Android Question Synthax error creating table with JdbcSQL

[ctd]

Dear Forum
I was trying to create a table with the following code:

Wait For (Connect) Complete (Success As Boolean)
    If Success Then
        Try
'            mysql.ExecNonQuery("CREATE TABLE TEST (REF TEXT,DES TEXT,COBA TEXT,QUANTPHY INTEGER, USER TEXT, ZONE TEXT)")
'            mysql.ExecNonQuery("SET @Export = "STBIS")
'            mysql.ExecNonQuery(" SET @@ExportDB = Export")
'            Log(Export_Base)
'            mysql.ExecNonQuery("CREATE TABLE @ExportDB (REF TEXT,DES TEXT,COBA TEXT,QUANTPHY INTEGER, USER TEXT, ZONE TEXT)")
            mysql.ExecNonQuery2("CREATE TABLE ? (REF TEXT,DES TEXT,COBA TEXT,QUANTPHY INTEGER, USER TEXT, ZONE TEXT)",Array As Object (Export_Base))
'            Dim sf As Object = mysql.ExecQueryAsync("mysql", "SELECT DES, COBA FROM articles WHERE QUANTPHY > ?", Array(10))
'            mysql.ExecNonQuery2
'            Wait For (sf) mysql_QueryComplete (Success As Boolean, Crsr As JdbcResultSet)
'            If Success Then
'                Do While Crsr.NextRow
'                    Log($"DES: ${Crsr.GetString("DES")}, COBA: ${Crsr.GetString("COBA")}"$)
'                Loop
'                Crsr.Close
'            End If
        Catch
            Success = False
            Log(LastException)
        End Try
        CloseConnection
    End If
    Return Success

But get the following error:
(MySQLSyntaxErrorException) com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''Export' (REF TEXT,DES TEXT,COBA TEXT,QUANTPHY INTEGER, USER TEXT, ZONE TEXT)' at line 1


Need help to fix this error.

 

[DonManfred]

Export_Base contains Export?

Export is an reserved keyword and can not be used for a tablename.

https://dev.mysql.com/doc/refman/5.7/en/keywords.html

 

[ctd]

Same error when changed the table name to TEST1234.

 

[OliverA]

You cannot create a table this way. Parameters are for parameters only. The table name is not a parameter. That is a limitation of the underlying JDBC/PreparedStatement, not the JdbcSQL library. To get around this "limitation", you must create your own query string, at least for the table portion of the string. "Limitation" is in quotes, because it's not really a limitation, but a safeguard against SQL injections. If you opt to go the route of creating your own SQL statements, please read this (The Curse and Blessings of Dynamic SQL) first and ensure yourself that what you are doing is really, really necessary.

 

[ctd]

You cannot create a table this way. Parameters are for parameters only. The table name is not a parameter. That is a limitation of the underlying JDBC/PreparedStatement, not the JdbcSQL library. To get around this "limitation", you must create your own query string, at least for the table portion of the string. "Limitation" is in quotes, because it's not really a limitation, but a safeguard against SQL injections. If you opt to go the route of creating your own SQL statements, please read this (The Curse and Blessings of Dynamic SQL) first and ensure yourself that what you are doing is really, really necessary.

Thank a lot i finaly get it work with your suggestion.