Java Answers Forum - Database query using string

Articles |
News |
Weblogs |
Books |
Forums

Artima Forums | Articles | Weblogs | Java Answers | News

Sponsored Link •

Java Answers Forum
Database query using string

3 replies on 1 page. Most recent reply: Aug 7, 2003 2:01 PM by Mik Lernout

Welcome Guest
Sign In

Back to Topic List

Reply to this Topic

Search Forum

Threaded View


Previous Topic		Next Topic

Flat View: This topic has 3 replies on 1 page

tim foulkes

Posts: 3
Nickname: timfoulkes
Registered: Aug, 2003

Database query using string

Posted: Aug 7, 2003 4:34 AM

Hi!
I'm wanting to search a database using a string in the query.

The user will enter their name which will be stored as a string, then I want to use that string in the query.

I'm unsure of how to call the string in the query:

results = statement.executeQuery ("SELECT * FROM users" + " WHERE name='string'");

Any help will be greatly appreciated...
Thanks !

Pawel Kaczynski

Posts: 1
Nickname: pawel71
Registered: Aug, 2003

Re: Database query using string

Posted: Aug 7, 2003 7:08 AM

results = statement.executeQuery ("SELECT * FROM users" + " WHERE name="+string); ?

PK

David

Posts: 150
Nickname: archangel
Registered: Jul, 2003

Re: Database query using string

Posted: Aug 7, 2003 8:12 AM

Also investigate java.sql.PreparedStatement.

Mik Lernout

Posts: 10
Nickname: miklernout
Registered: Jan, 2003

Re: Database query using string

Posted: Aug 7, 2003 2:01 PM

The 'right' way to do this, is by using the following code fragment:


PreparedStatement selectStatement = con.prepareStatement("SELECT * FROM users WHERE name = ?");
selectStatement.setString(0, "userName");
ResultSet result = selectStatement.executeQuery();

This way you don't have to take care of escaping the "userName" for any special SQL - characters and you allow at the same time to let the JDBC driver make some performance optimizations by using a PreparedStatement.

Flat View: This topic has 3 replies on 1 page

Previous Topic

Next Topic


	Web Artima.com