This discussion is archived
3 Replies Latest reply: Apr 16, 2013 9:04 AM by 1002778 RSS

Is there any error in this jsp file...??

1002778 Newbie
Currently Being Moderated
aftr database connection query is not running....



<%@page import="java.sql.*"%>
<%@page import="java.io.*"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>JSP Page</title>
</head>
<body bgcolor="#CEA69F">

<%
try{

Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");


Connection conn=DriverManager.getConnection("jdbc:odbc:signupdsn");

Statement stmt=conn.createStatement();
out.write("<face='Jokerman'>\nYou are successfully Connected to database, ");

     String dom=request.getParameter("dofm");

     int age2=Integer.parseInt(request.getParameter("age2"));

     String dob2=request.getParameter("dob2");

     int age1=Integer.parseInt(request.getParameter("age1"));

     String dob1=request.getParameter("dob1");

     int w_fage=Integer.parseInt(request.getParameter("w_fage"));

     int w_mage=Integer.parseInt(request.getParameter("w_mage"));

     int h_fage=Integer.parseInt(request.getParameter("h_fage"));

     int h_mage=Integer.parseInt(request.getParameter("h_mage"));

     int w1age=Integer.parseInt(request.getParameter("w1age"));

     int w2age=Integer.parseInt(request.getParameter("w2age"));

     String husname=request.getParameter("hname");

     String reli2=request.getParameter("rel2");

     String mar_s2=request.getParameter("st2");

     String occ2=request.getParameter("occ2");

     String readd2=request.getParameter("add2");

     String id2=request.getParameter("id2");

     String h_fname=request.getParameter("h_fname");

     String h_fadd=request.getParameter("h_fadd");

     String h_mname=request.getParameter("h_mname");

     String h_madd=request.getParameter("h_madd");

     String wname=request.getParameter("wname");

     String mar_s1=request.getParameter("st1");

     String occ1=request.getParameter("occ1");


     String readd1=request.getParameter("add1");


     String id1=request.getParameter("id1");

     String w_fname=request.getParameter("w_fname");

     String w_fadd=request.getParameter("w_fadd");

     String w_mname=request.getParameter("w_mname");

     String w_madd=request.getParameter("w_madd");

     String priestn=request.getParameter("priestn");

     String priestadd=request.getParameter("priestadd");

     String strname=request.getParameter("street");

     String vill=request.getParameter("village");

     String dis=request.getParameter("district");

     String w1name=request.getParameter("w1name");

     String w1add=request.getParameter("w1add");

     String w2name=request.getParameter("w2name");

     String w2add=request.getParameter("w2add");

     String reli1=request.getParameter("rel1");

stmt.executeUpdate("insert into marraige(hname,rel2,dob1,dob2,dofm,st2,occ2,add2,id2,h_fname,h_fadd,h_mname,h_madd,wname,rel1,st1,occ1,add1,id1,w_fname,w_fadd,w_mname,w_madd,priestn,priestadd,street,village,district,w1name,w1add,w2name,w2add,age2,age1,w_fage,w_mage,h_fage,h_mage,w1age,w2age) values('"+husname+"','"+reli2+"','"+dob1+"','"+dob2+"','"+dom+"','"+mar_s2+"','"+occ2+"','"+readd2+"','"+id2+"','"+h_fname+"','"+h_fadd+"','"+h_mname+"','"+h_madd+"','"+wname+"','"+reli1+"','"+mar_s1+"','"+occ1+"','"+readd1+"','"+id1+"','"+w_fname+"','"+w_fadd+"','"+w_mname+"','"+w_madd+"','"+priestn+"','"+priestadd+"','"+strname+"','"+vill+"','"+dis+"','"+w1name+"','"+w1add+"','"+w2name+"','"+w2add+"','"+age2+"','"+age1+"','"+w_fage+"','"+w_mage+"','"+h_fage+"','"+h_mage+"','"+w1age+"','"+w2age+"')");

out.write("\n Data Inserted");

out.write("<center> <br>please click here to continue<a href='loginh.jsp'>login</a>");


}
catch(Exception e)

{
System.out.print(e);
}

%>

Edited by: 999775 on Apr 12, 2013 8:44 AM
  • 1. Re: Is there any error in this jsp file...??
    jtahlborn Expert
    Currently Being Moderated
    Well, besides being an enormous SQL injection hack waiting to happen (you should be using PreparedStatement, not Statement), i would imagine the problem with your current code is the lack of "+" characters between the string constants and the variable names in the executeUpdate() line. Of course, when you change the code to use a PreparedStatement instead, that will no longer be a problem.

    Also, "System.out.print(e)" is not error handling.
  • 2. Re: Is there any error in this jsp file...??
    DrClap Expert
    Currently Being Moderated
    And then there's the idea of using all of that code in a giant scriptlet, even though scriptlets have been obsolete for about a decade now... and the idea of using the JDBC-ODBC driver in a web application... and you didn't do any validation on the input fields... and you have a database table named "marraige"... and you used the "bgcolor" attribute on your HTML body even though it's deprecated... and your JDBC code has basically no error handling... That's probably enough for you to be working on for now.
  • 3. Re: Is there any error in this jsp file...??
    1002778 Newbie
    Currently Being Moderated
    sir,i hd also tried dis...bt still nt wrking...



    <%@page import="java.sql.*"%>
    <%@page import="java.io.*"%>
    <%@page contentType="text/html" pageEncoding="UTF-8"%>
    <%
    String dom=request.getParameter("dofm");

         int ageh=Integer.parseInt(request.getParameter("age2"));

         String dobh=request.getParameter("dob2");

         int agew=Integer.parseInt(request.getParameter("age1"));

         String dobw=request.getParameter("dob1");

         int w_fagew=Integer.parseInt(request.getParameter("w_fage"));

         int w_magew=Integer.parseInt(request.getParameter("w_mage"));

         int h_fageh=Integer.parseInt(request.getParameter("h_fage"));

         int h_mageh=Integer.parseInt(request.getParameter("h_mage"));

         int w1agew=Integer.parseInt(request.getParameter("w1age"));

         int w2agew=Integer.parseInt(request.getParameter("w2age"));

         String husname=request.getParameter("hname");

         String relih=request.getParameter("rel2");

         String mar_s2=request.getParameter("st2");

         String occ2h=request.getParameter("occ2");

         String readd2=request.getParameter("add2");

         String idh=request.getParameter("id2");

         String h_fnameh=request.getParameter("h_fname");

         String h_faddh=request.getParameter("h_fadd");

         String h_mnameh=request.getParameter("h_mname");

         String h_maddh=request.getParameter("h_madd");

         String wnamew=request.getParameter("wname");

         String mar_s1=request.getParameter("st1");

         String occ1w=request.getParameter("occ1");


         String readd1=request.getParameter("add1");


         String idw=request.getParameter("id1");

         String w_fnamew=request.getParameter("w_fname");

         String w_faddw=request.getParameter("w_fadd");

         String w_mnamew=request.getParameter("w_mname");

         String w_maddw=request.getParameter("w_madd");

         String priestnm=request.getParameter("priestn");

         String priestad=request.getParameter("priestadd");

         String strname=request.getParameter("street");

         String vill=request.getParameter("village");

         String dis=request.getParameter("district");

         String w1namew=request.getParameter("w1name");

         String w1addw=request.getParameter("w1add");

         String w2namew=request.getParameter("w2name");

         String w2addw=request.getParameter("w2add");

         String reli1=request.getParameter("rel1");

    try{

    Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");

    Connection conn=DriverManager.getConnection("jdbc:odbc:signupdsn");



    out.write("\nConnected to database");


    PreparedStatement ps=conn.prepareStatement("insert into marraige values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");

         ps.setString(1,husname);
         ps.setString(2,relih);
         ps.setInt(3,ageh);
         ps.setString(4,dobh);
         ps.setString(5,mar_s2);
         ps.setString(6,occ2h);
         ps.setString(7,readd2);
         ps.setString(8,idh);
         ps.setString(9,h_fnameh);
         ps.setInt(10,h_fageh);
         ps.setString(11,h_faddh);
         ps.setString(12,h_mnameh);
         ps.setInt(13,h_mageh);
         ps.setString(14,h_maddh);
         ps.setString(15,wnamew);
         ps.setString(16,reli1);
         ps.setInt(17,agew);
         ps.setString(18,dobw);
         ps.setString(19,mar_s1);
         ps.setString(20,occ1w);
         ps.setString(21,readd1);
         ps.setString(22,idw);
         ps.setString(23,w_fnamew);
         ps.setInt(24,w_fagew);
         ps.setString(25,w_faddw);
         ps.setString(26,w_mnamew);
         ps.setInt(27,w_magew);
         ps.setString(28,w_maddw);
         ps.setString(29,priestnm);
         ps.setString(30,priestad);
         ps.setString(31,strname);
         ps.setString(32,vill);
         ps.setString(33,dis);
         ps.setString(34,dom);
         ps.setString(35,w1namew);
         ps.setInt(36,w1agew);
         ps.setString(37,w1addw);
         ps.setString(38,w2namew);
         ps.setInt(39,w2agew);
         ps.setString(40,w2addw);

              int x=0;
              x=ps.executeUpdate();
              if(x>0)
              {
                   response.sendRedirect("./success.jsp");
              }
              else
              {
                   response.sendRedirect("./fail.jsp");
              }
              ps.close();
              conn.close();
         }
              catch(ClassNotFoundException e)
         {     
              out.println("CNF Error");
         }
    %>

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points