0

我正在尝试一个代码,我想在其中创建一个表并将数据插入到表中。我只想为用户使用复选框选择的那些字段创建表并插入数据。这是我的jsp代码:

<%@ page language="java" import="java.util.*"%>
<%@ page import="java.sql.*" %>
<%
    try
    {
        Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
        String url = "jdbc:sqlserver://";
        Connection con = DriverManager.getConnection(url,"sa","SQL1423#3");
        Statement st=null;

        String select[] = (String[]) session.getAttribute("a");
        String tblname=(String)session.getAttribute("tblname");
        //out.println(tblname);
        //String select[] = request.getParameterValues("id");
        if (select != null && select.length != 0) 
        {
            for (int i = 0; i < select.length; i++) 
            {
                int ch=Integer.parseInt(select[i]);
                //int counter=1;
                //int ID=1;
                switch(ch)            
                {
                    case 1 :
                        String idOne=request.getParameter("idOne");
                        //out.println(idOne);
                        String idOneIns="insert into "+tblname+" (ID) values(?)";
                        PreparedStatement pstmt = con.prepareStatement(idOneIns);
                        pstmt.setString(1, idOne);
                        //st=con.createStatement();
                        int valueTwo = pstmt.executeUpdate();
                        out.println("Inserted");
                        break;
                    case 2 :
                        String ser=request.getParameter("series");
                        String serIns="insert into "+tblname+" (SERIES) values(?)";
                        PreparedStatement pst = con.prepareStatement(serIns);
                        pst.setString(1, ser);
                        int value = pst.executeUpdate();
                        out.println("Inserted");
                        break;
                    case 3 :
                        String sym=request.getParameter("symbol");
                        String symIns="insert into "+tblname+" (SYMBOL) values(?)";
                        PreparedStatement pstm = con.prepareStatement(symIns);
                        pstm.setString(1, sym);
                        int valueOne = pstm.executeUpdate();
                        out.println("Inserted");
                        break;
                }//switch
            }//for
        }//if
        st.close();
        con.close();
    }//try
    catch(Exception e)
    {
        out.println(e);
    }
%>

这里数据插入到表中。但是如果我选择所有三个复选框,则数据插入为:

Id   Series Symbol

1    null   null

null a      null

null null   b

但我希望将数据插入为:

Id Series Symbol

1  a      b

我应该进行哪些更改才能获得此输出?

4

1 回答 1

0
  1. Updating the database is better put into a Controller. JSP pages is better used for displaying results (See MVC pattern)
  2. Using dynamic SQL to determine database tables is inherently dangerous and could be targeted for attacks

  3. Your current code loops over input elements, and for each element inserts a new row in the database table. What you want to do is assemble the tree values (from your form input) and insert only one row. E.g.

    INSERT INTO table (ID, SERIES, SYMBOL) VALUES (?,?,?)

于 2012-05-03T11:28:39.923 回答