jdbc - Oracle query inside java -
string sql = "insert student_info(name,roll_no,address,phone_no) values('101', 1, 'fatma', '25')"; string sql = "insert student_info(name,roll_no,address,phone_no) values("+student.getname()+","+student.getroll_no()+","+student.getaddress()+","+student.getphone_no()+")"; the last query shows error:
java.sql.sqlexception: ora-00917: missing comma at
statement.executeupdate(sql); can rule out missing comma?
you miss single quotes around student.name, student.address , student.phone_no
string sql = "insert student_info(name,roll_no,address,phone_no) values('"+ student.getname()+"',"+ student.getroll_no()+",'"+ student.getaddress()+"','"+ student.getphone_no()+"')"; do notice sql statement vulnerable sql injection attacks. use preparedstatement.
string sql = "insert student_info(name,roll_no,address,phone_no) " + "values(?,?,?,?)"; addstudent = con.preparestatement(sql); addstudent.setstring(1, student.getname()); addstudent.setint(2, student.getroll_no()); addstudent.setstring(3, student.getaddress()); addstudent.setstring(4, student.getphone_no()); addstudent.executeupdate(); con.commit(); 
Comments
Post a Comment