error in insert into statement
my code is working properly it is saving the data but when i am inserting two field i.e date and birth date it showing the error that :syntex error in insert into statement in my DB i have taken this two field as number my code is:
private void saveREGISTRATION1(java.awt.event.ActionEvent evt) {
int len2;
String temp2;
int len1;
int len;
String temp,temp1;
int regno= Integer.parseInt(cbregn.getSelectedItem().toString());
if(cbregn.getSelectedItem().toString().equals("")){
JOptionPane.showMessageDialog(null," SELECT THE REGISTRATION NO ");
return;
}
// int date=Integer.parseInt(tdate.getText());
// if(tdate.getText().equals("")){
// JOptionPane.showMessageDialog(null," ENTER THE DATE ");
// return;
// }
String nm= cbnm.getSelectedItem().toString();
if(nm.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE NAME ");
return;
}
String place=tfplace.getText();
if(place.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE NATIVE PLACE ");
return;
}
String kul=tfkul.getText();
if(kul.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE NAME OF KUL ");
return;
}
String gotra=tfgotra.getText();
if(gotra.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE GOTRA NAME ");
return;
}
String kswami=tfswami.getText();
if(kswami.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE KULSWAMI NAME ");
return;
}
String raddr=taraddr.getText();
if(raddr.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE RESIDENSIAL ADDRESS ");
return;
}
int pincode=Integer.parseInt(tfpcd.getText());
// if(tfpcd.getText().equals(""))
// JOptionPane.showMessageDialog(null," ENTER THE PINCODE ");
// String pincode= tfpcd.getText();
// if(pincode.equals(""))
// JOptionPane.showMessageDialog(null," ENTER THE PINCODE ");
temp1=tfpcd.getText();
if(temp1.equals("")) {
JOptionPane.showMessageDialog(null," ENTER THE PIN CODE ");
return;
}
len1 = temp1.length();
if(len1!=7) {
JOptionPane.showMessageDialog(null,"Enter The 7 Digit Pin Code","Error",JOptionPane.ERROR_MESSAGE);
}
int stdcd=Integer.parseInt(tfstdcode.getText());
if(tfstdcode.getText().equals("")){
JOptionPane.showMessageDialog(null," ENTER THE STD CODE ");
return;
}
int tele=Integer.parseInt(tftele.getText());
// if(tftele.getText().equals(""))
// JOptionPane.showMessageDialog(null," ENTER THE TELEPHONE NO ");
temp2=tftele.getText();
if(temp2.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE TELEPHONE NO ");
return;
}
len2 = temp2.length();
if(len2!=7)
JOptionPane.showMessageDialog(null,"Enter The 7 Digit Telephone No","Error",JOptionPane.ERROR_MESSAGE);
int mno=Integer.parseInt(tfmno.getText());
if(tfmno.getText().equals("")){
JOptionPane.showMessageDialog(null," ENTER THE MOBILE NO ");
return;
}
temp=tfmno.getText();
if(temp.equals("")) {
JOptionPane.showMessageDialog(null," ENTER THE MOBILE NO ");
return;
}
len = temp.length();
if(len!=10) {
JOptionPane.showMessageDialog(null,"Enter The 10 Digit Mobile No","Error",JOptionPane.ERROR_MESSAGE);
}
String email=tfemail.getText();
if(email.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE EMAIL");
return;
}
if(email.equals("")) {
tfemail.setText("-");
} else // check if it is a valid email-id
{
//for(int cnt=0;cnt<temp.length();cnt++)
//{
int ind = email.indexOf("@");
if (ind != -1) { } else {
JOptionPane.showMessageDialog(null,"Invalid Email Id","Error",JOptionPane.ERROR_MESSAGE);
tfemail.setText("");
tfemail.requestFocus();
return;
}
//}
}
String website=tfweb.getText();
if(website.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE WEBSITE ");
return;
}
if(website.equals("")) {
tfweb.setText("-");
//return;
} else // check if it is a valid email-id
{
//for(int cnt=0;cnt<temp.length();cnt++)
//{
int ind = website.indexOf("www");
if (ind != -1) { } else {
JOptionPane.showMessageDialog(null,"Invalid Website","Error",JOptionPane.ERROR_MESSAGE);
tfweb.setText开发者_如何学编程("");
tfweb.requestFocus();
return;
}
//}
}
String education=tfedu.getText();
if(education.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE EDUCATION DETAILS");
return;
}
String branch=tfbrch.getText();
if(branch.equals("")){
JOptionPane.showMessageDialog(null," ENTER THE BRANCH NAME ");
return;
}
// int brthdt=Integer.parseInt(tfbdt.getText());
// if(tfbdt.getText().equals("")){
// JOptionPane.showMessageDialog(null," SELECT THE BIRTH DATE");
// return;
// }
String bloodgroup=(String)cbbldgrp.getSelectedItem();
if(bloodgroup.equals("")){
JOptionPane.showMessageDialog(null," SELECT THE BLOODGROUP");
return;
}
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection con=DriverManager.getConnection("jdbc:odbc:wanisamajDB");
Statement stmt=con.createStatement();
String qry= "INSERT INTO Registration1(RegistrationNo,SeniorPerson,NativePlace,Kul,Gotra,KulSwami,ResidensialAddress,PinCode,STDcode,TelephoneNo,MobileNo,Email,Website,Education,Branch,BloodGroup) VALUES('"+regno+"','"+nm+"','"+place+"','"+kul+"','"+gotra+"','"+kswami+"','"+raddr+"','"+pincode+"','"+stdcd+"','"+tele+"','"+mno+"','"+email+"','"+website+"','"+education+"','"+branch+"','"+bloodgroup+"')";
//String qry= "INSERT INTO Registration1(RegistrationNo,SeniorPerson,NativePlace,Kul,Gotra,KulSwami,ResidensialAddress,PinCode,STDcode,TelephoneNo,MobileNo,Email,Website,Education,Branch,BloodGroup,Date,BirthDate) VALUES('"+regno+"','"+nm+"','"+place+"','"+kul+"','"+gotra+"','"+kswami+"','"+raddr+"','"+pincode+"','"+stdcd+"','"+tele+"','"+mno+"','"+email+"','"+website+"','"+education+"','"+branch+"','"+bloodgroup+"','"+date+"','"+brthdt+"')";
stmt.executeUpdate(qry);
JOptionPane.showMessageDialog(null,"RECORD IS SAVED SUCCESSFULLY ");
con.close();
}
catch(SQLException eM) {
System.out.println(" "+eM);
JOptionPane.showMessageDialog(null,"RECORD IS NOT SAVED");
}
catch(Exception et)
{
System.out.println("error:"+et.getMessage());
}
}
I suspect the SQL may well be invalid due to the values you're trying to insert.
Don't put the values directly in your SQL statement. It's a recipe for SQL injection attacks.
Use a prepared statement instead, parameterizing all the values and setting the parameter values within code.
See the Bobby Tables web site for more information on preventing SQL injection attacks, including sample code.
If that doesn't help, you should really:
- Log the SQL you're trying to execute
- Work out why the SQL is invalid
- Fix the Java to use the correct SQL
精彩评论