I am a Programmer learner. I want to get MySQL query in following format

Question

0

Editorial Team

Asked: June 17, 20262026-06-17T08:30:18+00:00 2026-06-17T08:30:18+00:00

I am a Programmer learner. I want to get MySQL query in following format

0

I am a Programmer learner.

I want to get MySQL query in following format

 select status from training where status in ("Open", "Delivered")

from my code

if(params.openCheckBox){
    query +=" ( t.status  IN ("+params.openCheckBox+", "+params.DeliveredCheckBox+")" 
    query +=" )"
}

but it gives

   select status from training where status in (Open, Delivered)

Here “” (double quote is missing)

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-17T08:30:19+00:00

escape double quotes with \, MySQL Accepts double quotes to wrap strings.

query +=" ( t.status  IN (\""+params.openCheckBox+"\", \""+params.DeliveredCheckBox+"\")" 
query +=" )"

or
just use single quote

query +=" ( t.status  IN ('"+params.openCheckBox+"', '"+params.DeliveredCheckBox+"')" 
query +=" )"

the query above is vulnerable with sql injection. make use of PreparedStatement like the one below

Code Snippet:

dbConnection = getDBConnection();
String query = "SELECT .... FROM .... WHERE t.status IN (?, ?)";
PreparedStatement preparedStatement = dbConnection.prepareStatement(query);
preparedStatement.setString(1, params.openCheckBox);
preparedStatement.setString(2, params.DeliveredCheckBox);
ResultSet rs = preparedStatement.executeQuery();

SOURCES

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am a Programmer learner. I want to get MySQL query in following format

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply