File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JDBC and Relational Databases and the fly likes query trouble Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC and Relational Databases
Bookmark "query trouble" Watch "query trouble" New topic

query trouble

Anand Shrivastava
Ranch Hand

Joined: Jul 22, 2007
Posts: 125
kindly see the following code

pgres.otherquery("insert into (authorname) values ('"+jComboBox3.getSelectedItem().toString().trim()+"'");
pgres.otherquery("insert into public.subject (subject) values ('" + jComboBox1.getSelectedItem().toString().trim()+"'");
aset = pgres.selectquery("select authid from where authorname =" + jComboBox3.getSelectedItem());
sset = pgres.selectquery("select sid from public.subject where subject =" + jComboBox1.getSelectedIndex());
try {
pgres.otherquery("insert into public.author_subject values (" + aset.getInt("authorid")+", "+sset.getInt("sid") +")");
catch (Exception E) {System.out.println(E.getMessage());}

it gives the error message syntax error at the end of input. Probably this is the error message returned by the database.

Anand Shrivastava
Ernest Friedman-Hill
author and iconoclast

Joined: Jul 08, 2003
Posts: 24199

Don't do this -- use PreparedStatement. It will handle the quoting for you and whatever mistake you've made here, won't happen. Furthermore, it's far more secure -- code like this leaves you wide open for SQL injection attacks!

I'm moving this to our JDBC forum for any follow-up.

[Jess in Action][AskingGoodQuestions]
I agree. Here's the link:
subject: query trouble
It's not a secret anymore!