If Search_ID is a value, then it either has to be a literal value
enclosed in quotation marks, or a variable value which is substituted
into the statement using a PreparedStatement and a setString() call.
Remember to avoid constructing variable values in SQL statements by
string concatenation, for you are vulnerable to SQL Injection that
way.
bryan
On Tue, Dec 4, 2018 at 6:01 PM Bob M <rgmatth...@orcon.net.nz> wrote:
>
> I have a table with a particular column named ID
>
> The records in the table have an integer in the field and there may be
> several records with the same integer value
>
> I am using the following code where Search_ID has just been
> calculated...........
>
> ps = conn.prepareStatement("SELECT COUNT(*) from table_name where ID =
> Search_ID");
>
> The program falters on this line and I am unclear why ?
>
> Bob M
>
>
>
> --
> Sent from:
> http://apache-database.10148.n7.nabble.com/Apache-Derby-Users-f95095.html
