I'm making an inventory system using Java and JDBC. I have got this error some how when querying a table.

com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '?' at line 1

Below is the code

public static void SearchUser() throws SQLException{        
    String ordersquery = "SELECT * FROM orders WHERE submittedBy = ?";      
    User userDetails = UserController.getUserDetails(username);//gets the details from user tables          
    if (userDetails != null){           
        System.out.println("----Menu----");
        System.out.println();
        System.out.println("1. View Orders Made By This User");
        System.out.println("2. View Most Expensive Parts Currently Taken Out By This User");
        System.out.println();
        System.out.println("9. Go Back To Main Menu");
        choice = input.nextLine();  
        if (choice.equals("1")){
            try (
                    PreparedStatement stmt2 = conn.prepareStatement(ordersquery);

                    ){  
                stmt2.setInt(1, userDetails.getUserId());
                ResultSet rsOrders = stmt2.executeQuery(ordersquery);   
                if (rsOrders != null){
                    while (rsOrders.next()){
                        Order orderDetails = new Order(rsOrders.getInt("orderId"), userDetails.getUserId(), rsOrders.getInt("totalItems"), rsOrders.getInt("totalPrice"));
                        System.out.println("-------------------------------------");
                        Order.print(orderDetails);
                    }
                }
            }catch (SQLException e){
                System.err.println(e);
            }
        }else if (choice.equals("2")){  
        }
    }

}

ResultSet rsOrders = stmt2.executeQuery(ordersquery);

stmt2 is you sql query then why are you passing ordersquery change your code to below code

ResultSet rsOrders = stmt2.executeQuery();

It seems you are using wrong sytax for executeQuery(). it doesn't expects parameter. Try below code. you should be good

public static void SearchUser() throws SQLException{

    String ordersquery = "SELECT * FROM orders WHERE submittedBy = ?";
    User userDetails = UserController.getUserDetails(username);//gets the details from user tables
    if (userDetails != null){
        System.out.println("----Menu----");
        System.out.println();
        System.out.println("1. View Orders Made By This User");
        System.out.println("2. View Most Expensive Parts Currently Taken Out By This User");
        System.out.println();
        System.out.println("9. Go Back To Main Menu");
        choice = input.nextLine();

        if (choice.equals("1")){
            try (
                    PreparedStatement stmt2 = conn.prepareStatement(ordersquery);

                    ){

                stmt2.setInt(1, userDetails.getUserId());
                ResultSet rsOrders = stmt2.executeQuery();
                if (rsOrders != null){
                    while (rsOrders.next()){
                        Order orderDetails = new Order(rsOrders.getInt("orderId"), userDetails.getUserId(), rsOrders.getInt("totalItems"), rsOrders.getInt("totalPrice"));
                        System.out.println("-------------------------------------");
                        Order.print(orderDetails);
                    }
                }
            }catch (SQLException e){
                System.err.println(e);
            }
        }else if (choice.equals("2")){

        }
    }

}