CODEWITHSUNDEEP
javahtmlservletsoracle10g
aam
aam

Reputation: 13

Why data from the servlet is not inserted into sql database?

html file
<html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
 <title>hi</title>
 </head>
  <body>
  <form action="Try.java" method="get" >
  name: <input type="text" name="name" ></input>
  <input type="submit" name="submit" value="submit" style="color: blue">
  </form>
  </body>
   </html>



servlet code
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection; 
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet; 

import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse;

 public class Try extends HttpServlet {

  private static final long
  serialVersionUID = 1L;      
  Connection con;
  Statement stm;

   public Try() {
   super();
          }


protected void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, 
IOException {

    res.setContentType("text/html");    
    PrintWriter out=res.getWriter();
     try {      
      String pname=req.getParameter("name");
      Class.forName("oracle.jdbc.driver.OracleDriver");
      System.out.println("driver loaded"); 
      String url="jdbc:oracle:thin:@an-PC:1525/orclg"; 
      Connection
      con=DriverManager.getConnection(url,"user","pass");
      out.println("connection"+con);    
      Statement stm=con.createStatement();  
      String sql="Insert into name(names)values('"+pname+"')";      
      stm.executeUpdate(sql);
      System.out.println("Record inserted.....");       
      con.close();
    } catch (ClassNotFoundException e) {        
      // TODO Auto-generated catch block        
      e.printStackTrace();  
    } catch (SQLException e) {
        // TODO Auto-generated catch block      
      e.printStackTrace();  }
      }

      protected void doPost(HttpServletRequest request,HttpServletResponse response) throws 
      ServletException, IOException {

  }    
}
 following are the Exceptions

java.lang.ClassNotFoundException: oracle.jdbc.driver.OracleDriver at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1680) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:259) at Try.doGet(Try.java:41) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:723) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489) at java.lang.Thread.run(Thread.java:745)

Upvotes: 1

Views: 1567

Answers (2)

vanje
vanje

Reputation: 10373

You should learn to interpret stack traces. The first line of your stack trace means that the Java runtime was not able to find the class oracle.jdbc.driver.OracleDriver. This is the Oracle JDBC driver class.

So get the Oracle driver JAR and put it in your web application's WEB-INF/lib folder.

By the while: To prevent SQL injection attacks you should never create your SQL with an unescaped request parameter via string manipulation. Use a prepared statement instead. And don't forget to close the statement and commit the transaction.

PreparedStatement stm = con.prepareStatement("insert into name (names) values (?)");  
stm.setString(1, pname);
stm.executeUpdate();
con.commit();
stm.close();

This will escape characters like quotes automatically. Additionally you should validate the value before doing the insert (e.g. not longer than 100 characters, depending on the length of the name column).

Upvotes: 1

aparna
aparna

Reputation: 333

This statement might be your issue:

String sql="Insert into name(names)values("+"'pname')";

I think the quotes should be as follows:

String sql="Insert into name(names)values('"+pname+"')";

Upvotes: 0

Related Questions