Prepared Statements

Advertisement
I'm trying to create a prepared static method, I'm unsure how to rewrite the actual query, can anyone help please?
public static synchronized Vector nameRecords(Connection connection, String clientName, String active) throws SQLException{
        String preparedQuery = "SELECT * FROM Clients WHERE ClientName LIKE '" + SQLUtil.encode(clientName) + "%' AND Active = '"+ active + "'";
        PreparedStatement ps = connection.prepareStatement(preparedQuery);
        ResultSet records = ps.executeQuery(preparedQuery);
        Vector results = new Vector();
        while (records.next()== true){
            //Create a Client object.
            Client client = new Client();
            ps.setString(1, client.setClientNo(records.getInt("ClientNo")));
            ps.setString(2, client.setClientName(records.getString("ClientName")));
            ps.setString(3, client.setAddress1(records.getString("Address1")));
            ps.setString(4, client.setAddress2(records.getString("Address2")));
            ps.setString(5, client.setAddress3(records.getString("Address3")));
            int status = ps.executeUpdate();
            ps.close();
            results.add(client);
        return results;
    }
Advertisement

Replay

I think I nearly have this working, but I receive an SQL exception:
Clients SQLException: java.sql.SQLException: Syntax error or access violation: Y
ou have an error in your SQL syntax near '? AND Active = ?' at line 1. Any clues?
public static synchronized Vector nameRecords(Connection connection, String clientName, String active) throws SQLException{
        String preparedQuery = "SELECT * FROM Clients WHERE ClientName LIKE ? AND Active = ?";
        PreparedStatement ps = connection.prepareStatement(preparedQuery);
        ResultSet records = ps.executeQuery(preparedQuery);
        Vector results = new Vector();
        while (records.next()== true){
            Client client = new Client();
            ps.setString(1, SQLUtil.encode(clientName)+"%");
            ps.setString(2, active);
            client.setClientNo(records.getInt("ClientNo"));
            client.setClientName(records.getString("ClientName"));
            client.setAddress1(records.getString("Address1"));
            int status = ps.executeUpdate();
            results.add(client);
        ps.close();
        return results;
    }