Here I'm getting error while inserting the data to the database.
I'm not getting any error until insert statement in Oracle or after that statement.
package com.socket;
import java.util.ArrayList;
import java.io.Serializable;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.*;
import java.sql.*;
import oracle.jdbc.*;
public class Message implements Serializable {
private static final long serialVersionUID = 1L;
public String type, sender, content, recipient;
public Message(String type, String sender, String content, String recipient) {
this.type = type;
this.sender = sender;
this.content = content;
this.recipient = recipient;
}
@Override
public String toString() {
SimpleDateFormat sdf = new SimpleDateFormat("dd/MM/yyyy HH:mm:ss");
Calendar cal = Calendar.getInstance();
String Current = sdf.format(cal.getTime());
String Content1 = content + Current;
Connection conn = null;
String driverName = "oracle.jdbc.OracleDriver";
String url = "jdbc:oracle:thin:@172.16.0.35:1521:orcl";
String username = "itn"; //SET USERNAME
String password = "itn"; //SET PASSWORD
try {
if (conn == null) {
Class.forName(driverName);
conn = DriverManager.getConnection(url, username, password);
String Query = "INSERT INTO ENTRIES (SERIALNO, TYPE, SENDER, CONTENT, TIMER, RECIPIENT, CREATEDON) VALUES ((Select max(SERIALNO)+1 from ENTRIES), '"
+ type + "', '" + sender + "', '" + content + "', TO_DATE('" + Current
+ "', 'DD/MM/YYYY HH24:MI:SS'), '" + recipient + "', TO_DATE('"
+ Current + "', 'DD/MM/YYYY HH24:MI:SS'))";
System.out.println(Query);
Statement st = conn.createStatement();
st.executeUpdate("Query");
st.close();
}
} catch (Throwable t) {
System.out.println("error in setRepositoryConnection : " + t);
//logger.log("Unable to set connection ", "Repository.java", "Repository", t, Logger.CRITICAL);
}
return "{type='" + type + "', sender='" + sender + "', contentx='" + Content1 + "', recipient='" + recipient + "'}";
}
}
This part makes no sense:
System.out.println(Query);
Statement st = conn.createStatement();
st.executeUpdate("Query");
You need to execute query and with SQL you built:
int result = st.executeUpdate(Query);
The best approach is to use PreparedStatement , because it makes code more readable, easier to understand, it provides compile time check of paramaters and it provides protection for SQL injections:
PreparedStatement statement = conn.prepareStatement();
statement.setInt(1, intVariable);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.