Home/ Questions/Q 8255671
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T01:36:22+00:00

I was trying to pass a string into a SQL statement that has a

  • 0

I was trying to pass a string into a SQL statement that has a newline, so it threw me an error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE nric = 'S3456789A\n'' at line 1

so I removed the newline by doing a

nric = nric.replace("\n","");

it then threw me the error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE nric = 'S3456789A'' at line 1

Thing is, when I did a System.out.println, the apostrophe didn’t show up, it was just S3456789A instead of S3456789A'. How do I remove the apostrophe?

Code:

getting data and posting from android:

ArrayList<NameValuePair> postParameters = new ArrayList<NameValuePair>();
postParameters.add(new BasicNameValuePair("nric",nric));
response = CustomHttpClient.executeHttpPost("http://172.27.176.181:8080/SRD/SaveLocation", postParameters);

the necessary part from servlet SaveLocation:

String nric = request.getParameter("nric");
    nric = nric.replace("\n", "");
User elder = new User();
    elder.setNric(nric);
    try {
        if(elder.retrieveUserWithNric())
        {

retrieveUserWithNric from User entity class:

public boolean retrieveUserWithNric() throws SQLException
{
    boolean success = false;
    ResultSet rs = null;
    try {
        Context ctx = new InitialContext();
        ds = (DataSource)ctx.lookup("java:comp/env/jdbc/srd");
      } catch (NamingException e) {
          System.out.println("User: Naming Exception");
        e.printStackTrace();
      }
    Connection conn = ds.getConnection();

    PreparedStatement pstmt = null;
    String dbQuery = "SELECT * FROM User WHERE nric = ?";
    System.out.println("retrieveUserwithNric nric is "+nric);
    try {
        pstmt = conn.prepareStatement(dbQuery);
        pstmt.setString(1, nric);
        rs = pstmt.executeQuery();
    } catch (SQLException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    }
    try {
        if (rs.next()) {
            id = rs.getInt("id");
            nric = rs.getString("nric");
            password = rs.getString("password");
            salt = rs.getString("salt");
            name = rs.getString("name");
            mobileNo = rs.getInt("mobile_no");
            address = rs.getString("address");
            postal = rs.getInt("postal_code");
            relativeElderly = rs.getString("relative_elderly");
            role = rs.getString("role");
            organization = rs.getString("organization");
            elderlyList = rs.getString("elderly_list"); 
            // image = rs.getBlob("image");
            success = true;
        }
        else
        {
            System.out.println("rs does not have next");
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
    System.out.println("name is "+name);
    System.out.println("role is "+role);
    conn.close();
    return success;
}
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The apostrophe isn’t there. The error message is enclosed in apostrophes, removing them you get:

    WHERE nric = 'S3456789A'

    Something else is causing this error.

    • 0