fei alsh
Reputation: 21
Parametrized queries in java
I am facing a problem with retrieving a column from database
This is my code
public String ShowtimeQur(int MovieID)
{
rs3 = null;
String RoomID=null;
String ShowTime = null;
try
{
String qu ="Select Room_ID from Movie_Shows_in where Movie_ID="+MovieID;
//getRoomQur.setInt(1, MovieID);
rs3=getRoomQur.executeQuery(qu);
RoomID=rs3.getString("Room_ID");
getShowtimequr.setString(1, RoomID);
rs4=getShowtimequr.executeQuery();
ShowTime=rs4.getString("Show_Times");
}
catch (SQLException e)
{
e.printStackTrace();
}
return ShowTime;
}
I keep get this type of error
java.sql.SQLException: Invalid operation at current cursor position.
Upvotes: 1
Views: 61
Answers (2)
Dociu Marius
Reputation: 11
Like the answer before, you shoud declare a "ResulSet result" variable, and after the execute of the query, you should call "result.next()" method to point the cursor on the first row (initially is pointed to row 0 which does not exist) and then call a retrive data mehod like "result.getString(columnNumber)" by example.
Upvotes: 1
nkal
Reputation: 153
Use PreparedStatement.
PreparedStatement statement = con.prepareStatement("Select Room_ID from Movie_Shows_in where Movie_ID=?");
statement.setInt(1, MovieID);
ResultSet res = statement.executeQuery()
...
rest of your code
Never, never, never use string concatenation to build queries, as you put yourself at risk of SQL Injection
Upvotes: 1
Related Questions
- How to Store MySQL query into Java array?
- Passing an Array to a SQL query using Java's PreparedStatement
- Query arrays of data
- how to add sql parametrized queries through jdbc java
- How to pass values('how many' are known at runtime) to SQL query
- Passing array object to jdbc query
- Use array in mysql query java
- Named parameterized SQL queries in Java
- Database access using parametrized and prepared statements
- Parameterized Oracle SQL query in Java?