通过textfield参数中的预准备语句将产品添加到DB

时间:2015-03-06 02:39:36

标签: html jsp servlets jdbc

我正在为学校做一个项目 - 我会尝试扩展应用程序并且我有点坚持这个。

我尝试使用预准备语句从表单中的文本字段向Oracle Thin数据库添加产品。

@Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        try {

            Class.forName(DB.driver);
            connection = DriverManager.getConnection(DB.URL, DB.ID, DB.PW);

            String query = "insert into parts values (?, '?', ?, ?, ?)";
            statement = connection.prepareStatement(query);
            statement.setInt(1, Integer.parseInt(request.getParameter("pno")));
            statement.setString(2, request.getParameter("pname"));
            statement.setInt(3, Integer.parseInt(request.getParameter("qoh")));
            statement.setDouble(4, Double.parseDouble(request.getParameter("price")));
            statement.setInt(5, Integer.parseInt(request.getParameter("olevel")));
            statement.executeQuery(query);



        } catch (ClassNotFoundException | SQLException ee) {
            System.out.println("Connection failed!");
            System.err.println(ee);
        } finally {

            try {
                statement.close();
            } catch (SQLException ex) {
                Logger.getLogger(addProductServlet.class.getName()).log(Level.SEVERE, null, ex);
            }
            try {
                connection.close();
            } catch (SQLException ex) {
                Logger.getLogger(addProductServlet.class.getName()).log(Level.SEVERE, null, ex);
            }
        }

        RequestDispatcher rd = request.getRequestDispatcher("indexSuccess.jsp");
        rd.forward(request, response);
    }

产品没有被添加到数据库中,但是如果我对SQL查询进行硬编码就可以了。我已经检查过所有数据类型都是正确的。

表格如下:

<form action="addProductServlet">
                    <div class="form-group">
                        <input type="text" class="form-control margin-bottom-5" placeholder="Product No. (100XX)" name="pno" required>
                        <input type="text" class="form-control margin-bottom-5" placeholder="Product Name" name="pname" required>   
                        <input type="text" class="form-control margin-bottom-5" placeholder="Quantity (XX)" name="qoh" required>   
                        <input type="text" class="form-control margin-bottom-5" placeholder="Price (XX.XX)" name="price" required>   
                        <input type="text" class="form-control" placeholder="Order Level" name="olevel" required>      
                    </div>

                    <button class="btn btn-danger nice-bg-color" type="submit">Add product</button>
</form>

非常感谢帮助!

1 个答案:

答案 0 :(得分:1)

query更改为

String query = "insert into parts values (?, ?, ?, ?, ?)";

请注意,String参数不需要引用,因为PrepareStatement会为您执行此操作。添加引号会导致有限值,''value'',并中断最终查询语句

相关问题
最新问题