CODEWITHSUNDEEP
javamysqlsql-update
Saksoo
Saksoo

Reputation: 53

Mysql Java Update Query

I have a listener that listens a button and takes 3 texts fields from input to execute an update query. I want to execute the update but in the query to pass my local variables(name,city,salary). What can i do this?

public void actionPerformed(ActionEvent arg0) {
        final String name;
        final String city;
        final String salary; 

        name = (textFieldName.getText());   
        city = (textFieldCity.getText());   
        salary = (textFieldSalary.getText());   

        System.out.println(salary);
        try {
                Statement s = connection.createStatement();
                s.executeUpdate("INSERT INTO users (name,city,salary) VALUES (name, city,salary)");

Upvotes: 0

Views: 78

Answers (1)

BigMike
BigMike

Reputation: 6873

I'd go with a PreparedStatement

PreparedStatement s = connection.prepareStatement("INSERT INTO users (name,city,salary) VALUES (?, ?, ?)");
s.setString(1, name);
s.setString(2, city);
s.setString(3, salary);
boolean res = s.execute();

This approach is a bit better, quoting will be automatically managed and will prevent simple SQL Injection.

Upvotes: 2

Related Questions