-1

My source code has the following structure:

SourceFolder
AddProduct.jsp
Source Packages
-Controller(Servlets)
SaveProduct.java
-Model(Db Operations)
ProductDbOperations.java

I am inserting a new product into the product table and at the same time I am inserting an entry into product_collection table (product_id | collection_id).

To insert an entry into the product_collection table i need to get generated id from product table. After that a new entry is inserted into the product_collection table.

Also, I am not using any Framework and am using Netbeans 7.3.

Problem:

A new entry is inserted into the product table with this piece of code

IN: ProductDbOperations.java

try
{
    this.initConnection(); // Db connection 
    pst = cn.prepareStatement("INSERT INTO product values('"+name+"', "+quantity+", "+price+")");
    rs = pst.executeUpdate();
}
catch(SQLException ex)
{   

}

I Also used the solution at following link which doesn't works for me. I didn't got any SQL exception

How to get the insert ID in JDBC?

so help me find out why this code not working for me . Thanks a million.

Community
  • 1
  • 1
Surinder ツ
  • 1,778
  • 3
  • 16
  • 27
  • 3
    How do you know you don't get an SQLException, your catch block is empty? Also did you try the getGeneratedKeys() method? – Kayaman Sep 19 '13 at 09:52
  • 1
    What does "doesn't work for me" mean? What happens? At least print the stack trace in your catch block: `catch (SQLException ex) { ex.printStackTrace(); }` – Jesper Sep 19 '13 at 09:52
  • @Kayaman Actually The code is very large so let me explain .. i m using a status variable of type String to get exception as string and function return a string like status = ex.toString(); after try catch block return status; – Surinder ツ Sep 19 '13 at 09:56
  • Also System.out.println(); is not displaying anything. – Surinder ツ Sep 19 '13 at 10:05

3 Answers3

8

Not all drivers support the version of getGeneratedKeys() as shown in the linked answer. But when preparing the statement, you can also pass the list of columns that should be returned instead of the "flag" Statement.RETURN_GENERATED_KEYS (and passing the column names works more reliably in my experience)

Additionally: as javaBeginner pointed out correctly, your usage of a prepared statement is wrong. The way you do it, will still leave you wide open to SQL injection.

// run the INSERT
String sql = "INSERT INTO product values(?,?,?)";
pst = cn.prepareStatement(sql, new String[] {"PRODUCT_ID"} );
pst.setString(1, name);
pst.setInt(2, quantity);
pst.setInt(3, price);
pst.executeUpdate();

// now get the ID:
ResultSet rs = pst.getGeneratedKeys();
if (rs.next()) {
   long productId = rs.getLong(1);
}

Note that the column name passed to the call is case-sensitive. For Oracle the column names are usually uppercase. If you are using e.g. Postgres you would most probably need to pass new String[] {"product_id"}

2

The way you are using is not the proper way of using preparedstatement

use the following way

    pst = cn.prepareStatement("INSERT INTO product values(?,?,?)");
pst.setString(1,name);
pst.setInt(2,quantity);
pst.setInt(3,price);
pst.executeUpdate();
SpringLearner
  • 13,738
  • 20
  • 78
  • 116
0

Yes there is a way to retrieve the key inserted by SQL. You can do it by: Using Statement.RETURN_GENERATED_KEYS in your previous insert and get the key which can be used in further insert

e.g:

String query = "INSERT INTO Table (Col2, Col3) VALUES ('S', 50)";
Statement stmt = con.createStatement();
int count = stmt.executeUpdate(query, Statement.RETURN_GENERATED_KEYS);
Mark Rotteveel
  • 100,966
  • 191
  • 140
  • 197
Vihar
  • 3,626
  • 2
  • 24
  • 47