sql Update format in jsp

Posted on 2004-04-08
Last Modified: 2010-04-01
What is wrong with the format of this update statement.

String update = "myName";
int num = stmt.executeUpdate("UPDATE members SET password = "+checkPassword+" WHERE fName LIKE "+update+" ");
Question by:Raftor
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3

Author Comment

ID: 10785445
What im trying to do is to change a password in a table where the first name of the person is 'myName'.
LVL 19

Expert Comment

ID: 10785500
int num = stmt.executeUpdate("UPDATE members SET password = '"+checkPassword+"' WHERE fName LIKE "+update+" ");

This will work...
You do not have quotes up there in the pasword value...

I always prefer using prepared statments whenever it comes to update and inserts... its much more neat and predictable...

Author Comment

ID: 10785559
it is still giving me an error it is saying

 java.sql.SQLException: Column not found, message from server: "Unknown column 'Gabriel' in 'where clause'"

'Gabriel' is the 'update' string.
It works through DOS so it must be something in the format of the command.
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 19

Accepted Solution

Kuldeepchaturvedi earned 50 total points
ID: 10785591
same thing in the like area as well...:-)

int num = stmt.executeUpdate("UPDATE members SET password = '"+checkPassword+"' WHERE fName LIKE '"+update+"' ");

Now you are good to go...

Author Comment

ID: 10785619
Ahh brilliant that was it.
What were you were sayin earlier about 'prepared statements' being more neat and predictable.  I think i could do with a bit of that!
LVL 19

Expert Comment

ID: 10785674
String query= "UPDATE members SET password = ?  WHERE fName LIKE ?";
 PreparedStatement ps = con.prepareStatement(query);
int num=ps.executeUpdate();

This way you don't have to worry abt quotes and all other stuff...

Author Comment

ID: 10785689
Thats great thanks.

Featured Post

Get HTML5 Certified

Want to be a web developer? You'll need to know HTML. Prepare for HTML5 certification by enrolling in July's Course of the Month! It's free for Premium Members, Team Accounts, and Qualified Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Successful collaboration among team members is essential for the growth of your business. When employees work together on projects, share ideas and communicate effectively they get better results.
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question