String QueryText= "INSERT INTO user_details (fname,lname,user_email,birth_day,birth_mnth,birth_year,addr,pwd) VALUES ('"+fname+"','"+lname+"','"+user_email+"','"+birth_day+"','"+birth_mnth+"','"+birth_year+"','"+gender+"','"+addr+"','"+pwd+"')";
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/jspdatabase", "root","");
Statement st=con.createStatement();
int rt = st.executeUpdate(QueryText);
Asked
Active
Viewed 2,555 times
-1
halfer
- 19,824
- 17
- 99
- 186
anindya giri
- 1
- 1
- 1
-
1well, 8 != 9 ... – Eran Nov 05 '17 at 12:55
-
1Learn to use parameters. That prevents all sorts of problems. And, they make the code easier to read and update. – Gordon Linoff Nov 05 '17 at 12:58
2 Answers
1
To avoid problem as this gender and SQL Injection it's better to use PreparedStatement instead :
String queryText = "INSERT INTO user_details "
+ "(fname, lname, user_email, birth_day, birth_mnth, birth_year, gender, addr, pwd) "
//----------------------------------------------------------------^
+ "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)";
Connection con = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/jspdatabase", "root", "");
try(PreparedStatement pst = con.prepareStatement(queryText);){
pst.setString(1, fname);
pst.setString(2, lname);
pst.setString(3, user_email);
pst.setString(4, birth_day); //If one of the three is integer type
pst.setString(5, birth_mnth); //You have to use setInt(...) instead
pst.setString(6, birth_year); //of setString(...)
pst.setString(7, gender);
pst.setString(8, addr);
pst.setString(9, pwd);
int rt = pst.executeUpdate();
...
}
The real problem is that you are using 8 parameters and try to insert 9 values this is why you get this error.
Youcef LAIDANI
- 55,661
- 15
- 90
- 140
0
It's pretty clear the number of column doesn't match the values you provide.
You declare 8 columns and provide 9 values.
Gender isn't declared in your columns
Xavier Bouclet
- 922
- 2
- 10
- 23