my dog learned polymorphism
The moose likes JDBC and Relational Databases and the fly likes polling in jsp Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC and Relational Databases
Bookmark "polling in jsp" Watch "polling in jsp" New topic

polling in jsp

kanan devi

Joined: Oct 27, 2008
Posts: 9
plize tell me is it correct code

Connection conn = DriverManager.getConnection("jdbc:microsoft:sqlserver://database:1433","sa","123");
Statement st2=conn.createStatement();
String sql1 = "INSERT INTO tab.dbo.poll (a) VALUES ('"+radioVal+"')";
Statement st1=conn.createStatement();
catch(Exception ex)

thanks for your help
Freddy Wong
Ranch Hand

Joined: Sep 11, 2006
Posts: 959

To me, that code seems like inserting a record into the database. By the way, instead of asking whether the code is right or wrong. Have you tried to run it and see it's correct?

SCJP 5.0, SCWCD 1.4, SCBCD 1.3, SCDJWS 1.4
My Blog
Jeanne Boyarsky
author & internet detective

Joined: May 26, 2003
Posts: 32793

Two best practices:
1) Use a PreparedStatement (with a question mark) rather than string appending the option in. This presents SQL injection attacks where someone can execute arbitrary SQL code.
2) Keep SQL code out of a JSP. It really should be in a Java class (called from a servlet not a JSP.)

As for right and wrong, it depends what you want the code to do.

[OCA 8 book] [Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Other Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, TOGAF part 1 and part 2
I agree. Here's the link:
subject: polling in jsp
It's not a secret anymore!