why do I get a syntax error for prepared statement? [duplicate]

Answer 1

The problem is here:

rs=preparedStatement.executeQuery(sql);

You shouldn't pass the SQL String to executeQuery(), since the prepared statement already contains the SQL String with the ? placeholder replaced by the value of movieName.

Use:

rs=preparedStatement.executeQuery();

Answer 2

The problem is not in using Preparedstatement >Because the prepared statement object holds the sql query. The why again unnecessarily passing Sql string to executequery() method.PreparedStatement preparedstatement=conn.PrepareStatement(sql). This holds the sql query and when executequery() method is called The query is evaluated.