java - Forming an SQL query dynamically -
i trying form sql dynamically depeneding on request
public class main { public static void main(string args[]) { string reqstr = "popcorn@bucket"; string values[] = reqstr.split("@"); stringbuffer sqlquery = new stringbuffer( "insert category_dev (t1 , t2 , t3 , t4 , t5 , t6 , t7 , t8 , t9 , t10) values ("); (int = 0; < values.length; i++) { sqlquery.append("'" + values[i] + "'"); sqlquery.append(","); } if (sqlquery.length() > 0) { sqlquery.setlength(sqlquery.length() - 1); } sqlquery.append(")"); system.out.println(sqlquery); } }
the table has got fixed column t1 , t2 , t3 ------ t10 .
each @ symbol indicates column value of table
when run above programme output beingness formed
insert category_dev (t1 , t2 , t3 , t4 , t5 , t6 , t7 , t8 , t9 , t10) values ('popcorn','bucket')
how can fill other values null ?? illustration
insert category_dev (t1 , t2 , t3 , t4 , t5 , t6 , t7 , t8 , t9 , t10) values ('popcorn','bucket' , null , null , null , null , null , null , null , null)
this bad idea, read sql injections
instead utilize preparedstatements:
preparedstatement pstmt = con.preparestatement("update employees set salary = ? id = ?"); pstmt.setbigdecimal(1, 153833.00) pstmt.setint(2, 110592)
for example, should work type of query or table action
to query do:
pstmt.set<whatever>// ones want set , pstmt.setnull // in loop whichever didnt utilize
java
No comments:
Post a Comment