File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes unable to print table: Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "unable to print table: "Syntax error: Encountered "\ Watch "unable to print table: "Syntax error: Encountered "\ New topic
Author

unable to print table: "Syntax error: Encountered "\'" at line 1, column 36"

Kaldur 'Ahm
Greenhorn

Joined: Dec 16, 2013
Posts: 1
<%@page import="java.sql.*"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body>
<%
Connection connection = null;
String DBUrl="jdbc:derby://localhost:1527/CRM";
try
{
String Cid, strSQL, CNAME, CITY, STATE, EMAIL, mySTATE;
mySTATE=request.getParameter("STATE");
connection = DriverManager.getConnection(DBUrl);
Statement SQLStatement = connection.createStatement();
String stateCheckbox1 = request.getParameter("CA");
String stateCheckbox2 = request.getParameter("OR");
String stateCheckbox3 = request.getParameter("WA");
if (stateCheckbox1 != null)
{mySTATE="CA";}
else if (stateCheckbox2 != null)
{mySTATE="OR";}
else
{mySTATE="WA";}
strSQL="select * from CUSTOMER where STATE='" +mySTATE+ "CA";
ResultSet rs = SQLStatement.executeQuery(strSQL);
out.println("<table border='1' width='400' cellspacing=1>");
out.println(" <thead><tr>");
out.println("<th>CID</th> <th>CNAME</th> <th>CITY</th> <th>Rating</th>");
out.println("</tr></thead>");
while (rs.next())
{
Cid=rs.getString("CID");
CNAME=rs.getString("CNAME");
CITY=rs.getString("CITY");
STATE=rs.getString("STATE");
EMAIL=rs.getString("EMAIL");
out.println("<tr>");
out.println("<td width='25%'>" + Cid + "</td>");
out.println("<td width='25%'>" + CNAME + "</td>");
out.println("<td width='25%'>" + CITY + "</td>");
out.println("<td width='25%'>" + STATE + "</td>");
out.println("<td width='25%'>" + EMAIL + "</td>");
out.println("</tr>");
}
rs.close();
}
catch(SQLException e)
{
out.println(e.getMessage());
}
out.println("</table>");
%>
</body>
</html>
E Armitage
Rancher

Joined: Mar 17, 2012
Posts: 892
    
    9
1.) Do not write database connection code in JSPs. Use a normal Java class (DAO) that you call from a servlet.
2.) Always close resultselts, statements and connections in a finally block.
3.) Use a PreparedStatement for passing parameters to your query. That will prevent SQL injection and fix the SQL syntax error you are getting.
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61761
    
  67

E. is not steering you wrong -- you should not be putting any Java code in a JSP. That is a bad bad practice from long long ago. Modern JSP pages (that is, anything written in the past 12 years) should be free of Java code.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: unable to print table: "Syntax error: Encountered "\'" at line 1, column 36"