0

what's wrong with my insert method? my table has two columns, name, and artist..and timestamp, that too actually, how do i pass timestamp argument to the insert statement?

ok.addActionListener(new ActionListener() {
        public void actionPerformed(ActionEvent e) {
            try {
                /*FileWriter dir = new FileWriter(nameOfSong.getText()
                        + ".txt");
                BufferedWriter buffer = new BufferedWriter(dir);
                buffer.write(nameOfSong.getText());
                buffer.newLine();
                buffer.write(artist.getText());
                buffer.newLine();
                buffer.newLine();
                buffer.write(lyrics.getText());
                buffer.close();
                */

                Statement statement = connection.createStatement();
                statement.executeUpdate("INSERT INTO lyrics1_lyrics1 VALUES(" +
                nameOfSong.getText() + ", " + artist.getText() + "");


            } catch (Exception z) {
                System.err.println("Error: " + z.getMessage());
            } 
            internalFrame.dispose();
        }
    });
)
Improve this question
7
  • You might consider changing to using a PreparedStatement to avoid the SQL injection vulnerability. Commented Dec 7, 2011 at 3:52
  • you need INSERT INTO TALBE_NAME ( [COLUMN1][, COLUMN2][, COLUMN_N] ) VALUES( [VALUE FOR COLUMN 1][, VALUE FOR COLUMN 2][, VALUE FOR COLUMN N] ); also note that strings needs to be surrounded by single quotes 'this is a string' Commented Dec 7, 2011 at 3:53
  • @DorinDuminica You don't necessarily need the column names. Commented Dec 7, 2011 at 3:56
  • @DaveNewton really? suppose you have a table "TestTable" columns "ID", "Name", "Date" and you want to insert a new record with target for "Date" only with SQL: INSERT INTO "TestTable" VALUES( '2012-01-01' ); where will the engine insert the date value, in "ID", "Name" or "Date", it's not a tricky question, but I always thought that you need to specify target columns if number of values != number of columns, and in his case "name, and artist..and timestamp" he has 3 columns. Commented Dec 7, 2011 at 4:00
  • PLEASE, PLEASE, PLEASE work on making questions useful for future people: If you can't it likely "isn't a real question". E.g. "what doesn't work"? At least part of this should be in the title! Well, it's obvious to many of us ;-) but take some time to include the error message/symptoms! They are also great terms to SEARCH SO with. Commented Dec 7, 2011 at 4:05

5 Answers 5

Reset to default
6

Always use PreparedStatement.

 String sql="INSERT INTO lyrics1_lyrics1 VALUES (?,?)";
 PreparedStatement statement = connection.prepareStatement(sql);
 statement.setString(1,nameOfSong.getText());
 statement.setString(2,artist.getText());
 statement.executeUpdate();
 statement.close();
 connection.close();
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

The text values need to be surrounded by single quotes ('').

And SQL-escaped to avoid SQL injection attacks, or the first time you have a song by Little Bobby Tables, all your DB are belong to him.

Better yet, use a PreparedStatement, and let the machine do work for you.

Improve this answer

Comments

3

You can use prepared statement for it

String query = "INSERT INTO lyrics1_lyrics1(name, artist, timestamp) values(?, ?, ?)";
PreparedStatement pstmt = conn.prepareStatement(query);
pstmt.setString(1, name); // set input parameter 2
pstmt.setString(2, artist);
pstmt.setString(3, new TimeStamp(new Date().getTime()));

You need to add an import statement for the TimeStap;

import java.sql.Timestamp;

or else use

pstmt.setString(3, new java.sql.TimeStamp(new Date().getTime()));

Example: Prepared Statement Insert.

You can find a lot of example in java2s site.

Improve this answer

3 Comments

ok learning from a book, didn't about prepared statements, now i do..on the timestamp statement, it has error?
statement.setString(3, new TimeStamp(new Date().getTime()));
@JadJ java.sql.Timestamp, it needs to be imported. Consider keeping a window with the API docs open; things will go faster :)
2

Change the line to:

statement.executeUpdate("INSERT INTO lyrics1_lyrics1 VALUES('" +
                    nameOfSong.getText() + "', '" + artist.getText() + "'");
Improve this answer

Comments

1

This might solve your problem:

statement.executeUpdate("INSERT INTO lyrics1_lyrics1 VALUES('" + nameOfSong.getText() + "', '" + artist.getText() + "')");`
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.