Java MySQL query issue

Question

SO my query will not properly work. also i understand that since i am not using prepared statements that could possibly cause mySQL injections. moving forward, the issue every time i run this i get an error. also just a heads up this is for a school assignment - aka im sure my coding style is probably subpar at best but i am working on it!!!

public  String newEmpInsert() {
    return newEmpInsert;
}
private String newEmpInsert = "INSERT INTO empInfo"
   + "(firstName, lastName, SSN, address, salary, pin, empLevel, contactInfo) "
   + "VALUES ('"+firstName+"', '"+lastName+"', '"+SSN+"', '"+address+"', '"+salary+"'," 
   + "'"+pin+"', '"+empLevel+"', '"+contactInfo+"')";

all of the variables that are being used to are set from getters and setters within the class the middle man code is below

    public void newEmpInsert() {

    // SQL Connection
    Connection conn = null;
    try {
        conn = MySQL_connection_test.getConnection();
        // Create a statement
        Statement stmt = conn.createStatement();
        stmt.executeQuery(queries.newEmpInsert());

    } 
    catch (SQLException e) {
        // TODO Auto-generated catch block
        //e.printStackTrace();
        System.out.println("--------->>Invalid query!!!!<<--------------");
        System.out.println("Your query has an error, please try again!!");
    }

    // Close the connection
    //VERY IMPORTANT!!
    finally {
        try {
            conn.close();
        } 
        catch (SQLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
            System.out.println("Database closed");
    }
}

and i am sure that the variables are getting set properly because in my main i did the following...

public class TESTPACKAGE {
public static void main(String[] args) {

    //declare a new instance of the procedures
    SqlProcedures procedures = new SqlProcedures();

    procedures.queries = new Queries();

    //use the setters
    procedures.queries.setFirstName("Anthony");
    procedures.queries.setLastName("inner");
    procedures.queries.setSSN(123451235);
    procedures.queries.setAddress("1300 S Farmview");
    procedures.queries.setSalary(18.00);
    procedures.queries.setPin(1234);
    procedures.queries.setEmpLevel(2);
    procedures.queries.setContactInfo("1254569133");


    System.out.println(procedures.queries.getFirstName());
    System.out.println(procedures.queries.getLastName());
    System.out.println(procedures.queries.getSSN());
    System.out.println(procedures.queries.getAddress());
    System.out.println(procedures.queries.getSalary());
    System.out.println(procedures.queries.getPin());
    System.out.println(procedures.queries.getEmpLevel());
    System.out.println(procedures.queries.getContactInfo());



    //execture a query 
    procedures.newEmpInsert();





}

}

when i run the getters to ensure that everything is getting set properly it retuns properly.. Please help as this is driving me crazy!!!

if you need any more code let me know and i will include it. i think that i included everything that is needed.

again thank you all for the help

Answer 1

You can't execute an INSERT query using executeQuery which is for queries returning results;

In other words;

stmt.executeQuery(queries.newEmpInsert());

should instead use executeUpdate ;

stmt.executeUpdate(queries.newEmpInsert());