > ps.setString(1,UserLogin); > > ps.setString(2,UserPassword); > > rs = ps.executeQuery(); > > > > while (rs.next()){ > > st = rs.getString("status"); > > } > > > > query = "select * from emaildata where UserEmail > =? > > order by EmailDate desc limit 1;"; > > ps=con.prepareStatement(query); > > ps.setString(1,UserLogin); > > > > rs = ps.executeQuery(query); > > > > > ---------------------------------------------------- > > the error msg below will appear: > > > ---------------------------------------------------- > > Some exception: Syntax error or access violation, > > message from server: "You have an error in your > SQL > > syntax. Check the manual that corresponds to your > > MySQL server version for the right syntax to use > near > > '? order by EmailDate desc limit 1' at line 1" > > > ---------------------------------------------------- > > it seems that my second part of the > > ps=con.prepareStatement(query); > > can't be executed, although the syntax is > correct.. > > did i miss anything? > > > > thanks a lot for helping. > > > > > > > > > > --- Tiago Serafim wrote: > > > > > Hi, > > > > > > Here is a tip for you, try to make all your > inserts > > > statements > > > declaring all the fields, like this: > > > insert into tablename (field1, field2) values > > > (value1, value2) > > > > > > This will avoid lots of troubles when your table > > > structure changes... > > > > > > In Java, you should avoid to create raw querys, > > > insted use a > > > PreparedStatement, a PreparedStatement use yours > > > mysql connector > > > implemetation to put data in right format.... > > > > > > Here is a example how your code might look: > > > > > > String sql = "INSERT userinfo > (yourFieldNameHere) > > > VALUES (?)"; > > > > > > PreparedStatement ps = > conn.prepareStatement(sql); > > > > > > ps.setString(1, emailSubject); > > > > > > ps.execute(); > > > > > > > > > Look the javadoc for all methods: > > > > > > http://java.sun.com/j2se/1.4.2/docs/api/java/sql/PreparedStatement.html > > > > > > Hope it helps you.... > > > > > > ps:sorry my bad english > > > > > > Regards, > > > > > > On Thu, 29 Jul 2004 19:47:10 -0700 (PDT), > Cadbury > > > wrote: > > > > hi > > > > > > > > i'm using Java to write a program that access > > > mysql > > > > database. here's a part of the java program > source > > > > code: > > > > > > > > > > > > > > --------------------------------------------------------- > > > > query = "insert into userinfo values ('" + > > > > emailSubject + "');"; > > > > executeUpdate(query); > > > > > > > > > > --------------------------------------------------------- > > > > > > > > basically what the program does is it will > insert > > > an > > > > incoming email's subject into a mysql table. > > > > > > > > the problem occurs when the subject has the > > > character > > > > ' in it. For example if the subject is > something > > > like > > > > :"You've got a mail",mysql will give an > exception > > > > which looks something like this: > > > > > > > > > > > > > > ------------------------------------------------------ > > > > java.sql.SQLException: Syntax error or access > > > > violation, message from server: " > > > > You have an error in your SQL syntax. Check > the > > > > manual that corresponds to your MySQL server > > > version > > > > for the right syntax to use near 've got > > > > > > > > ','Fri Jul 30 10:11:04 GMT+08:00 2004')' at > line > > > 1" > > > > > > > > > > ------------------------------------------------------ > > > > from what I can see MySql treats the ' char as > > > part of > > > > mysql syntax. how can i overcome this problem? > any > > > > help are greatly appreciated. > > > > > > > > Thanx. > > > > > > > > __________________________________ > > > > Do you Yahoo!? > > > > New and Improved Yahoo! Mail - 100MB free > storage! > > > > http://promotions.yahoo.com/new_mail > > > > > > > > -- > > > > MySQL Windows Mailing List > > > > For list archives: > http://lists.mysql.com/win32 > === message truncated === __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - Send 10MB messages! http://promotions.yahoo.com/new_mail