How do I use a PreparedStatement to pass a string in a where clause?
I have tried following lines of code:
String sql = "select pass from lbdb_user WHERE username = ? collate latin1_bin";
PreparedStatement pstmt = con.prepareStatement(sql);
pstmt.setString(1,"\""+username+"\"" );
It throws the following mysql exception:
You have an error in your SQL syntax;
Try it like this:
String username = "Mickey Mouse";
String sql = "select pass from lbdb_user WHERE username = ? ";
PreparedStatement pstmt = con.prepareStatement(sql);
pstmt.setString(1, username);
I don't know what that collate thingy is. I would recommend using Unicode and UTF-8 in your database.
Here is an example, using COLLATE latin1_bin, as what you have posted and it works
String lSql = "SELECT lastname FROM contacts WHERE lastname= ? COLLATE latin1_bin ";
PreparedStatement lPreparedStatement = con.prepareStatement(lSql);
lPreparedStatement.setString(1, "andre");
ResultSet lResultSet = lPreparedStatement.executeQuery();
