Java PreparedStatement complaining about SQL syntax on execute()

Question

This is driving me nuts... What am I doing wrong here?

ArrayList toAdd = new ArrayList();
toAdd.add(\"password\");
try{
    Prepa         


        

Answer 1

When using a prepared statement, your parameter is treated similarily to a string literal. As a result, your statement is equivalent to "ALTER TABLE testTable ADD \'"+s+"\' varchar(100)". Notice the single quotations around the field name in the error message.

I would suggest building a literal statement in this case, and not attempting to used a prepared statement.