0

how to get sting value in query

System.out.print("Enter MName= "); mname=br.readLine(); su ="UPDATE contact SET mname= "+ mname +" WHERE id="+cid; System.out.println(su); n=s.executeUpdate(su);

sqljavajdbc
1st Jun 2023, 5:47 PM
Sahil Kshirsagar
Sahil Kshirsagar - avatar
3 Answers
+ 3
Sahil Kshirsagar https://stackoverflow.com/questions/36146935/how-to-query-for-a-string-in-java-jdbc Hope it's helpful to you
1st Jun 2023, 6:02 PM
Sakshi
Sakshi - avatar
+ 4
You should never use string concatenation to write SQL. This is how you can fall victim to code injection attacks. You should use PreparedStatement instead, as suggested in the stackoverflow article linked by Sakshi. https://www.baeldung.com/java-statement-preparedstatement
1st Jun 2023, 8:26 PM
Tibor Santa
Tibor Santa - avatar
+ 3
Sahil, your question is incomplete.. I'll suggest you link the actual code to the description so I can review it. To debug this, I need to know the data type of su, br, mname and every other variables provided
1st Jun 2023, 5:59 PM
Mirielle
Mirielle - avatar

Often have questions like this?

Learn more efficiently, for free:

See all courses
Hot today
....it keeps saying that variable sum got referenced before assignment...HOW!
1 Votes
People who have completed the practice of "generators" heeeeeeelp
2 Votes
Algorithms Python
0 Votes
It is lagging [Solved]
1 Votes
Safety deposit boxes
0 Votes
C++ Loops over arrays total price challenge dint know what I'm missing it compiles total results locked so can't see issue tofix
0 Votes
Why the backward button is not working????
2 Votes
What is the purpose of <kbd>
1 Votes
I'm not getting output. Please help
0 Votes
How many datatype support by C?
0 Votes