The query is working fine in MySQL db. I have this query in my

Question

0

Asked: June 17, 20262026-06-17T20:27:38+00:00 2026-06-17T20:27:38+00:00

The query is working fine in MySQL db. I have this query in my

0

The query is working fine in MySQL db. I have this query in my JDBC application. And I’m getting some compile time error.
My input objects are s1 and s2, where s1 contains january and s2 contains 2013. Both datatypes are VARCHAR. I am facing a problem in quotes.
Please suggest some correction.

String QueryString = "SELECT reading,totalcost,paiddate,receiptnumber FROM userseven WHERE (readingmonth = '"+s1+"' AND readingyear='"+s2+"'");

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-17T20:27:39+00:00

You should better use PreparedStatementfor such purpose. So your query will look like this:

 String QueryString = "SELECT reading,totalcost,paiddate,receiptnumber FROM userseven WHERE
 readingmonth = ? AND readingyear= ?;

Then create PreparedStatement from connection object like this:

PreparedStatement stmt = conn.prepareStatement(QueryString);

And then set parameters for that statement like this:

stmt.setString(1, s1);
stmt.setString(2, s2);

Such modifications will save you from potential sql injection and simply simplify the process of building complex query

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

The query is working fine in MySQL db. I have this query in my

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply