The 'setString()' and 'setInt()' are methods that expect arguments, not
variables that can receive an assignment! Try this:
<% Connection objConn = java.sql.DriverManager.getConnection (strJDBCurl);
%>
<%
String strSQL = "INSERT INTO codelist
(title,description,section_id,keywords,code)" +
" VALUES (?,?,?,?,?)";
PreparedStatement objPStmt = objConn.prepareStatement(strSQL);
objPStmt.setString(1, request.getParameter("txtTitle"));
objPStmt.setString(2, request.getParameter("txtDescription"));
objPStmt.setInt(3,Integer.parseInt(request.getParameter("selSection")));
objPStmt.setString(4, request.getParameter("txtKeywords"));
objPStmt.setString(5, request.getParameter("txtCode"));
objPStmt.executeUpdate();
%>
-----Original Message-----
From: Anil John [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 02, 2001 9:05 AM
To: [EMAIL PROTECTED]
Subject: Re: Escaping ' in a SQL INSERT
Thank you... I did that, and If I've followed the instructions the
following code should work (I hope!).
<% Connection objConn = java.sql.DriverManager.getConnection (strJDBCurl);
%>
<%
String strSQL = "INSERT INTO codelist
(title,description,section_id,keywords,code)" +
" VALUES (?,?,?,?,?)";
PreparedStatement objPStmt = objConn.prepareStatement(strSQL);
objPStmt.setString = (1, request.getParameter("txtTitle"));
objPStmt.setString = (2, request.getParameter("txtDescription"));
objPStmt.setInt = (3,
Integer.parseInt(request.getParameter("selSection")));
objPStmt.setString = (4, request.getParameter("txtKeywords"));
objPStmt.setString = (5, request.getParameter("txtCode"));
objPStmt.executeUpdate();
%>
It does not.
I get the following error:
')' expected.
objPStmt.setString = (1, request.getParameter("txtTitle"));
^
What did I do wrong?
Anil
On Fri, 2 Feb 2001, Hung Yee wrote:
> Take a look at Sun's tutorial on JDBC (Java DataBase Connectivity) - it
> explains all the basics, including the difference between Statement
objects
> and PreparedStatement objects:
> http://www.java.sun.com/docs/books/tutorial/jdbc/index.html
>
> Also, here's a link to the JDBC API:
> http://java.sun.com/j2se/1.3/docs/api/java/sql/package-summary.html
>
> Other JDBC links that might interest you:
> http://java.sun.com/j2se/1.3/docs/guide/jdbc/index.html
> http://www.java.sun.com/products/jdbc/index.html
>
> Good luck.
>
> -----Original Message-----
> From: Anil John [mailto:[EMAIL PROTECTED]]
> Sent: Friday, February 02, 2001 7:18 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Escaping ' in a SQL INSERT
>
>
> Joseph,
>
> Thank you.. That was exactly what I was looking for...
>
> Is there any performance or state penalty associcated with using a
> preparedstatement vs the regular statement?
>
> Anil
>
>
> On Fri, 2 Feb 2001, Joseph Ottinger wrote:
>
> > Ah. This is a common JDBC problem; I've been casually watching the
> > JSP-Interest list (very casually, since my email is a little screwed up
at
> > the moment) and just now realised nobody was really giving you any
useful
> > information.
> >
> > PreparedStatement ps=connection.createPreparedStatement(
> > "insert into mytable (field1) values (?)"
> > );
> > ps.setString(1, "O'Malley");
> > ps.execute();
> >
> > This will insert "O'Malley", properly escaped and all, into the
database.
> In
> > addition, there's no parsing, no string building; if you're doing a lot
of
> > inserts, all you'd do is setString(1) over and over again, then
re-execute
> > (I'm ignoring batch updates, I know.)
> >
> > >No special reason expect ignorance :)
> > >
> > >As I mentioned, I am new to JSP. It would appear that I need to read a
> > >little bit more...
> > >
> > >Thank you..
> > >
> > >Anil
> > >
> > >
> > >On Fri, 2 Feb 2001, Joseph Ottinger wrote:
> > >
> > > > Is there any special reason you can't use a PreparedStatement, since
> > >they
> > > > handle escaping for you?
> > > >
> > > > >I understand that...Just don't want to do that manually :)
> > > > >
> > > > >Would rather use a replace function to to which I can feed in a
> string
> > >and
> > > > >tell it to do the replace as you suggest. What I am looking for is
> the
> > > > >existance of such a function and some code samples that people have
> > >used.
> > > > >
> > > > >Anil
> > > > >
> > > > >
> > > > >On Fri, 2 Feb 2001, Chitra Muthukrishnan wrote:
> > > > >
> > > > > > Use double single quote .
> > > > > > For example,
> > > > > > if you want to insert ab'c, your insert statement will be like
> this
> > >:
> > > > > >
> > > > > > insert into tablename(field1) values(value1,'ab''c);
> > > > > >
> > > > > > M.Chitra
> > > > > > www.3rdagenda.com
> > > > > >
> > > > > >
> > > > > >
> > > > > > ----- Original Message -----
> > > > > > From: Anil John <[EMAIL PROTECTED]>
> > > > > > To: <[EMAIL PROTECTED]>
> > > > > > Sent: Friday, February 02, 2001 6:56 AM
> > > > > > Subject: Escaping ' in a SQL INSERT
> > > > > >
> > > > > >
> > > > > > > Greetings,
> > > > > > >
> > > > > > > I am new to JSP, so if this question has been asked and
aswered
> > > > >before,
> > > > > > > please point me to the FAQ.
> > > > > > >
> > > > > > > If not, could someone provide a code sample of how you escape
a
> '
> > >when
> > > > > > > doing a SQL Insert in JSP?
> > > > > > >
> > > > > > > I am familiar with the VBScript replace function that would
> allow
> > >you
> > > > >to
> > > > > > > do this and am hoping that there is a corresponding JSP
> function.
> > > > > > >
> > > > > > > Anil
> > > > > > >
> > > > > > > --
> > > > > > >
_______________________________________________________________
> > > > > > > Anil John
> > > > > > > [EMAIL PROTECTED] [PGP Key Available]
> > > > > > >
> > > > > > >
> > > > > >
> > > >
> > >
>
>===========================================================================
> > > > > > > To unsubscribe: mailto [EMAIL PROTECTED] with body:
"signoff
> > > > > > JSP-INTEREST".
> > > > > > > For digest: mailto [EMAIL PROTECTED] with body: "set
> > >JSP-INTEREST
> > > > > > DIGEST".
> > > > > > > Some relevant FAQs on JSP/Servlets can be found at:
> > > > > > >
> > > > > > > http://java.sun.com/products/jsp/faq.html
> > > > > > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> > > > > > >
> > > > > >
> > > > > >
> > > >
> > >
>
>===========================================================================
> > > > > > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> > > > >JSP-INTEREST".
> > > > > > For digest: mailto [EMAIL PROTECTED] with body: "set
> > >JSP-INTEREST
> > > > >DIGEST".
> > > > > > Some relevant FAQs on JSP/Servlets can be found at:
> > > > > >
> > > > > > http://java.sun.com/products/jsp/faq.html
> > > > > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> > > > > >
> > > > > >
> > > > >
> > > > >--
> > > > >_______________________________________________________________
> > > > >Anil John
> > > > >[EMAIL PROTECTED] [PGP Key Available]
> > > > >
> > > >
> > >
>
>===========================================================================
> > > > >To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> > > > >JSP-INTEREST".
> > > > >For digest: mailto [EMAIL PROTECTED] with body: "set
JSP-INTEREST
> > > > >DIGEST".
> > > > >Some relevant FAQs on JSP/Servlets can be found at:
> > > > >
> > > > > http://java.sun.com/products/jsp/faq.html
> > > > > http://www.esperanto.org.nz/jsp/jspfaq.html
> > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > > > > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> > > >
> > > > _________________________________________________________________
> > > > Get your FREE download of MSN Explorer at http://explorer.msn.com
> > > >
> > > >
> > > >
> > >
> > >--
> > >_______________________________________________________________
> > >Anil John
> > >[EMAIL PROTECTED] [PGP Key Available]
> > >
> >
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> >
>
===========================================================================
> > To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> JSP-INTEREST".
> > For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
> DIGEST".
> > Some relevant FAQs on JSP/Servlets can be found at:
> >
> > http://java.sun.com/products/jsp/faq.html
> > http://www.esperanto.org.nz/jsp/jspfaq.html
> > http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> > http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
> >
> >
>
> --
> _______________________________________________________________
> Anil John
> [EMAIL PROTECTED] [PGP Key Available]
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
> JSP-INTEREST".
> For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
> DIGEST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
>
===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
> For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
> Some relevant FAQs on JSP/Servlets can be found at:
>
> http://java.sun.com/products/jsp/faq.html
> http://www.esperanto.org.nz/jsp/jspfaq.html
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
> http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
>
>
--
_______________________________________________________________
Anil John
[EMAIL PROTECTED] [PGP Key Available]
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff
JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST
DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
