How can I enter a variable on a ResultSet Execute Query Where clause?

This is the Query I need to put a variable on the Where clause. Variable is itemnamestr that will be entered by the user.
rs = stmt.executeQuery("SELECT itemid, itemname FROM inventorytable WHERE itemname = itemnamestr ");
I got this error when putting itemnamestr as variable on SQL Where clause

Got an exception!
Unknown column 'itemnamestr' in 'where clause'

How can I correctly do it?
import java.sql.*; 
import javax.swing.*;
public class NewClass {
    
 
  
    public static void main (String[] args) { 
        String itemnamestr;
        
        itemnamestr = JOptionPane.showInputDialog(null, "Enter item name.");
 
        try { 
            String url = "jdbc:mysql://localhost:3306/test1"; 
            Connection conn = DriverManager.getConnection(url,"root","mypassword"); 
            Statement stmt = conn.createStatement(); 
            ResultSet rs; 
  
            rs = stmt.executeQuery("SELECT itemid, itemname FROM inventorytable WHERE itemname = itemnamestr "); 
            while ( rs.next() ) { 
                String itemidvar = rs.getString("itemid"); 
                System.out.println(itemidvar); 
                String itemnamevar = rs.getString("itemname"); 
                System.out.println(itemnamevar); 
            } 
            conn.close(); 
        } catch (Exception e) { 
            System.err.println("Got an exception! "); 
            System.err.println(e.getMessage()); 
        } 
    } 
}

Open in new window

glyncoAsked:
Who is Participating?
 
chaitu chaituConnect With a Mentor Commented:
may be space was there within the single quote in the string

the string should be 'itemvarable';

 itemname = '"+itemnamestr +"'" ;
0
 
chaitu chaituCommented:
you have to pass variable like this.the string to be in single quote.

   rs = stmt.executeQuery("SELECT itemid, itemname FROM inventorytable WHERE itemname = ' "+itemnamestr +" ' " );
       
0
 
chaitu chaituCommented:
instead of statement use PreparedStatement;

 PreparedStatement stmt = conn.prepareStatement(("SELECT itemid, itemname FROM inventorytable WHERE itemname = ?");
   
          stsmt.setString(1,itemnamestr);
          rs=stsmt.executeQuery();
   
0
 
glyncoAuthor Commented:
rs = stmt.executeQuery("SELECT itemid, itemname FROM inventorytable WHERE itemname = ' "+itemnamestr +" ' " );

The records do not show-up.
0
All Courses

From novice to tech pro — start learning today.