Gluons
Reputation: 19
Java Update statement issue
I am trying to update the SSN for a customer by searching for them based on the old SSN then updating it. What am I missing? This will not return a result even though i know i have matches for ssNum in the database. Thanks.
String query = "UPDATE Customers SET ss_num = ('" + updateSsn
+ "') WHERE ss_num = ('" + ssNum + "')";
Upvotes: 0
Views: 599
Answers (2)
Bhesh Gurung
Reputation: 51030
That type of query is unsafe (vulnerable to SQL injection). Write your query as follows and use PreparedStatement:
String query = "UPDATE Customers SET ss_num = ? WHERE ss_num = ?";
PreparedStatement ps = con.prepareStatement(query);
ps.setString(1, updateSsn);
ps.setString(2, ssnNum);
Upvotes: 3
Jigar Joshi
Reputation: 240860
you need to use executeUpdate() method, which doesn't return ResultSet, but it will return numberOfRowsUpdated
Use PreparedStatement instead
Upvotes: 1
Related Questions
- Trouble updating SQL table in JDBC
- how can I make my sql update statement work?
- Why is it not updating
- ExecuteUpdate sql statement in Java not working
- Java MySQL Update Query
- Java SQL Update Query Not Working
- update not working in JDBC
- sql update statement does not execute properly
- MySql update statement in jdbc
- sql update statement not working from Java but working manually?