Retrieve DB data with Java servlet and HTML form
Question
I created a simple form and a small servlet to execute a SQL statement from browser. When I click "Submit Query" button on the form, then the returinig page shows nothing retrieved from the DB. It only shows "Database Results" ( tag part) on the browser. Please advice me what is wrong with my code.
SQLTestForm.java
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
public class SQLTestForm extends HttpServlet {
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String title = "Results";
String docType =
"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 " + "Transitional//EN\"\n";
out.print(docType + "<HTML>\n" + "<HEAD><TITLE>" + title + "</TITLE></HEAD>\n" + "<BODY>" + "<H1>Database Results</H1>\n");
String driver = request.getParameter("driver");
String url = request.getParameter("url");
String username = request.getParameter("username");
String password = request.getParameter("password");
String qry = request.getParameter("query");
showTable(driver, url, username, password, qry, out);
out.println("</BODY></HTML>");
}
public void showTable(String driver, String url, String username, String password, String qry, PrintWriter out) {
try {
Class.forName(driver);
Connection conn = DriverManager.getConnection(url, username, password);
DatabaseMetaData dbMetaData = conn.getMetaData();
out.println("<UL>");
String productName = dbMetaData.getDatabaseProductName();
String productVersion = dbMetaData.getDatabaseProductVersion();
out.println(" <LI><B>Database:</B> " + productName + " <LI><B>Version:</B> " + productVersion + "</UL>");
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(qry);
out.println("<TABLE BORDER=1>");
ResultSetMetaData rm = rs.getMetaData();
int cnum = rm.getColumnCount();
out.println("<TR>");
for(int i=1; i <= cnum; i++) {
out.print("<TH>" + rm.getColumnName(i));
}
out.println();
while(rs.next()) {
out.println("<TR>");
for(int i=1; i <= cnum; i++) {
out.print("<TD>" + rs.getString(i));
}
out.println();
}
out.println("</TABLE>");
conn.close();
} catch (ClassNotFoundException cnfe) {
System.err.println("Error loading driver: " + cnfe);
} catch (SQLException se) {
System.err.println("Error connecting: " + se);
} catch(Exception e) {
System.err.println("Error with input: " + e); } } }
SQLTestForm.html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>SQL Test Form</TITLE>
</HEAD>
<BODY>
<H2>Query Input:</H2>
<FORM ACTION="/SQLTestForm" METHOD="POST">
<TABLE>
<TR><TD>Driver:
<TD><INPUT TYPE="TEXT" NAME="driver" VALUE="com.jdbc.mysql.Driver" SIZE="45">
<TR><TD>URL:
<TD><INPUT TYPE="TEXT" NAME="url"
VALUE="jdbc:mysql://localhost:3306/test" SIZE="45">
<TR><TD>Username:
<TD><INPUT TYPE="TEXT" NAME="username">
<TR><TD>Password:
<TD><INPUT TYPE="PASSWORD" NAME="password">
<TR><TD VALIGN="TOP">Query:
<TD><TEXTAREA ROWS="5" COLS="35" NAME="query"></TEXTAREA>
<TR><TD COLSPAN="2" ALIGN="CENTER"><INPUT TYPE="SUBMIT">
</TABLE>
</FORM>
</BODY>
</HTML>
1 answers
solution1
1 2013-01-22 19:04:15
Your classpath is missing the jdbc Driver. This may have two causes:
- You have forgotten to deliver the deiver in you war-file or the shared/commons-lib folder.
- You misspelled the drivers Classname (in you comment you wrote com.djbc and not com.jdbc
You know that you open a backdoor to the database? The Database engine checks the source of database requests. Now the requests are from your webserver. Every single computer that has access to you webpage will get a connection to your database.
You should change your code:
- Never use uncheck parameter and pass them to the database.
- Use
PreparedStatementinstead ofStatement - Don't make String concatenations to create a query
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.