Quote:
insertQueryGetId("SELECT workoutID FROM workout")
...
workoutID = statement.executeUpdate(query, Statement.RETURN_GENERATED_KEYS);
You're passing a
SELECT
query to the
executeUpdate
method. The error clearly tells you that this is not supported.
As per
the documentation[
^], you need to pass the actual
INSERT
statement to this method, specifying the
RETURN_GENERATED_KEYS
option, and then read the returned keys. There is an example of how to do this in the documentation.
But you have a much bigger problem: Your code is almost certainly vulnerable to
SQL Injection[
^].
NEVER use string concatenation/interpolation to build a SQL query.
ALWAYS use a parameterized query.
Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[
^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[
^]
Query Parameterization Cheat Sheet | OWASP[
^]