SQL Syntax Error In Java and MySql SELECT Query -


i developing basic program has 3 jframes. log-in, registration , dashboard opened after successful log-in attempt. however, getting error after typing in username , password , clicking log-in button.

here's error:

com.mysql.jdbc.exceptions.jdbc4.mysqlsyntaxerrorexception: have error in sql syntax; check manual corresponds mariadb server version right syntax use near ' password='1234'' @ line 1

and here's code:

import java.awt.borderlayout; import java.awt.eventqueue;  import javax.swing.jframe; import javax.swing.jpanel; import javax.swing.border.emptyborder;  import com.mysql.jdbc.statement;  import javax.swing.jlabel; import javax.swing.joptionpane; import javax.swing.imageicon; import java.awt.font; import javax.swing.jtextfield; import javax.swing.jbutton; import java.awt.event.actionlistener; import java.sql.connection; import java.sql.drivermanager; import java.sql.resultset; import java.awt.event.actionevent;  public class login extends jframe {  private jpanel contentpane; private jtextfield txtusrname; private jtextfield txtpass;  /**  * launch application.  */ public static void main(string[] args) {     eventqueue.invokelater(new runnable() {         public void run() {             try {                 login frame = new login();                 frame.setvisible(true);             } catch (exception e) {                 e.printstacktrace();             }         }     }); }  /**  * create frame.  */ public login() {     setdefaultcloseoperation(jframe.hide_on_close);     setbounds(100, 100, 450, 348);     contentpane = new jpanel();     contentpane.setborder(new emptyborder(5, 5, 5, 5));     setcontentpane(contentpane);     contentpane.setlayout(null);      jlabel lbllogin = new jlabel("welcome techapp");     lbllogin.setfont(new font("tekton pro", font.plain, 18));     lbllogin.setbounds(135, 19, 163, 28);     contentpane.add(lbllogin);      jlabel lblusername = new jlabel("username:");     lblusername.setfont(new font("alaska", font.plain, 15));     lblusername.setbounds(174, 58, 88, 28);     contentpane.add(lblusername);      txtusrname = new jtextfield();     txtusrname.setbounds(145, 90, 132, 20);     contentpane.add(txtusrname);     txtusrname.setcolumns(10);      jlabel lblpassword = new jlabel("password:");     lblpassword.setfont(new font("alaska", font.plain, 15));     lblpassword.setbounds(182, 118, 95, 46);     contentpane.add(lblpassword);      txtpass = new jtextfield();     txtpass.setcolumns(10);     txtpass.setbounds(145, 156, 132, 20);     contentpane.add(txtpass);      jbutton btnnewbutton = new jbutton("login");     btnnewbutton.addactionlistener(new actionlistener() {         public void actionperformed(actionevent e) {               string _username = txtusrname.gettext();             string _password = txtpass.gettext();             string url = "jdbc:mysql://127.0.0.1:3306/javabase";             string user = "java";             string passw = "password";              try{                 // 1.get connection database                 connection myconn = drivermanager.getconnection(url, user, passw);                  // 2.create statement                 statement mystmt = (statement) myconn.createstatement();                  // 3.execute sql query                 string sql = "select userame, password registration userame='"+_username+"', password='"+_password+"' ";                 resultset result = mystmt.executequery(sql);                 //mystmt.executeupdate(sql);                  int count = 0;                 while(result.next()){                     count = count + 1;                 }                 if(count == 1){                     dashboard frame = new dashboard();                     frame.setvisible(true);                 }                 else if(count > 1){                     joptionpane.showmessagedialog(null, "duplicate user! access denied!");                 }                 else{                     joptionpane.showmessagedialog(null, "user not found!");                 }               }             catch(exception ex)             {                 ex.printstacktrace();             }              }     });     btnnewbutton.setbounds(169, 202, 89, 49);     contentpane.add(btnnewbutton);      jbutton btnregister = new jbutton("register");     btnregister.addactionlistener(new actionlistener() {         public void actionperformed(actionevent e) {             main frame = new main();             frame.setvisible(true);         }     });     btnregister.setbounds(168, 264, 89, 23);     contentpane.add(btnregister);      jlabel lblnewlabel = new jlabel("");     lblnewlabel.setfont(new font("alaska", font.plain, 16));     lblnewlabel.seticon(new imageicon("d:\\exploitgate\\mas-9831-offwhite2.jpg"));     lblnewlabel.setbounds(0, 0, 434, 310);     contentpane.add(lblnewlabel); } }

i've searched stackoverflow forum , carried out possible solution given here can please guide me how handle error? in advance :)

all of above code useless. it's sql syntax error, means it's 1 line:

... userame='"+_username+"', password='"+_password+"' ";                                  ^---

you don't use , separate where clause arguments. use boolean operations. and, or, etc...

and note you're vulnerable sql injection attacks


Comments

Post a Comment

Popular posts from this blog

jOOQ update returning clause with Oracle -

according http://www.jooq.org/doc/3.8/manual/sql-building/sql-statements/update-statement/ jooq doesn't support returning clause in update statements databases except firebird , postgres. does know, still correct oracle jooq? according oracle's documentation, oracle db supports returning clase delete, insert, or update statements. incorrect manual you're right - manual wrong , should fixed: https://github.com/jooq/jooq/issues/5470 single row update returning jooq 3.8 added support single row update .. returning statements. internally, uses callablestatement , pl/sql block of form: begin update "my_table" set "my_table"."column" = 'xyz' "my_table"."id" = 1 returning "my_table"."id", "my_table"."column" ?, ?; ? := sql%rowcount; end; the relevant issue is: https://github.com/jooq/jooq/issues/5190 multi row update returning a...
Read more

java - Warning equals/hashCode on @Data annotation lombok with inheritance -

i have entity inherits other. on other hand, i'm using lombok project reduce boilerplate code, put @data annotation. annotation @data inheritance produces next warning: generating equals/hashcode implementation without call superclass, though class not extend java.lang.object. if intentional, add '@equalsandhashcode(callsuper=false)' type. is advisable add annotation @equalsandhashcode (callsuper = true) or @equalsandhashcode (callsuper = false) ? if not added, 1 callsuper=false or callsuper=true ? the default value false . 1 if don't specify , ignore warning. yes, recommended add @equalsandhashcode annotation on @data annotated classes extend else object. cannot tell if need true or false , depends on class hierarchy, , need examined on case-by-case basis. however, project or package, can configure in lombok.config call super methods if not direct subclass of object. lombok.equalsandhashcode.callsuper = call for configuration system ...
Read more

java - BasicPathUsageException: Cannot join to attribute of basic type -

i using java 8 jpa (hibernate 5.2.1). have clause works perfectly, until introduce clause make use foreign key table values too. i getting following error: basicpathusageexception: cannot join attribute of basic type i think problem related fact have join table, , not sure how create join using join table. employee - employee_category - category model (employee.java): @manytomany(cascade = cascadetype.all, fetch=fetchtype.eager) @jointable ( name="employee_category", joincolumns={ @joincolumn(name="emp_id", referencedcolumnname="id") }, inversejoincolumns={ @joincolumn(name="cat_id", referencedcolumnname="id") } ) private set<category> categories; model (category.java): @id private string id; jpa when introduce following code, fails error above (i think problem new piece of code): join<t, category> category = from.join("id"); predicates.add(criteriabuilder.like(category....
Read more