autoincrement in a mysql update query

Question

String textbox1=request.getParameter("textbox1");
String textbox2=request.getParameter("textbox2");
String textbox3=request.getParameter("textbox3");
String textbox4=request.getParameter("textbox4");
String textbox5=request.getParameter("textbox5");
String textbox6=request.getParameter("textbox6");
String textbox7=request.getParameter("textbox7");
String textbox8=request.getParameter("textbox8");
String textbox9=request.getParameter("textbox9");
String textbox10=request.getParameter("textbox10");
String textbox11=request.getParameter("textbox11");
String textbox12=request.getParameter("textbox12");

for(int i=1;i<13;i++){
    String textbox=request.getParameter("textbox"+i+"");
    st.executeUpdate("update user_start2 set data='"+textbox+"'");
}

I have a table with column data,name and id. I want to update the table with the above query,but the table gets populated with only the last value. Is it possible to auto-increement as I am updating? so that the first data goes to the first user,2nd data to 2nd user and so on in the table..

When I system out I am able to retrieve values from the jsp to my servlet

Answer 1

I do not know how/where you are using this, but bear in mind that it is completely vulnerable to SQL injection attacks.

String textbox1=request.getParameter("textbox1");
String textbox2=request.getParameter("textbox2");
String textbox3=request.getParameter("textbox3");
String textbox4=request.getParameter("textbox4");
String textbox5=request.getParameter("textbox5");
String textbox6=request.getParameter("textbox6");
String textbox7=request.getParameter("textbox7");
String textbox8=request.getParameter("textbox8");
String textbox9=request.getParameter("textbox9");
String textbox10=request.getParameter("textbox10");
String textbox11=request.getParameter("textbox11");
String textbox12=request.getParameter("textbox12");

for(int i=1;i<13;i++){
    String textbox=request.getParameter("textbox"+i+"");
    st.executeUpdate("update user_start2 set data='"+textbox+"' where id="+i+";");
}

Answer 2

I assume that id is a unique identifier in your table user_start2. If so, then you need to alter the update statement above so that it reads, "update user_start2 set data= '"+textbox+"' where id = '"+Myuserid);

Based on what you are saying, I assume that there are 13 entries in your database and that you are updating each one. If so, there must be some correspondence between the ids and the index in your for loop. If it is a literal 1 to 1 mapping, then you can simply write your update statement as

"update user_start2 set data= '"+textbox+"' where id = '"+i+"'");

If there is some transformation that needs to be done first, you could create a temporary variable and set the id to that:

For example int temp = i+4;

"update user_start2 set data= '"+textbox+"' where id = '"+temp+"'");

Answer 3

Use PreparedStatement it prevents SQL Injection in Java

for(int i=1;i<13;i++){
 String textbox=request.getParameter("textbox"+i+"");
 PreparedStatement ps = con.prepareStatement("update user_start2 set data=? where id=?");

 //set the values of ?(place holders)
 ps.setString(1,textbox);
 ps.setInt(2,i); //assuming id is i.

 ps.executeUpdate();     
}

See also

• Oracle docs tutorial PreparedStatement