right syntax to use near '?'

Question

I have a Java-code:

String searchPerson = "select * from persons where surname like ? and name like ?";
//connect to DB
PreparedStatement statement = connect.prepareStatement(searchPerson);
statement.setString(1,"%"+ surname + "%");
statement.setString(2, "%" + name + "%");
ResultSet resultPerson = statement.executeQuery(searchPerson);
//..code

Then I have SQLException:

you have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?'

Answer 1

You should execute the PrepareStatement with no parameters as follows:

statement.executeQuery()

Calling executeQuery with a String parameter will execute the provided query as is (without the bound parameters).

Answer 2

ResultSet resultPerson = statement.executeQuery(searchPerson);

should be

ResultSet resultPerson = statement.executeQuery();