-2

I am trying to get values from MySQL db using a query which gets values from a multiple select. The problem is that I am using StringBuilder to create the query based on the values I am getting. If you see the Where clause used why me, every time a new variable is fetched a comma is added in the end.

How do I remove the last comma added as it is giving me an error in the sql query. Will appreciate any help.

String[] stat = req.getParameterValues("status");
StringBuilder sb = new StringBuilder(200);

if (stat != null) {

    for (int i = 0; i < stat.length; i++) {

        sb.append("'" + stat[i] + "',");

    }

    String app = "WHERE status in (" + sb.toString() + ")";
    String sqlquery = "SELECT * FROM Table " + app + ";";
}

Result Query:

SELECT * FROM Table 
   WHERE status in ('Deployed','PendingDisposal','Available','Reserved','Broken',);

I want to get rid of the last comma after 'Broken'

Youcef LAIDANI
  • 55,661
  • 15
  • 90
  • 140
shahed
  • 37
  • 3

6 Answers6

3

Your problem is with comma in the end, you can append your Strings like this :

String del = "";
for (int i = 0; i < stat.length; i++) {
    sb.append(del).append("'" + stat[i] + "'");
    del = ",";
}

But in fact this is not really good idea to use this way, because it can cause SQL Injection or syntax error, you have to use PreparedStatement for example :

for (int i = 0; i < stat.length; i++) {
    sb.append(del).append("?");
    del = ",";
}

try (PreparedStatement ps = connection.prepareStatement(sb) {
    for (int i = 0; i < stat.length; i++) {
       ps.setString(i, stat[i]);
    }
    ResultSet result = preparedStatement.executeQuery();//get results
    ...
}
Graham
  • 7,431
  • 18
  • 59
  • 84
Youcef LAIDANI
  • 55,661
  • 15
  • 90
  • 140
1

You can join a string array with commas using Java 8 streams:

String joined = Arrays.asList(stat).stream()
    .map(s -> "'" + s + "'")
    .collect(Collectors.joining(", "));

But note that joining strings like this is a really bad idea: you are vulnerable to SQL injection attacks, e.g. if one of the element of stat is something like:

'); DROP TABLES Table; --

You are better off building the query using a PreparedStatement. See this question.

Community
  • 1
  • 1
Andy Turner
  • 137,514
  • 11
  • 162
  • 243
0

Need to update your for loop where you need to append element from array till its second last element and append last element of the array outside the loop.

for(int i=0;i<stat.length-1;i++){  // loop till second last element
sb.append("'"+stat[i]+"',"); //appends , at end 
}
sb.append("'"+stat[stat.length-1]+"'"); // append last element
Ravi
  • 30,829
  • 42
  • 119
  • 173
0

You can use deleteChartAt method: sb.deleteCharAt(sb.length()-1);

For example:

String[] stat = req.getParameterValues("status");
StringBuilder sb = new StringBuilder(200);

if(stat!=null) {
    for(int i=0;i<stat.length;i++){
        sb.append("'"+stat[i]+"',");
    }
    sb.deleteCharAt(sb.length()-1); //---------> This will remove the last comma
    String app = "WHERE status in ("+sb.toString()+")";
    String sqlquery = "SELECT * FROM Table "+app+";";
}
JUAN CALVOPINA M
  • 3,695
  • 2
  • 21
  • 37
-1

try something this.

 for(int i=0;i<stat.length;i++){

        sb.append("'"+stat[i]+"'");
            if(i!=stat.length-1){
              sb.append(",");
            }

        }
Dhiraj
  • 1,430
  • 11
  • 21
-1

try String app = "WHERE status in ("+sb.substring(0, sb.length()-2)+")";

Durgesh Kumar
  • 91
  • 6