When I try to run the code below I am getting:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1`
String query="Select * from DB.Admin where username = ?";
PreparedStatement st=connection.prepareStatement(query);
st.setString(1,request.getParameter("loginid"));
ResultSet rst= st.executeQuery(query);
int count=0;
while(rst.next()){
count++;
}
Please help me in this.
解决方案
You will have to remove the query argument from your executeQuery call. If you provide the parameter, the query will be executed without binding any values (see Statement for details) - this is why the syntax (i.e. the ?) is invalid.
Execute the query like this:
ResultSet rst = st.executeQuery();
As a side note: you should always wrap Connection, PreparedStatement and ResultSet with a try-with-resources block, e.g.
try (ResultSet rst = st.executeQuery()) {
// read the results
}
This way you can be sure the ResultSet will be closed no matter what happens.