Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using "like" wildcard in prepared statement

Tags:

java

mysql

prepared-statement

jdbc

People also ask

How use like in SQL query in Java?

Execute a query − Requires using an object of type Statement for building and submitting an SQL statement to fetch records from a table which meet given condition. This Query makes use of LIKE clause to select records to select all the students whose first name starts with "za".

Can we use PreparedStatement for select query?

To retrieve data from a table using a SELECT statement with parameter markers, you use the PreparedStatement. executeQuery method.

Is PreparedStatement faster than Statement?

Prepared statements are much faster when you have to run the same statement multiple times, with different data. Thats because SQL will validate the query only once, whereas if you just use a statement it will validate the query each time.

What is a PreparedStatement explain with suitable examples?

A PreparedStatement is a pre-compiled SQL statement. It is a subinterface of Statement. Prepared Statement objects have some useful additional features than Statement objects. Instead of hard coding queries, PreparedStatement object provides a feature to execute a parameterized query.

You need to set it in the value itself, not in the prepared statement SQL string.

So, this should do for a prefix-match:

notes = notes
    .replace("!", "!!")
    .replace("%", "!%")
    .replace("_", "!_")
    .replace("[", "![");
PreparedStatement pstmt = con.prepareStatement(
        "SELECT * FROM analysis WHERE notes LIKE ? ESCAPE '!'");
pstmt.setString(1, notes + "%");

or a suffix-match:

pstmt.setString(1, "%" + notes);

or a global match:

pstmt.setString(1, "%" + notes + "%");

Code it like this:

PreparedStatement pstmt = con.prepareStatement(
    "SELECT * FROM analysis WHERE notes like ?");
pstmt.setString(1, notes + "%");`

Make sure that you DO NOT include the quotes ' ' like below as they will cause an exception.

pstmt.setString(1,"'%"+ notes + "%'");

We can use the CONCAT SQL function.

PreparedStatement pstmt = con.prepareStatement(
      "SELECT * FROM analysis WHERE notes like CONCAT( '%',?,'%')";
pstmt.setString(1, notes);
ResultSet rs = pstmt.executeQuery();

This works perfectly for my case.


PreparedStatement ps = cn.prepareStatement("Select * from Users where User_FirstName LIKE ?");
ps.setString(1, name + '%');

Try this out.


String fname = "Sam\u0025";

PreparedStatement ps= conn.prepareStatement("SELECT * FROM Users WHERE User_FirstName LIKE ? ");

ps.setString(1, fname);

Related questions

What is the most frequent concurrency issue you've encountered in Java? [closed]
codestyle; put javadoc before or after annotation?
Java Constructor Inheritance
Is it good practice to make the constructor throw an exception? [duplicate]
Should try...catch go inside or outside a loop?
How to read and write excel file
How can I determine whether a Java class is abstract by reflection
Fatal error compiling: invalid target release: 1.8 -> [Help 1]
Java SE 6 vs. JRE 1.6 vs. JDK 1.6 - What do these mean?
How to subtract X days from a date using Java calendar?
How to set timeout in Retrofit library?
Is there a common Java utility to break a list into batches?
A simple scenario using wait() and notify() in java
What is this spring.jpa.open-in-view=true property in Spring Boot?
NoClassDefFoundError - Eclipse and Android
Do I need to store the salt with bcrypt?
Different results with Java's digest versus external utilities
Differences between Exception and Error
Is there a performance difference between a for loop and a for-each loop?
Configuring Log4j Loggers Programmatically

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!