SQL query works in PHPMyAdmin but not in Java (JDBC)



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















I have generated the following string in java:



select * from `levelone_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `changelang_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `leveltwo_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `levelthree_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `sequence_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `search_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `settings_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W'


and then converted it to a SQL statement using PreparedStatement. Now this SQL Query works perfectly fine in PHPMyAdmin and successfully gives the following output:



PHPMyAdmin output screenshot



But when the same query is being executed from within the java program, it throws the following exception:



com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where user_session_key='-LIi-AlyYC37HfRezq7W'' at line 1


Not really sure why this is happening. Help!



EDIT:



Here is the java code that is actually generating the above string and executing it as a SQL statement.



Collection<String> activities = Utilities.AppActivities.values();
int no_of_activities = activities.size(), i=0;
query = "";
for(String activity: activities) 
if(i < no_of_activities-1) 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "' union ";

else 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "'";

i++;

System.out.println(query);
stmt = con.prepareStatement(query);
rs = stmt.executeQuery();
duration = 0;
while(rs.next()) 
 duration += rs.getInt("duration");






java jdbc mariadb







share|improve this question



















  • 1





    Show us your Java code, formatted to be readable, and maybe someone will be able to help you.

    – Tim Biegeleisen
    Nov 16 '18 at 13:49











  • @TimBiegeleisen As suggested by you, I've added the java code in the edits :)

    – Harshit Budhraja
    Nov 16 '18 at 14:02






  • 2





    Are you aware that you are not really using the prepared statement?

    – Tim Biegeleisen
    Nov 16 '18 at 14:04











  • Kind of aware that PreparedStatement generally uses '?' for parameters, but I don't really know if that'd help in the task I'm doing here. So I used this approach!

    – Harshit Budhraja
    Nov 16 '18 at 14:16











  • Your current code is vulnerable to SQL injection (which is likely also the cause of your error). Please use prepared statements properly. In any case, please post a Minimal, Complete, and Verifiable example, including sample values that trigger the error.

    – Mark Rotteveel
    Nov 17 '18 at 9:03


















0















I have generated the following string in java:



select * from `levelone_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `changelang_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `leveltwo_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `levelthree_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `sequence_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `search_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `settings_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W'


and then converted it to a SQL statement using PreparedStatement. Now this SQL Query works perfectly fine in PHPMyAdmin and successfully gives the following output:



PHPMyAdmin output screenshot



But when the same query is being executed from within the java program, it throws the following exception:



com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where user_session_key='-LIi-AlyYC37HfRezq7W'' at line 1


Not really sure why this is happening. Help!



EDIT:



Here is the java code that is actually generating the above string and executing it as a SQL statement.



Collection<String> activities = Utilities.AppActivities.values();
int no_of_activities = activities.size(), i=0;
query = "";
for(String activity: activities) 
if(i < no_of_activities-1) 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "' union ";

else 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "'";

i++;

System.out.println(query);
stmt = con.prepareStatement(query);
rs = stmt.executeQuery();
duration = 0;
while(rs.next()) 
 duration += rs.getInt("duration");






java jdbc mariadb







share|improve this question



















  • 1





    Show us your Java code, formatted to be readable, and maybe someone will be able to help you.

    – Tim Biegeleisen
    Nov 16 '18 at 13:49











  • @TimBiegeleisen As suggested by you, I've added the java code in the edits :)

    – Harshit Budhraja
    Nov 16 '18 at 14:02






  • 2





    Are you aware that you are not really using the prepared statement?

    – Tim Biegeleisen
    Nov 16 '18 at 14:04











  • Kind of aware that PreparedStatement generally uses '?' for parameters, but I don't really know if that'd help in the task I'm doing here. So I used this approach!

    – Harshit Budhraja
    Nov 16 '18 at 14:16











  • Your current code is vulnerable to SQL injection (which is likely also the cause of your error). Please use prepared statements properly. In any case, please post a Minimal, Complete, and Verifiable example, including sample values that trigger the error.

    – Mark Rotteveel
    Nov 17 '18 at 9:03














0












0








0


1






I have generated the following string in java:



select * from `levelone_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `changelang_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `leveltwo_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `levelthree_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `sequence_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `search_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `settings_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W'


and then converted it to a SQL statement using PreparedStatement. Now this SQL Query works perfectly fine in PHPMyAdmin and successfully gives the following output:



PHPMyAdmin output screenshot



But when the same query is being executed from within the java program, it throws the following exception:



com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where user_session_key='-LIi-AlyYC37HfRezq7W'' at line 1


Not really sure why this is happening. Help!



EDIT:



Here is the java code that is actually generating the above string and executing it as a SQL statement.



Collection<String> activities = Utilities.AppActivities.values();
int no_of_activities = activities.size(), i=0;
query = "";
for(String activity: activities) 
if(i < no_of_activities-1) 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "' union ";

else 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "'";

i++;

System.out.println(query);
stmt = con.prepareStatement(query);
rs = stmt.executeQuery();
duration = 0;
while(rs.next()) 
 duration += rs.getInt("duration");






java jdbc mariadb







share|improve this question
















I have generated the following string in java:



select * from `levelone_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `changelang_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `leveltwo_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `levelthree_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `sequence_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `search_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W' union select * from `settings_sessions` where user_session_key='-LIi-AlyYC37HfRezq7W'


and then converted it to a SQL statement using PreparedStatement. Now this SQL Query works perfectly fine in PHPMyAdmin and successfully gives the following output:



PHPMyAdmin output screenshot



But when the same query is being executed from within the java program, it throws the following exception:



com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'where user_session_key='-LIi-AlyYC37HfRezq7W'' at line 1


Not really sure why this is happening. Help!



EDIT:



Here is the java code that is actually generating the above string and executing it as a SQL statement.



Collection<String> activities = Utilities.AppActivities.values();
int no_of_activities = activities.size(), i=0;
query = "";
for(String activity: activities) 
if(i < no_of_activities-1) 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "' union ";

else 
 query += "select * from `" + activity + "` where user_session_key='" + session_key + "'";

i++;

System.out.println(query);
stmt = con.prepareStatement(query);
rs = stmt.executeQuery();
duration = 0;
while(rs.next()) 
 duration += rs.getInt("duration");






java jdbc mariadb




java jdbc mariadb






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 17 '18 at 9:04









Mark Rotteveel

62.1k1479123




62.1k1479123










asked Nov 16 '18 at 13:47









Harshit BudhrajaHarshit Budhraja

42




42







  • 1





    Show us your Java code, formatted to be readable, and maybe someone will be able to help you.

    – Tim Biegeleisen
    Nov 16 '18 at 13:49











  • @TimBiegeleisen As suggested by you, I've added the java code in the edits :)

    – Harshit Budhraja
    Nov 16 '18 at 14:02






  • 2





    Are you aware that you are not really using the prepared statement?

    – Tim Biegeleisen
    Nov 16 '18 at 14:04











  • Kind of aware that PreparedStatement generally uses '?' for parameters, but I don't really know if that'd help in the task I'm doing here. So I used this approach!

    – Harshit Budhraja
    Nov 16 '18 at 14:16











  • Your current code is vulnerable to SQL injection (which is likely also the cause of your error). Please use prepared statements properly. In any case, please post a Minimal, Complete, and Verifiable example, including sample values that trigger the error.

    – Mark Rotteveel
    Nov 17 '18 at 9:03













  • 1





    Show us your Java code, formatted to be readable, and maybe someone will be able to help you.

    – Tim Biegeleisen
    Nov 16 '18 at 13:49











  • @TimBiegeleisen As suggested by you, I've added the java code in the edits :)

    – Harshit Budhraja
    Nov 16 '18 at 14:02






  • 2





    Are you aware that you are not really using the prepared statement?

    – Tim Biegeleisen
    Nov 16 '18 at 14:04











  • Kind of aware that PreparedStatement generally uses '?' for parameters, but I don't really know if that'd help in the task I'm doing here. So I used this approach!

    – Harshit Budhraja
    Nov 16 '18 at 14:16











  • Your current code is vulnerable to SQL injection (which is likely also the cause of your error). Please use prepared statements properly. In any case, please post a Minimal, Complete, and Verifiable example, including sample values that trigger the error.

    – Mark Rotteveel
    Nov 17 '18 at 9:03








1




1





Show us your Java code, formatted to be readable, and maybe someone will be able to help you.

– Tim Biegeleisen
Nov 16 '18 at 13:49





Show us your Java code, formatted to be readable, and maybe someone will be able to help you.

– Tim Biegeleisen
Nov 16 '18 at 13:49













@TimBiegeleisen As suggested by you, I've added the java code in the edits :)

– Harshit Budhraja
Nov 16 '18 at 14:02





@TimBiegeleisen As suggested by you, I've added the java code in the edits :)

– Harshit Budhraja
Nov 16 '18 at 14:02




2




2





Are you aware that you are not really using the prepared statement?

– Tim Biegeleisen
Nov 16 '18 at 14:04





Are you aware that you are not really using the prepared statement?

– Tim Biegeleisen
Nov 16 '18 at 14:04













Kind of aware that PreparedStatement generally uses '?' for parameters, but I don't really know if that'd help in the task I'm doing here. So I used this approach!

– Harshit Budhraja
Nov 16 '18 at 14:16





Kind of aware that PreparedStatement generally uses '?' for parameters, but I don't really know if that'd help in the task I'm doing here. So I used this approach!

– Harshit Budhraja
Nov 16 '18 at 14:16













Your current code is vulnerable to SQL injection (which is likely also the cause of your error). Please use prepared statements properly. In any case, please post a Minimal, Complete, and Verifiable example, including sample values that trigger the error.

– Mark Rotteveel
Nov 17 '18 at 9:03






Your current code is vulnerable to SQL injection (which is likely also the cause of your error). Please use prepared statements properly. In any case, please post a Minimal, Complete, and Verifiable example, including sample values that trigger the error.

– Mark Rotteveel
Nov 17 '18 at 9:03













0






active

oldest

votes












Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53339123%2fsql-query-works-in-phpmyadmin-but-not-in-java-jdbc%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53339123%2fsql-query-works-in-phpmyadmin-but-not-in-java-jdbc%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

27

Image
www.msyz777.com_www.msyz888.com_www.msyz999.com window._bd_share_config="common":"bdSnsKey":,"bdText":"","bdMini":"2","bdMiniList":false,"bdPic":"","bdStyle":"1","bdSize":"16","share":,"image":"viewList":["qzone","tsina","tqq","renren","t163"],"viewText":"&#2013266103;&#2013265942;&#2013265935;&#2013265933;&#2013266101;&#2013266109;&#2013266083;&#2013266106;","viewSize":"16","selectShare":"bdContainerClass":null,"bdSelectMiniList":["qzone","tsina","tqq","renren","t163"];with(document)0[(getElementsByTagName('head')[0]||body).appendChild(createElement('script')).src='http://bdimg.share.baidu.com/static/...
Read more

Top Tejano songwriter Luis Silva dead of heart attack at 64

Image
Ramiro Burr's New Blog - to go back: www.ramiroburr.com From Latin rock to reggaeton, boleros to blues,Tex-Mex to Tejano, conjunto to corridos and beyond, Ramiro Burr has it covered. If you have a new CD release, a trivia question or are looking for tour info, post a message here or e-mail Ramiro directly at: musicreporter@gmail.com Top Tejano songwriter Luis Silva dead of heart attack at 64 By Ramiro Burr on October 23, 2008 8:40 AM | Permalink | Comments (12) | TrackBacks (0) UPDATE: Luis Silva Funeral Service details released Visitation 4-9 p.m. Saturday, Rosary service 6 p.m. Saturday at Porter Loring, 1101 McCullough Ave Funeral Service 10:30 a.m. Monday St. Anthony De Padua Catholic Church, Burial Service at Chapel Hills, 7735 Gibbs Sprawl Road. Porter Loring (210) 227-8221 Related New Flash: Irma Laura Lopez: long time record promoter killed in accident NewsFlash: 9:02 a.m. (New comments below) Luis Silva , one of the most well-known ...
Read more

Category:Rhetoric

Image
Help Category:Rhetoric From Wikipedia, the free encyclopedia Jump to navigation Jump to search Library cataloging and classification main topic rhetoric Library of Congress P301 Universal Decimal 808 Wikimedia Commons has media related to Rhetoric . The main article for this category is Rhetoric . Rhetorical terms, i.e. terms used to describe or analyze rhetorical arguments, including those in persuasive speeches and opinion editorials. Contents Top 0–9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Subcategories This category has the following 17 subcategories, out of 17 total. A ► Analogy‎ (2 C, 23 P) ► Apologetics‎ (5 C, 12 P) D ► Dialectic‎ (2 C, 21 P) ► Dialogues‎ (2 C, 38 P) F ► Fiction-writing mode‎ (4 C, 11 P) H ► Homiletics‎ (21 P) ► Hypocrisy‎ (11 P) P ► Populism‎ (13 C, 49 P) R ► Rhetoric theorists‎ (3 C,...
Read more