Solved

URGENT!!!-Sql statement

Posted on 2003-12-11
5
250 Views
Last Modified: 2010-04-01
i need to have a sql statement like thiw:

String Query = "delete FROM userskills where username='"+vol.getUsername()+"' "and skill='"+request.getParameter("id")+"'";
  but i get error, i think the way i right sql statement not so ok.

thanks
0
Comment
Question by:Jasbir21
  • 4
5 Comments
 
LVL 35

Expert Comment

by:TimYates
ID: 9919920
String Query = "delete FROM userskills where username='"+vol.getUsername()+"' and skill='"+request.getParameter("id")+"'";
0
 
LVL 35

Accepted Solution

by:
TimYates earned 65 total points
ID: 9919939
better is:

PreparedStatement stmt = conn.prepareStatement( "delete FROM userskills where username=? and skill=?" ) ;
stmt.setString( 1, vol.getUsername() ) ;
stmt.setString( 2, request.getParameter( "id" ) ) ;
stmt.executeUpdate() ;

(don't forget to close your statement)

This way, you can't have problems with "SQL injection"

0
 
LVL 35

Expert Comment

by:TimYates
ID: 9919945
0
 

Author Comment

by:Jasbir21
ID: 9919993
thank you very much.

0
 
LVL 35

Expert Comment

by:TimYates
ID: 9920036
:-)
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
JSP Popup page 2 153
maven j2ee examles 2 64
java operators 3 125
maven disable workspace resolution 1 37
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question