3

I am having three columns in my table branch i.e id(Autonumber),code(text),desc(text).I am trying to execute this sql insert into branch(code,desc) values('"+b+"','"+c+"')"; which gives me error syntax error..please help

Saumyaraj
  • 1,220
  • 3
  • 15
  • 37
  • Don't embed Java code in JSPs. And learn about prepared statements if you don't want to suffer from SQL injection attacks. – JB Nizet Mar 23 '13 at 08:31

1 Answers1

1

One of your columns has name DESC, which is Reserved Keyword. In order to peoperly execute the INSERT statement, you need to delimite the column by using brackets eg

insert into branch(code,[desc]) values ('"+b+"','"+c+"')";

One more thing, your code is prone to SQL Injection. Please do parameterized the query.

John Woo
  • 258,903
  • 69
  • 498
  • 492
  • Thanks but my no started from 5 how can i make it to start from 1? – Saumyaraj Mar 23 '13 at 08:33
  • uhmm what do you mean start from 1? – John Woo Mar 23 '13 at 08:34
  • you mean you have a column name `no` which is set as auto_increment field and you want it to start back to 1? if that's the case, execute this one `ALTER TABLE branch ALTER COLUMN no COUNTER(1,1)` – John Woo Mar 23 '13 at 08:38
  • I mean that my table which has id as autoincrement,When i entered my first record the record was added but id no was 5.How to make it start from 1? – Saumyaraj Mar 23 '13 at 08:38
  • `ALTER TABLE tableNameHere ALTER COLUMN columnNameHere COUNTER(1,1)` – John Woo Mar 23 '13 at 08:39
  • Thanks and how to prevent it from sql injection? – Saumyaraj Mar 23 '13 at 08:42
  • I have no experience with JSP but maybe this article can help you. [How to get parameters from the URL with JSP](http://stackoverflow.com/questions/1890438/how-to-get-parameters-from-the-url-with-jsp) – John Woo Mar 23 '13 at 08:56
  • 2
    `Alter table ... Counter(1,1)` on a table in MS Access will mess with the seed and you will end up with duplicates. It is only a good idea on an empty table, and once the table is empty, you may as well compact and repair which will reset everything safely and which ought to be done anyway. However, the real question is why do you care what an autonumber contains? Thinking along these lines will lead to further grief as you try to make an autonumber mean something. An autonumber is never suitable for a sequential number, it is just a unique key, and not even that if you mess about like this. – Fionnuala Mar 23 '13 at 10:24