Sqlite Query Issue
Alright, so I'm trying to store data in Sqlite. So I'm trying to store the id of the user with the a "line". Yet, it seems that the where clause is failing me.
String query = "SELECT * FROM Users WHERE username='Fellixombc";
ResultSet result = this.sqlStatement.executeQuery(query);
int userId = 0;
while(result.next()) {
System.out.println("TRUE");
userId = result.getInt("id");
System.out.println(result.getString("username"));
}
And true is not printing. Yet, if I remove the WHERE clause from the query, it wi开发者_开发知识库ll print out all of the usernames/id's fine, and of course "TRUE".
Am I missing something with Sqlite and it's syntax?
edit: Just to clarify there is a user in the Users column with the id of 1 and with the username Fellixombc edit: So I took your guy's suggestion and tried prepare statement, heres my code now:
PreparedStatement sqlStatement = this.sqlConnection.prepareStatement("SELECT * FROM Users WHERE username=?");
sqlStatement.setString(1, "Fellixombc");
ResultSet result = sqlStatement.executeQuery();
int userId = 0;
while(result.next()) {
System.out.println("TRUE");
userId = result.getInt("id");
System.out.println(result.getString("username"));
}
result.close();
Essentially, you want to store the username, correct?
Your current query will retrieve all information on relative to a username. It's what a SELECT query does, it retrieves.
If you need to create a new user, use:
INSERT INTO Users (username) Values ('Fellixombc');
I should tell you that you might need to provide more information in this query, depending on what other fields your Users table has.
EDIT:
In your select statement, you have an open single quote.
"SELECT * FROM Users WHERE username='Fellixombc"
should be
"SELECT * FROM Users WHERE username='Fellixombc'"
To avoid issues with SQL injection, consider the prepareStatement function.
Try doing a trim on your username field. Its possible there's a spurious space somewhere in the data thats causing your where clause to fail.
"SELECT * FROM Users WHERE trim(username) ='Fellixombc'"
Also, agree with @MPelletier. You should definitely be using PreparedStatements.
精彩评论