Reputation: 79
This is my code to update student attendance.But during execution this method returns SQL COMMAND NOT PROPERLY ENDED ERROR.
private void updateAttendance(){
MyQuery mq=new MyQuery();
Connection con=mq.getConnection();
Statement st;
ResultSet rs;
try{
st=con.createStatement();
rs=st.executeQuery("Select STU_ID FROM STUDENT WHERE NAME='"+cmbName.getSelectedItem()+"'");
if(rs.next()){
//System.out.println("getting student name");
int id=rs.getInt("STU_ID");
String sql="UPDATE STUDENT SET SUBJECT='"+cmbSub.getSelectedItem()+"',ATTENDANCE='";
//sql+="ATTENDANCE='"+"";
if(rdbtnPresent.isSelected())
sql+= "'"+Atdnc[0]+"',";
else
sql+= "'"+Atdnc[1]+"',";
sql+="WHERE STU_ID='"+id+"'";
st.executeUpdate(sql);
//cmbName.removeAllItems();
}
}catch(SQLException ex){
Logger.getLogger(Student.class.getName()).log(Level.SEVERE, null, ex);
}
}
Upvotes: 0
Views: 149
Reputation: 7766
In update statement single quotes are using two times
remove '
from ATTENDANCE='";
try below
String sql="UPDATE STUDENT SET SUBJECT='"+cmbSub.getSelectedItem()+"',ATTENDANCE=";
if(rdbtnPresent.isSelected())
sql+= "'"+Atdnc[0]+"'";
else
sql+= "'"+Atdnc[1]+"'";
sql+="WHERE STU_ID='"+id+"'";
I strongly recomment to use parameterized query to avoid SQL INJECTION
Upvotes: 0
Reputation: 255
Remove the quote ('
) from ATTENDANCE='";
Remove comma after Atdnc[0]
and Atdnc[1]
because your code puts a comma before where
clause.
If stud_id
is a number, then you should not set id
with a quote ('
).
Make sure there is a space before where
.
An example (you can print your sql to see restitution):
String sql="UPDATE STUDENT SET SUBJECT='"+cmbSub.getSelectedItem()+"', ATTENDANCE=";
if(rdbtnPresent.isSelected())
sql+= "'"+Atdnc[0]+"'";
else
sql+= "'"+Atdnc[1]+"'";
sql+=" WHERE STU_ID="+id;
Upvotes: 1