A PreparedStatement may use placeholders
? , that enables you to pass values that will be escaped .
Your query has no placeholder, so calling a replacement method like :
throws an Exception, because there isn't a placeholder's of index 1 in your query.
If what you want, is to search for a particular Employee based on the values you have (name and surname), you may execute a parameterized query with two placeholders :
pstmt=conn.prepareStatement("select * from empdetails where EmployeeName = ? AND EmployeeSurname = ?"); pstmt.setString(1,EmployeeName); pstmt.setString(2,EmployeeSurName);