I'm working with JDBC trying to select from this table :
CREATE TABLE PERIT (
COGNOM1 VARCHAR(30) NOT NULL,
COGNOM2 VARCHAR(30) NOT NULL,
DATANAIX DATE NOT NULL,
NOM VARCHAR(30) NOT NULL,
NIF VARCHAR(10) NOT NULL,
LOGIN VARCHAR(50) NOT NULL,
PASSWORDMD5 VARCHAR(50) NOT NULL,
NUMERO INT(3) NOT NULL AUTO_INCREMENT,
PRIMARY KEY (NUMERO)
);
I want to check if exists a row with a certain login and PASSWORDMD5 values like this :
public int Login(String Login, String pass) {
Statement st = null;
ResultSet rs = null;
int count =0;
try {
st = con.createStatement();
String consulta = "Select count(*) from Perit p where p.LOGIN =";
consulta += Login;
consulta +=" and p.PASSWORDMD5 = MD5(";
consulta +=pass;
consulta+=")";
rs = st.executeQuery(consulta);
while (rs.next()) {
count = rs.getInt(1);
}
st.close();
rs.close();
} catch (SQLException ex) {
Logger.getLogger(JDBCMySQL.class.getName()).log(Level.SEVERE, null, ex);
}
return count;
}
But when I call Login("LOGINPERIT1","PASSWORDMDPERIT") I get this error :
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Unknown column 'LOGINPERIT1' in 'where clause' at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:423) at com.mysql.jdbc.Util.handleNewInstance(Util.java:425) at com.mysql.jdbc.Util.getInstance(Util.java:408) at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:943) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3973) at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3909) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2527) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2680) at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2497) at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2455) at com.mysql.jdbc.StatementImpl.executeQuery(StatementImpl.java:1369) at info.infomila.info.JDBCMySQL.Login(JDBCMySQL.java:139) at info.infomila.info.ThreadHandler.run(ThreadHandler.java:56)
Stringsneeds to be single quoted, otherwise it is treating it as a column name – Scary WombatString consulta = "SELECT COUNT(*) FROM Perit WHERE LOGIN = '" + Login + "' AND PASSWORDMD5 = 'MD5(" + pass + "');";. Notice the use of single quote marks for login and password? – DevilsHnd