Solved MySQL check if entry is set

Discussion in 'Spigot Plugin Development' started by Mxrlin1, Jan 21, 2022.

  1. Mxrlin1

    Mxrlin1

    Im trying to check if a entry is set, so for example in a row with: 'user, password, birth' I check if in column 'user' f.e. 'mxrlin' is

    For that im using that code in my Main Class:
    Code (Java):
    if(!mySQL.isSet(tableName, "houseNumber", houseNumberStr)){
                System.out.println(house.getHouseNumber() + " not set yet");
                inserts.add(new BetterMySQL.KeyValue("houseNumber", houseNumberStr));
                mySQL.insertEntry(tableName, inserts);
            }else {
                System.out.println(house.getHouseNumber() + " set -> updating");
                mySQL.update(tableName, inserts, "houseNumber", houseNumberStr);
            }
    And the mySQL.isSet() method looks like this:
    Code (Java):
    public boolean isSet(String tableName, String key, String value){
        Check.checkNotEmpty(tableName);
        Check.checkNotEmpty(key);
        Check.checkNotEmpty(value);
        ResultSet resultSet = MySQL.getResultSetPrepareStatement(connection, "SELECT * FROM " + tableName + " WHERE ?=?", Arrays.asList(key, value));
        try {
            if(resultSet.next()){
                return resultSet.getObject(value) != null;
            }
        } catch (SQLException e) {
            e.printStackTrace();
        } finally {
            try {
                resultSet.close();
            } catch (SQLException e) {
                e.printStackTrace();
            }
        }
        return false;
    }
    But with this code it always debugs me "house.getHouseNumber() + " not set yet", so the Class doesnt find the entry that is set
     
    #1 Mxrlin1, Jan 21, 2022
  3. TheDevTec

    TheDevTec

    #2 TheDevTec, Jan 21, 2022
  5. Mxrlin1

    Mxrlin1

    Nope. I have it like this now:
    Code (Java):
    public boolean isSet(String tableName, String key, String value){
            Check.checkNotEmpty(tableName);
            Check.checkNotEmpty(key);
            Check.checkNotEmpty(value);
            ResultSet resultSet = MySQL.getResultSetPrepareStatement(connection, "SELECT * FROM " + tableName + " WHERE '?'='?'", Arrays.asList(key, value));
            try {
                return resultSet != null && resultSet.next(); // if there is found anything that isnt null -> true - else false
            } catch (SQLException e) {
                e.printStackTrace();
            } finally {
                try {
                    resultSet.close();
                } catch (SQLException e) {
                    e.printStackTrace();
                }
            }
            return false;
        }
    But still returning false everytime.
     
    #3 Mxrlin1, Jan 21, 2022
  7. TheDevTec

    TheDevTec

    What about small edit?
    Code (Java):
    ResultSet resultSet = MySQL.getResultSetPrepareStatement(connection, "SELECT * FROM " + tableName + " WHERE ?='?'", Arrays.asList(key, value));
     
    #4 TheDevTec, Jan 21, 2022
  9. Mxrlin1

    Mxrlin1

    As soon as I do WHERE ?='?' instead of WHERE ?=? the Error "java.sql.SQLException: Parameter index out of range (2 > number of parameters, which is 1)." appears
     
    #5 Mxrlin1, Jan 21, 2022
  11. TheDevTec

    TheDevTec

    Then do it easier, write the values of the fields manually.
    MySQL.getResultSetPrepareStatement(connection, "SELECT * FROM " + tableName + " WHERE "+key+"='"+value+"'");
     
    #6 TheDevTec, Jan 21, 2022
  13. Mxrlin1

    Mxrlin1

    Yeah, but the Problem is there, and thats why im using prepared statements, is SQL injection. If im using just result sets an hacker as it easy to hack the databank.

    EDIT: I dont know the error, but I just used getObject() == null instead of isSet() and it was working. Still no sense for me, but i got it working
     
    #7 Mxrlin1, Jan 21, 2022
    Last edited: Jan 21, 2022
(You must log in or sign up to post here.)