Home/ Questions/Q 7790993
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T21:45:14+00:00

I have been toiling with this issue all day. After reading the benefits between

  • 0

I have been toiling with this issue all day.
After reading the benefits between Statements(S) and PreparedStatements(PS) I decided to convert all my S’s to PS’s in Netbeans.
I was astounded to see that there were no errors but…no output from the execution of my code either.

import java.sql.*;
public class ViewingMySQL {
public static void main(String[] args) {

 //Declare Variables
 Connection con;
 ResultSet rs;
 Statement stmt;
 String sqlappname;

 PreparedStatement findAppID_lookup= null;
 String findAppID_lookup_stmt="select app.ID as APPID" 
 +" from IntergraphIN_AppTranslation" 
 +" inner    join app on app.unit=IntergraphIN_AppTranslation.UnitName" 
 +" where IntergraphIN_AppTranslation.IntergraphUnitName=(?)";

try{
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
con = DriverManager.getConnection("jdbc:odbc:database","username","password");
sqlappname="'XXXY01'";
findAppID_lookup= con.prepareStatement(findAppID_lookup_stmt);
findAppID_lookup.setString(1, sqlappname);
rs = findAppID_lookup.executeQuery();

if(rs.next()){
System.out.println(rs.getInt("APPID"));
}

rs.close();
findAppID_lookup.close();

}
 catch(Exception e){
 System.err.println(e);
 }
}
}`

When the above code executes and builds…without output.
run:
BUILD SUCCESSFUL (total time: 1 second)

What I had originally was:

import java.sql.*;

public class ViewingMySQL {

public static void main(String[] args) {
//Declare Vars
Connection con;
ResultSet rs;
Statement stmt;
String sqlappname;

try{

Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
con = DriverManager.getConnection("jdbc:odbc:Database","username","password");

sqlappname="'XXXY01'";

stmt = con.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,
                            ResultSet.CONCUR_READ_ONLY);

rs = stmt.executeQuery("SELECT ID FROM app where AppName="+sqlappname);
if(!rs.isBeforeFirst()){
    rs.close();
    rs = stmt.executeQuery("select app.ID from IntergraphIN_AppTranslation"
    +" inner join app"
    +" on app.unit=IntergraphIN_AppTranslation.UnitName"
    +" where IntergraphIN_AppTranslation.IntergraphUnitName="+sqlappname);
}

if(rs.next()){
System.out.println(rs.getInt(1));
}
rs.close();
stmt.close();
con.close();
}catch(Exception e){
System.err.println(e);
}
}
}`

This code outputs:
run:
2020603
BUILD SUCCESSFUL (total time: 1 second)

The Int that you see above is the ID of the column that I’m looking for.

Can someone please help me with understanding what I’m doing…is it the formatting of the variable that I’m passing into the PS?
Thanks,
SCorliss

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Change this:

    sqlappname="'XXXY01'";

    to this:

    sqlappname="XXXY01";

    UPDATE re comments:

    PreparedStatements have multiple benefits. For example:

    • it can help protect from sql injection: the input is bound to a variable, the input is not used to create the statement

    • the rdbms can probably make use of statement caching if only the bind variables change (rather than changing the sql statement itself)

    • the statements can be a lot easier to read: you don’t have to mess around with quoting quotes etc

    In this case it seems the meaning of the quoting became confused. In the original: sqlappname=”‘XXXY01′”, the double quote was to declare the java String, the single quote the sql string. In the prepared version: sqlappname=”XXXY01″, we are just saying “this is the String to bind” and we specifiy on the prepared statement that our bind is going to be a String.

    • 0