Sayantan Chandra
Reputation: 79
sql command not properly ended error
This is my code to update student attendance.But during execution this method returns SQL COMMAND NOT PROPERLY ENDED ERROR.
private void updateAttendance(){
MyQuery mq=new MyQuery();
Connection con=mq.getConnection();
Statement st;
ResultSet rs;
try{
st=con.createStatement();
rs=st.executeQuery("Select STU_ID FROM STUDENT WHERE NAME='"+cmbName.getSelectedItem()+"'");
if(rs.next()){
//System.out.println("getting student name");
int id=rs.getInt("STU_ID");
String sql="UPDATE STUDENT SET SUBJECT='"+cmbSub.getSelectedItem()+"',ATTENDANCE='";
//sql+="ATTENDANCE='"+"";
if(rdbtnPresent.isSelected())
sql+= "'"+Atdnc[0]+"',";
else
sql+= "'"+Atdnc[1]+"',";
sql+="WHERE STU_ID='"+id+"'";
st.executeUpdate(sql);
//cmbName.removeAllItems();
}
}catch(SQLException ex){
Logger.getLogger(Student.class.getName()).log(Level.SEVERE, null, ex);
}
}
Upvotes: 0
Views: 149
Answers (2)
Sachu
Reputation: 7766
In update statement single quotes are using two times
remove ' from ATTENDANCE='";
try below
String sql="UPDATE STUDENT SET SUBJECT='"+cmbSub.getSelectedItem()+"',ATTENDANCE=";
if(rdbtnPresent.isSelected())
sql+= "'"+Atdnc[0]+"'";
else
sql+= "'"+Atdnc[1]+"'";
sql+="WHERE STU_ID='"+id+"'";
I strongly recomment to use parameterized query to avoid SQL INJECTION
Upvotes: 0
Enjy
Reputation: 255
Remove the quote (') from ATTENDANCE='";
Remove comma after Atdnc[0] and Atdnc[1] because your code puts a comma before where clause.
If stud_id is a number, then you should not set id with a quote (').
Make sure there is a space before where.
An example (you can print your sql to see restitution):
String sql="UPDATE STUDENT SET SUBJECT='"+cmbSub.getSelectedItem()+"', ATTENDANCE=";
if(rdbtnPresent.isSelected())
sql+= "'"+Atdnc[0]+"'";
else
sql+= "'"+Atdnc[1]+"'";
sql+=" WHERE STU_ID="+id;
Upvotes: 1
Related Questions
- How can I prevent SQL injection in PHP?
- How to concatenate text from multiple rows into a single text string in SQL Server
- Inserting multiple rows in a single SQL query?
- How to return only the Date from a SQL Server DateTime datatype
- How to add a column with a default value to an existing table in SQL Server?
- Finding duplicate values in a SQL table
- How do I UPDATE from a SELECT in SQL Server?
- MySQL error code: 1175 during UPDATE in MySQL Workbench
- How can I do an UPDATE statement with JOIN in SQL Server?
- SQL Update from One Table to Another Based on a ID Match