'Error when trying to issue data manipulation statements with executeUpdate
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''firstName', 'lastName', 'email', 'address', 'userName', 'password') VALUES ('nu' at line 1
I am getting above error when I'm running my gui to input data into the table.
I'm using the code below
class registerInterface extends JFrame {
static final String DATABASE_URL = "jdbc:mysql://localhost:3306/mysql";
static final String JDBC_DRIVER = "com.mysql.jdbc.Driver";
static final String USERNAME = "root";
static final String PASSWORD = "root";
private JTextField jtfFname, jtfLname, jtfAddress1, jtfAddress2, jtfCity, jtfZipcode, jtfState, jtfUsername, jtfPassword, jtfPassConfirm, jtfEmail, jtfdtype;
private JButton exitButton, backButton, clearButton, submitButton;
private JMenuItem jmiBack, jmiClear, jmiSubmit, jmiExit, jmiHelp, jmiAbout;
String first, last, email, address, username, password, dtype;
// launch the application
public void Create() {
Connection conn = null;
try {
Class.forName(JDBC_DRIVER).newInstance();
conn = DriverManager.getConnection(DATABASE_URL, USERNAME, PASSWORD);
PreparedStatement statement = conn.prepareStatement("INSERT INTO person ('firstName', 'lastName', 'email', 'address', 'userName', 'password') "
+ "VALUES ('" + first + "', '" + last + "', '" + email + "', '" + address + "', '" + username + "', '" + password + ")");
statement.executeUpdate();
} catch (Exception e) {
e.printStackTrace();
}
}
registerInterface() {
//create menu bar
JMenuBar regMenuBar = new JMenuBar();
//set menu bar to the applet
setJMenuBar(regMenuBar);
//add menu "operation" to menu bar
JMenu optionsMenu = new JMenu("Options");
optionsMenu.setMnemonic('O');
regMenuBar.add(optionsMenu);
//add menu "help"
JMenu helpMenu = new JMenu("Help");
helpMenu.setMnemonic('H');
helpMenu.add(jmiAbout = new JMenuItem("About", 'A'));
regMenuBar.add(helpMenu);
//add menu items with mnemonics to menu "options"
optionsMenu.add(jmiSubmit = new JMenuItem("Submit", 'S'));
optionsMenu.add(jmiClear = new JMenuItem("Clear", 'C'));
optionsMenu.add(jmiBack = new JMenuItem("Back", 'B'));
optionsMenu.addSeparator();
optionsMenu.add(jmiExit = new JMenuItem("Exit", 'E'));
//panel p1 to holds text fields
JPanel p1 = new JPanel(new GridLayout(11, 11));
p1.add(new JLabel("First Name: "));
p1.add(jtfFname = new JTextField(15));
p1.add(new JLabel("Last Name: "));
p1.add(jtfLname = new JTextField(15));
p1.add(new JLabel("Street Address 1: "));
p1.add(jtfAddress1 = new JTextField(15));
p1.add(new JLabel("E-mail Address: "));
p1.add(jtfEmail = new JTextField(15));
p1.add(new JLabel("Username: "));
p1.add(jtfUsername = new JTextField(15));
p1.add(new JLabel("Password: "));
p1.add(jtfPassword = new JPasswordField(15));
//p1.add(new JLabel("jtfdtype: "));
//p1.add(jtfdtype = new JTextField(15));
//panel p2 to holds buttons
JPanel p2 = new JPanel(new FlowLayout());
p2.add(exitButton = new JButton("Exit"));
p2.add(backButton = new JButton("Back"));
p2.add(clearButton = new JButton("Clear"));
p2.add(submitButton = new JButton("Submit"));
//Panel with image??????
//add panels to frame
JPanel panel = new JPanel(new GridLayout(2, 1));
panel.add(p1, BorderLayout.CENTER);
panel.add(p2, BorderLayout.SOUTH);
add(panel, BorderLayout.CENTER);
//listners for exit menuitem and button
jmiExit.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
System.exit(0);
}
});
exitButton.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
System.exit(0);
}
});
//listner for about menuitem
jmiAbout.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
JOptionPane.showMessageDialog(null,
"This is the registration panel"
+ "\n Assignment for University",
"About", JOptionPane.INFORMATION_MESSAGE);
}
});
//listners for clear menuitem and button
jmiClear.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
jtfFname.setText("");
jtfLname.setText("");
jtfAddress1.setText("");
jtfEmail.setText("");
jtfUsername.setText("");
jtfPassword.setText("");
}
});
clearButton.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
jtfFname.setText("");
jtfLname.setText("");
jtfAddress1.setText("");
jtfEmail.setText("");
jtfUsername.setText("");
jtfPassword.setText("");
}
});
//action listeners for back buttons and redister menuitem
backButton.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
Welcome welcome = new Welcome();
welcome.setVisible(true);
welcome.setSize(500, 500);
welcome.setLocationRelativeTo(null);
registerInterface regFace = new registerInterface();
regFace.setVisible(false);
registerInterface.this.dispose();
registerInterface.this.setVisible(false);
}
});
jmiBack.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
Welcome welcome = new Welcome();
welcome.setVisible(true);
welcome.setLocationRelativeTo(null);
registerInterface regFace = new registerInterface();
regFace.setVisible(false);
registerInterface.this.dispose();
registerInterface.this.setVisible(false);
}
});
//action listeners for Login in button and menu item
submitButton.addActionListener(new ActionListener() {
@Override
public void actionPerformed(ActionEvent e) {
String a = jtfFname.getText();
String b = jtfLname.getText();
String c = jtfEmail.getText();
String d = jtfAddress1.getText();
String u = jtfUsername.getText();
String f = jtfPassword.getText();
// String g = jtfdtype.getText();
Create();
}
});
}
}
and this is the table im using
CREATE TABLE PERSON (
ID SMALLINT UNSIGNED NOT NULL AUTO_INCREMENT,
firstName VARCHAR (50) NOT NULL,
lastName VARCHAR (50) NOT NULL,
email VARCHAR (50) NOT NULL,
address VARCHAR (50),
city VARCHAR (20),
userName VARCHAR (20) NOT NULL,
password VARCHAR (20) NOT NULL,
dtype VARCHAR (20) NOT NULL,
PRIMARY KEY (ID),
UNIQUE KEY (email)
);
Solution 1:[1]
Don't use prepared statement in this way. Your code is vulnerable to SQL injection.
Use prepared statement in this way:
PreparedStatement statement = conn.prepareStatement(
"INSERT INTO person (firstName, lastName, email, address, userName, password) "
+ "VALUES (? , ?, ?, ?, ?, ?)";
statement.setString( 1, first);
statement.setString( 2, last );
statement.setString( 3, email );
statement.setString( 4, address );
statement.setString( 5, username );
statement.setString( 6, password );
statement.executeUpdate();
this also prevents from silly mistakes like missing apostrophes.
Here is a tutorial how to use PreparedStatement : http://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html
Solution 2:[2]
You missing ' at last of your statement. Your statement should like:
PreparedStatement statement =
conn.prepareStatement("INSERT INTO person ('firstName', 'lastName', 'email',
'address', 'userName', 'password') "
+ "VALUES ('" + first + "', '" + last + "', '" + email + "',
'" + address + "', '" + username + "', '" + password + "')");
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | |
| Solution 2 | Masudul |