I keep an error, which say unclosed string literal

String sqlStatement=("INSERT INTO Customer(Customer_name, Address1, Address2, DayPhone, MobilePhone, AccountNumber, Email, Sort_code, Username, Password)VALUES ("+s1+","+s2+","+s3+","+s4+","+s5+","+s6+","+s7+","+s8+","+s9+","+s10+")");can anyone help!

[272 byte] By [mar-k-a] at [2007-11-26 18:57:16]

«« HotSpot Virtual Machine Error: 11, Error ID: 4F530E43505002EF 01 causes JVM
»» servlet creates data bean

# 1

Look at the first ", it should not be there.VALUES ("+s1+","+s2+","+s3+","+s4+","+s5+","+s6+","+s7+","+s8+","+s9+","+s10+")");Should be:VALUES (s1+","+s2+","+s3+","+s4+","+s5+","+s6+","+s7+","+s8+","+s9+","+s10+")");

zadoka at 2007-7-9 20:36:40 >

top of Java-index,Database Connectivity,Java Database Connectivity (JDBC)...

# 2

BTW, this is a perfect reason why you should be using a prepared statement instead.

zadoka at 2007-7-9 20:36:40 >

# 3

Zadok, whats the difference, thanks for the response

mar-k-a at 2007-7-9 20:36:40 >

# 4

Should be using PreparedStatement. Anybody who escapes their own Strings and Dates is asking for trouble. If you did you wouldn't have this problem, and in the future your code will still work if a customer named "O'Brien" comes along.%

duffymoa at 2007-7-9 20:36:40 >

# 5

> Zadok, whats the difference, thanks for the responseLook closely:the first "+ should not be there.Either way, instead of removing it, I highly, highly recommend you use a PreparedStatement instead.

zadoka at 2007-7-9 20:36:40 >

# 6

PreparedStatement binds Strings and Dates for you.It's a good guard against SQL injection attacks as well.%

duffymoa at 2007-7-9 20:36:40 >

# 7

Thanks for the help!

mar-k-a at 2007-7-9 20:36:40 >

Java Database Connectivity (JDBC)

Java programming resources: FAQs, tutorials, compiler and browser download sites, documentation, books lists, IDEs, etc.

I keep an error, which say unclosed string literal

Database Connectivity New Topic

Database Connectivity Hot Topic

Database Connectivity

All Classified