Review should be made, as an example, to the following code that will pass a variable and user input into a query:

String sql = "SELECT StudentID, FirstName, LastName FROM STUDENT";

ResultSet rs = stmt.executeQuery(sql);
//STEP 5: Extract data from result set
while(rs.next()){

//Retrieve by column name
int id = rs.getInt("StudentID ");
String first = rs.getString("FirstName ");
String last = rs.getString("LastName ");

//Display values
System.out.print("ID: " + StudentID);
System.out.print(", First Name: " + FirstName);
System.out.println(", Last Name: " + LastName);

}