stackoom
  简体   繁体   中英

Add a product to a Database using Java Servlet/jsp

 原文  2020-04-15 12:44:48       java/ jsp/ servlets

Question

Could you help me to solve this? I cant find what is happening. I'm doing a web application using Java Servlets and JSP.

It show's this in the URL when I try to add a product: http://localhost:8080/ProductMaintenanceMdy/add?action=add&code=8768&description=mylove&price=15.55&Add+product=Submit

Since it shows the data entered in the URL, that means the form in the addProduct.jsp is working, but it doesn't save the product in the database.

Could you check if my servlet code, mapping code and query function to add are right? Don't be rude, I'm a beginner.

//Servlet code for add product 

else  if (action.equals("addProducts"))  // this is for action inside display  
{
    url= "/addProducts.jsp";
}
else if (action.equals("add")) //this is for add inside sddProducts
{  
    String code= request.getParameter("code");
    String description= request.getParameter("description");
    Double price=Double.parseDouble(request.getParameter("price"));

    Product p= new Product();
    p.setCode(code);
    p.setDescription(description);
    p.setPrice(price);

    ProductDB.insertProduct(p); //implemented it inside productDB.java
    url="/addProducts.jsp";

}

// Web xml mapping section for add 

<servlet-mapping>
        <servlet-name>ProdMaintAppServlet</servlet-name>
        <url-pattern>/add</url-pattern>
</servlet-mapping>

// method inside the ProductDB (class for the database queries functions) 

public static void insertProduct(Product p) {

    ConnectionPool pool = ConnectionPool.getInstance();
    Connection connection = pool.getConnection();
    PreparedStatement ps = null;
    ResultSet rs = null;

    String query=" INSERT INTO productsMaintenance VALUES( '"+ p.getCode()+"','"+ p.getDescription()+"','"+ p.getPriceCurrencyFormat()+"' ) ";

    try {

        ps = connection.prepareStatement(query);
        rs = ps.executeQuery();

    }

    catch (SQLException e) {
        System.err.println(e);
    } finally {
        DBUtil.closeResultSet(rs);
        DBUtil.closePreparedStatement(ps);
        pool.freeConnection(connection);
    }
}

1 answers

solution1
 1  2020-04-15 14:21:37

You can find out the root cause by using a debugger . Apart from it, given below are some best practices which may also help you get rid of the problem.

For SQL Data Manipulation Language ( DML ) statement, such as INSERT , UPDATE or DELETE , you should use executeUpdate or execute .

Also, your implementation of PreparedStatement is not different from Statement ie you are actually not utilizing the power and benefits of PreparedStatement . It should be like

String query = "INSERT INTO productsMaintenance (Code, Description, PriceCurrencyFormat) VALUES (?, ?, ?)";
ps = conn.prepareStatement(query);
ps.setString (1, p.getCode());
ps.setString (2, p.getDescription());
ps.setString (3, p.getPriceCurrencyFormat());

// execute the PreparedStatement
ps.execute();

This way you can prevent the attempt of SQL injection as well as you can get rid of inserting ' explicitly before and after each data.

Check this to learn more about it.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Connecting Database using Java Servlet, JSP, and AJAX How to display an image from a database in a JSP using a java servlet? Can't connect to database java jsp, servlet insert 5 rows of data in the database using servlet and jsp Uploading image using JSP and Servlet in Oracle database upload the excel data into the database using jsp/servlet insert data into database using servlet and jsp in eclipse Message Prompt Using JSP and Servlet Java Using jsp page instead of java servlet How to retrieve specific data contents in database from servlet to jsp using java?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM