This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
For starters, your code is wide open to SQL injection attacks - you should be using a PreparedStatement. Secondly, you're literally inserting the string value "employeeid" instead of inserting the value of the variable "employeeid".