0

How can I update my SQL Table column with the value that is stored in a local variable.

In my program I have taken value from the HTML page using the following statement:

String idd=request.getParameter("id");
String report=request.getParameter("rprt");

So now I have to update the value of report in my database table named "ptest" and I am using the following query:

Class.forName("com.mysql.jdbc.Driver"); 
java.sql.Connection con = 
DriverManager.getConnection("jdbc:mysql://localhost:3306/tcs","root","root"); 
Statement st= con.createStatement(); 
ResultSet rs; 
int i=st.executeUpdate("update ptest set result = @reprt where patient_id= 
@idd");


out.println("Successfully Entered");

But the value is not being stored in the database instead NULL is being stored.

I have already seen this question and got no help. Question

Please ignore my mistakes if any in this question as I am new to MYSQL.

Improve this question
4
  • idd is used to get the value of patient_id from the html page and reprt is used to get the report from the html page Commented Jun 29, 2018 at 13:46
  • Please learn how to use prepared statements Commented Jun 29, 2018 at 13:49
  • @MarkRotteveel I think he started doing that by asking the question Commented Jun 29, 2018 at 14:26
  • @markg Learning is better done by following a good tutorial or book, than by asking questions like this. Commented Jun 29, 2018 at 14:33

2 Answers 2

Reset to default
1

You can use prepared statements in java.

setString or setInt can set different data types into your prepared statements.

The parameter 1, 2 are basically the positions of the question mark. setString(1,report) means that it would set the string report in the 1st question mark in your query.

Hope this code helps you in achieving what you want.

String query = "update ptest set result = ? where patient_id = ?";
PreparedStatement preparedStatement = con.prepareStatement(query);

preparedStatement.setString(1, report);
preparedStatement.setString(2, idd);

preparedStatement.executeUpdate();
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

how to use this statement as it is showing the following error PreparedStatment cannot be resolved to a type
@PiyushAgarwal please tell what is the error you are getting so I can cater the answer more correctly.
PreparedStatment preparedStatement should be PreparedStatement preparedStatement (Typo in the type declaration)
@FarhanQasim The error: Can not issue data manipulation statements with executeQuery()
@PiyushAgarwal yes I have already edited it and used executeUpdate. sorry for the mistakes, but it would work correctly now.
0

In JDBC, you use ? as placeholders for where you want to inject values into a statement. So you should do something like this ...

Class.forName("com.mysql.jdbc.Driver"); 
java.sql.Connection con = 
DriverManager.getConnection("jdbc:mysql://localhost:3306/tcs","root","root"); 
PreparedStatement st= con.prepareCall("update ptest set result = ? where patient_id= 
?"); 

///now set the params in order
st.setString(1, report);
st.setString(2, idd);
//then execute
st.executeUpdate();

Doing a string concat with the values is dangerous due to sql injection possibilities, so I typically make statement text static and final, and also if your value has a ' in it that could blow up your sql syntax etc. Also, notice the use of executeUpdate rather than query. Hope this helps

Improve this answer

2 Comments

there is an error : The method createStatement() in the type Connection is not applicable for the arguments (String)
oops, forgot to change to prepareCall, I changed it so it should be ok now

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.