I'm looking all over the net for this problem, I don't know maybe I just cant explain what I'm trying to do.
Statement stmtttt = con.createStatement();
ResultSet resultttt = stmtttt.executeQuery("select * from logs_pms_t_project where p_id="+p_id+" ");
while(resultttt.next())
{
out.println(" <span class>" + resultttt.getString("phase_id")+ "</span>" );
}
In that code, I'm trying to display a certain column from the database -- the phase_id
. So that I can store it as variable to a String
.
String phase_id=???;
How can I do that?
I'm not exactly sure what you're trying to accomplish, but looking at the SQL, I think you're expecting just 1 row returned, therefore an if
will do, no need for a while
. So then you can assign the phase_id
var like this
ResultSet resultttt = stmtttt.executeQuery("select * from logs_pms_t_project where p_id="+p_id+" ");
String phase_id = null;
if (resultttt.next()) {
phase_id = resultttt.getString("phase_id");
// out.println ... ?
}
You could do the same with the while
loop of course, but if the query returned more than 1 row, it phase_id
would contain the id from the last row.
Most likely the cause of your problems is that you are not enclosing p_id
in quotes. In general, passing parameters to queries like this is a bad practice. Suggest you read up on java.sql.PreparedStatement
- it has a setString()
method for setting query parameters.
This is called 'SQL injection vulnerability': if you are reading p_id
from an input, the user could have entered something like foo"; drop table logs_pms_t_project;
, and erase all your data.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.