JDBC 5 + MYSQL 4 error on select

Question

I'm new in Java World and I'm trying to create an userExist method to check if an user exists. Well, I'm getting the error: java.sql.SQLException: ResultSet is from UPDATE. No Data.

This error happens when the login or password doesn't exist. And the next returns false.

I'm using the MySQL JDBC 5 with MySQL 4

The code:

    public boolean userExist(User enteredUser) {

    try {

        boolean userExist = false;

        PreparedStatement connQuery = this.connection.prepareStatement("select Codigo, Nome, Login, Senha from funcionario where Login='"+enteredUser.getLogin()+"' and Senha='"+enteredUser.getSenha()+"'");
        ResultSet result = connQuery.executeQuery();

        if(result.next()) {

            if((result.getString("Login") == enteredUser.getLogin())&&(result.getString("Senha") == enteredUser.getSenha())) {

                enteredUser.setId(result.getInt("Codigo"));
                enteredUser.setNome(result.getString("Nome"));

                userExist = true;

            }

        }

        connQuery.close();

        return userExist;

    } catch (SQLException error) {

        throw new RuntimeException(error);

    }

 }

Edited.

I changed the code, now I'm getting this error just in the second time I tried to log on the application. Can this be a logical error?

public boolean userExist(User enteredUser) {

    try {

        boolean userExist = false;

        PreparedStatement query = this.connection.prepareStatement("select Codigo, Nome, Login, Senha from funcionario where Login=? and Senha=?");
        query.setString(1,enteredUser.getLogin());
        query.setString(2,enteredUser.getSenha());

        ResultSet result = query.executeQuery();

        if(result.next()) {

            if((result.getString("Login").equals(enteredUser.getLogin()))&&(result.getString("Senha").equals(enteredUser.getSenha()))) {

                enteredUser.setCodigo(result.getInt("Codigo"));
                enteredUser.setNome(result.getString("Nome"));

                userExist = true;

            }

        }

        result.close();
        query.close();

        return userExist;

    } catch (SQLException error) {

        throw new RuntimeException(error);

    }

 }

Thank you,

Check the code from this site here: http://www.mkyong.com/jdbc/jdbc-preparestatement-example-select-list-of-the-records/ — the_marcelo_r, Mar 24 '14 at 18:33
are you sure it is `next()` ? or your `result.getString("Senha") == enteredUser.getSenha())` See http://stackoverflow.com/questions/513832/how-do-i-compare-strings-in-java — jmj, Mar 24 '14 at 18:33
@felipeocr JDBC is the Java standard implemented by all (relational) database drivers for Java; the last version of that is 4.2 (Java 8). You mean MySQL Connector/J version 5; that is still not very specific: last time I checked there are 9 5.0.x versions and 30 5.1.x versions of Connector/J — Mark Rotteveel, Mar 25 '14 at 08:49
@MarkRotteveel I got it, thank you for explain! I'm using Java 8 and the exactly version of the connector is 5.1.29. The exactly MySQL version is 4.0.16. — , Mar 25 '14 at 11:51
Hey people! I got the problem, I change my connector to 5.0.8 and it works! — , Mar 25 '14 at 13:32

score 0 · Accepted Answer · answered Mar 24 '14 at 19:14

although the above method isn't straightforwardly vulnerable to SQL injection, it is damn close. try this for your parameters:

PreparedStatement connQuery = this.connection.prepareStatement("select Codigo, Nome, Login, Senha from funcionario where Login=? and Senha=?");
connQuery.setString(1,enteredUser.getLogin());
connQuery.setString(2,enteredUser.getSenha());

Also, try declaring the result set and prepared statement outside the try block so that you can close them in a finally block.

As for your actual question, I'd try running it with execute instead of executeQuery

Humm, great tips! Thank you! I'll read about execute instead of executeQuery! — , Mar 24 '14 at 19:30

JDBC 5 + MYSQL 4 error on select

1 Answers1