prepared statement

2019-09-03 23:11发布

站内问答 / Java
1072 4 4

how can i write prepared statement instead of this: please help me

String qry= "INSERT INTO 
Registration1(RegistrationNo,Date,SeniorPerson,NativePlace,Kul,Gotra,KulSwami,ResidensialAddress,PinCode,STDcode,TelephoneNo,MobileNo,Email,Website,Education,Branch,BirthDate,BloodGroup) VALUES('"+regno+"','"+dt+"','"+nm+"','"+place+"','"+kul+"','"+gotra+"','"+kswami+"','"+raddr+"','"+pincode+"','"+stdcd+"','"+tele+"','"+mno+"','"+email+"','"+website+"','"+education+"','"+branch+"','"+bdt+"','"+bloodgrp+"')";
stmt.executeUpdate(qry);

4条回答
劳资没心,怎么记你
2楼-- · 2019-09-03 23:46 
PreparedStatement stmt = conn.prepareStatement("INSERT INTO Registration1(RegistrationNo,Date,SeniorPerson,NativePlace,Kul,Gotra,KulSwami,ResidensialAddress,PinCode,STDcode,TelephoneNo,MobileNo,Email,Website,Education,Branch,BirthDate,BloodGroup) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

int col = 1;
stmt.setString(col++, regno);
stmt.setDate(col++, new java.sql.Date(dt.getTime()));  // assuming dt is a java.util.Date
(etc)

stmt.executeUpdate();
查看更多
0人赞 添加讨论(0) 举报
淡お忘
3楼-- · 2019-09-03 23:51

You Should use this template:

PreparedStatement pstmt = con .prepareStatement ("INSERT INTO TableName (ColumnNmae1, ColumnNmae2, ColumnNmae3...) VALUES (?,?,?...);
    pstmt.setType(1, value);
    pstmt.setType(2, value);
    pstmt.setType(3, value);
    etc.

in the prepared statemnt you need to use exactly the same amount oof question mark as the columns you manchined in the statment.

for each question mark you shoukd setValue, you need to choose the right set for eac value typr, there is setString setInt etc...

In your specific case it should look like that:

PreparedStatement pstmt = con .prepareStatement ("INSERT INTO TableName (RegistrationNo,Date,SeniorPerson...) VALUES (?,?,?...);
pstmt.setString(1, regno);
pstmt.setDate(2, Date);
pstmt.setString(3, SeniorPerson);
etc.
查看更多
0人赞 添加讨论(0) 举报
对你真心纯属浪费
4楼-- · 2019-09-04 00:01

Yours is an example of how to NOT use PreparedStatement.

Here's a better idea:

// Here's a PreparedStatement to satisfy the person who downvoted.
PreparedStatement stmt = connection.prepareStatement();
// I might have missed a '?' - you should check it.
String qry= "INSERT INTO    Registration1(RegistrationNo,Date,SeniorPerson,NativePlace,Kul,Gotra,KulSwami,ResidensialAddress,PinCode,STDcode,TelephoneNo,MobileNo,Email,Website,Education,Branch,BirthDate,BloodGroup) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
// Bind the variables here
stmt.executeUpdate(qry);

You should go through this carefully.

查看更多
0人赞 添加讨论(0) 举报
时光不老,我们不散
5楼-- · 2019-09-04 00:08 
    `enter code here`you can use prepared statement of insertion like..


         Connection MyCon=null;
         PreparedStatement Ps=null;
try{
          myCon=(Connection) DriverManager.getConnection("jdbc:mysql://localhost:3306/demo","student","student");   
       // these are string from where we can take inputs .
         String Fname;
         String Lname;
         String email;
         String department;
         String Salary;


         Fname=JOptionPane.showInputDialog(null,"Enter First Name");
         Lname=JOptionPane.showInputDialog(null,"Enter Last Name");
         email=JOptionPane.showInputDialog(null,"Enter Your Email");
         department=JOptionPane.showInputDialog(null,"Enter Department Name");
         Salary=JOptionPane.showInputDialog(null,"Enter Salary Name");

            **String insertion="insert into employees"
                   + "(first_name, last_name, email, department ,salary )"+"values "
                    + "(?,?,?,?,?)";**

             **Ps=(PreparedStatement) MyCon.prepareStatement(insertion);
               Ps.setString(1,Fname);
                 Ps.setString(2,Lname);
                 Ps.setString(3,email);
                 Ps.setString(4,department);
                 Ps.setString(5,Salary);

        Ps.executeUpdate();**
}catch(Exception e)
{
e.printtrace();
}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)