Query sql with multiple java fields

Question

Query sql with multiple java fields

Asked 8 years, 2 months ago

Viewed 687 times

2

How to do a java sql search that involves multiple arguments?
Example: I want to research all people with Angolan nationality, with the Computer Science course and who have two or more years of professional experience.

I’m wearing it like this: select * from candidato where nome like ?, but when increase more fields returns error.

This is my research method:

public List<Dados_Cadastro> getLista(String nome) throws SQLException{
     String sql="select * from candidato where nome like ?";
 PreparedStatement stm = this.conexao.prepareStatement(sql);
 stm.setString(1, nome);
 ResultSet rs = stm.executeQuery();

 List<Dados_Cadastro>nova_lista = new ArrayList<Dados_Cadastro>();
 while(rs.next()){
  Dados_Cadastro cadastro =new Dados_Cadastro();

 cadastro.setNome_cadastro(rs.getString("nome"));
 cadastro.setGenero_cadastro(rs.getString("genero"));
 cadastro.setData_nasc_cadastro(rs.getString("nasc"));
 cadastro.setCbox_nacion_cadastro(rs.getString("nacionalidade"));
 cadastro.setCbox_nivel_cadastro(rs.getString("n_academico"));
 cadastro.setCurso_cadastro(rs.getString("curso"));
 cadastro.setEmpresa_cadastro(rs.getString("empresa"));
 cadastro.setCbox_exper_cadastro(rs.getString("experiencia"));
 cadastro.setIdent(Long.valueOf(rs.getString("ident")));
nova_lista.add(cadastro);
 }
 rs.close();
 stm.close();
 return nova_lista;
 }

This query goes to a production system or is only study?

– adelmo00

2016/04/22 at 19:41

2 answers

Browser other questions tagged java sql

You are not signed in. Login or sign up in order to post.

by Júlio Neto • **1,228** points · Answer 1 · 2016-04-22T18:55:02+00:00

You can number the parameters, for example:

select * from candidato where nome like ?1 AND genero = ?2

and then inform the parameters:

stm.setString(1, nome);
stm.setString(2, genero);

by Ikaro Sales • **537** points · Answer 2 · 2016-04-22T15:59:37+00:00

1

SELECT * FROM candidato WHERE nome LIKE '%'+getNome_cadastrado+'%';

The sign % is used to define wildcards (letters missing) before and after the pattern.

I don’t know if I understand, I must do like this?

– user44631

2016/04/22 at 16:20
Specify the part you didn’t understand that I can explain to you better !

– Ikaro Sales

2016/04/22 at 16:22
with this code: select * from candidate Where name like ?. I can only consult by stating the registered name, but I would like to include in the search other attributes such as: nationality and experience.

– user44631

2016/04/22 at 16:27
Ahh Yes ! Just you put AND

– Ikaro Sales

2016/04/22 at 16:28
SELECT * FROM candidato WHERE nome LIKE '%'+getNome_cadastrado+'%' AND nacionalidade = '+getNacionalidade+'; Just go putting the AND and assigning the attributes you want to query

– Ikaro Sales

2016/04/22 at 16:28
That is: I want him to show me all records of people with nationality x, with experience y

– user44631

2016/04/22 at 16:29
If you have attributes from another table, you have to search for INNER JOIN

– Ikaro Sales

2016/04/22 at 16:30
Okay, I’ll try it.

– user44631

2016/04/22 at 16:31
SELECT * FROM candidato WHERE nome LIKE '%'+getNome_cadastrado+'%' AND nascionalidade = '+getNacionalidade+' AND experiencia = '+getExperiencia+';

– Ikaro Sales

2016/04/22 at 16:31
It worked Thanks bro.

– user44631

2016/04/22 at 16:33
Anything, just call... to help

– Ikaro Sales

2016/04/22 at 16:33
@user44631, take a look at Julio Neto’s answer. It uses Prepared statements, as its original code, which is safer and more efficient than concatenating strings that Ikaro proposes. String concatenation makes room for SQL Injection attacks and should never be used.

– lpacheco

2016/04/29 at 12:34
Thanks for the tip lpacheco, I really need all these lights. I’m just a beginner.

– user44631

2016/05/04 at 15:43

Show 8 more comments