1

I'm currently having a few problems with this code:

 public User validateUser(String username, String password) {

    boolean found = false;
    Connection c = DBHelperClass.getConnection();
    String query = "Select * from user where username= '?' and password= '?' ";


    if (c != null) {
        try {
            PreparedStatement inserter = c.prepareStatement(query);
            inserter.setString(1, username);
            inserter.setString(2, password);
            System.out.println("help: "+query);
            ResultSet resultSet = inserter.executeQuery(query);
            while (resultSet.next()) {
                this.userId = resultSet.getInt("userId");
                this.username = resultSet.getString("usrname");
                this.password = resultSet.getString("password");
                this.address = resultSet.getString("address");
                this.email = resultSet.getString("email");
                this.phone = resultSet.getInt("phone");

                found = true;

            }
        } catch (SQLException ex) {
            Logger.getLogger(User.class.getName()).log(Level.SEVERE, null, ex);
        }

    }
    return this;
}

The error I get is:

java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0)

from reading other answers I tried changing around the '?' tags but failed to do so.

Improve this question

4 Answers 4

Reset to default
6

change 

 Select * from user where username= '?' and password= '?'

to 

Select * from user where username= ? and password= ?

No need to add '

Update:

and change inserter.executeQuery(query); to inserter.executeQuery();

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

@Pavol updated my answer, if you still have any issues..check out the code here mkyong.com/jdbc/…
1

java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0)

You get this error because you call executeQuery(query) instead of executeQuery() such that it considers that your query doesn't need any parameters but you provided more than one which leads to this exception, so simply use inserter.executeQuery().

The second error as already mentioned is the fact that you don't need to use quotes in your query it should only be Select * from user where username= ? and password= ?

Improve this answer

Comments

0

Thanks for the help guys this is the fixed code:

public User validateUser(String username, String password) {

    boolean found = false;
    Connection c = DBHelperClass.getConnection();
    String query = "Select * from user where username= ? and password= ? ";


    if (c != null) {
        try {
            PreparedStatement inserter = c.prepareStatement(query);
            inserter.setString(1, username);
            inserter.setString(2, password);
            System.out.println("help: "+query);
            ResultSet resultSet = inserter.executeQuery();
            while (resultSet.next()) {
                this.userId = resultSet.getInt("userId");
                this.username = resultSet.getString("username");
                this.password = resultSet.getString("password");
                this.address = resultSet.getString("address");
                this.email = resultSet.getString("email");
                this.phone = resultSet.getInt("phone");

                found = true;

            }
        } catch (SQLException ex) {
            Logger.getLogger(User.class.getName()).log(Level.SEVERE, null, ex);
        }

    }
    return this;
}

All that I needed to change was to remove '' around ? and change executeQuery(query) to executeQuery()

Thanks a million!

Improve this answer

Comments

0

Error message is saying that you have zero parameters in your query. It is because you have escaped question marks characters using apostrophes. Rewrite your query without using apostrophes around question marks.

String query = "Select * from user where username= ? and password= ?";
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.