Data is not being updated

Question

0.00/5 (No votes)

See more:

i have written the business logic in servlet to update the html table data using jsp.
i am giving you the code:

BOQServlet

package com.mvc.controller;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.mvc.util.DBConnection;



@WebServlet("/BoqServlet")
public class BoqServlet extends HttpServlet{
	public static Connection connect=null;
	public static Statement stmt=null;
	public ResultSet rst = null;
	int status=0;
	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException  {
		// TODO Auto-generated method stub
		PrintWriter out = resp.getWriter();
		try {
		String Id;
		String HSN_CODE,HSNCODE_CONFIRMATION,gst_Rate,GST_RATE_Confirmation,ITEM_DESC,_qty,_Unit,P,_W,V;
		HSN_CODE =req.getParameter("_hsn_Code");
		HSNCODE_CONFIRMATION =req.getParameter("_isHSN_CodeConfirmed");
		gst_Rate =req.getParameter("_gst_RATE");
		GST_RATE_Confirmation =req.getParameter("GST_rate_Confirmation");
		ITEM_DESC=req.getParameter("_ItemDesc");
		_Unit =req.getParameter("_unit_");
		_qty =req.getParameter("_QTy");
		P = req.getParameter("_p");
		 _W = req.getParameter("__w");
		 V =req.getParameter("__V");
		 Id = req.getParameter("_id");
		//this.doGet(req, resp);
		 connect = DBConnection.createConnection();
		
			stmt = connect.createStatement();
		
		
		 String sql = "update boq set hsn_Code='"+HSN_CODE+"', is_hsnConfirmed='"+HSNCODE_CONFIRMATION+"',gst_rate='"+gst_Rate+"',is_gstRate_confirmed='"+GST_RATE_Confirmation+"',item_Description='"+ITEM_DESC+"',Unit="+_Unit+"',Qty='"+_qty+"', p='"+P+"',w='"+_W+"',v='"+V+"'_where id="+Id+"";
		 status = stmt.executeUpdate(sql);
		 if(status>0)
		 {
			 out.println("row has been updated successfully");
			 req.getRequestDispatcher("/jkpddReport.jsp").forward(req, resp);
		 }
		 else
		 {
			 resp.sendRedirect("/Error.jsp");
		 }
	}
		catch (SQLException e) {
			// TODO: handle exception
		}
	

}
	
	
	
	
	
		
		
	
}

boq-form.jsp

<%@page import="java.sql.SQLException"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.Statement"%>
<%@page import="com.mvc.util.DBConnection"%>
<%@page import="java.sql.Connection"%>
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
 <title>Edit BOQ</title>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
<title>Update BOQ</title>
</head>
<body>
<%!String ID;
String _HsnCode, _ISHsnCodeConfirmed, GST_RATE, IS_GST_RATECONFIRMED,item_desc,UNIT,_QTY,_P,W,_V;
%>
<%
try ///ye sound band karo yar....bhai ye  _id kya h....form page na
{  //yea
	
	ID = request.getParameter("_id");
	 Connection con = DBConnection.createConnection();
	 Statement stmt = con.createStatement();
	 ResultSet rst = stmt.executeQuery("select * from boq where id="+ID+"");
	 if(rst.next())
	 {
		 _HsnCode = rst.getString("hsn_Code");
		 _ISHsnCodeConfirmed = rst.getString("is_hsnConfirmed");
		 GST_RATE = rst.getString("gst_rate");
		 IS_GST_RATECONFIRMED= rst.getString("is_gstRate_confirmed");
		 item_desc = rst.getString("item_Description");
	     UNIT = rst.getString("Unit");
	     _QTY = rst.getString("Qty");
	     _P = rst.getString("p");
	    W = rst.getString("w");
	    _V = rst.getString("v");
	    ID = rst.getString("id");
	    out.println(rst.getInt("id"));
}
	 
}
catch(SQLException e)
{
	out.println(e);
	response.sendRedirect("/error.jsp");
}

%>
<center>
<div class="container">
<center>
<h2>Update</h2>
</center><hr>


<form action="BoqServlet" method="GET">
<table class="table table-bordered" style="width:60%; ">
<thead>
<tr>
<th colspan="2"><center>BOQ Update form</center></th>
</tr>
</thead>
<tbody>
<input type="hidden" name="_id" value="<%=ID%>"/>
<tr>
<td>Hsn Code</td>
 <td><input type="text" name="_hsn_Code" required="required" class="form-control" value="<%= _HsnCode %>"/></td>
 </tr>
 <tr>
 <td> HSN code confirmation </td>
 <td><input type="text" name="_isHSN_CodeConfirmed" required="required" class="form-control" value="<%=_ISHsnCodeConfirmed %>"/></td>
 </tr>
 <tr>
 <td>GST Rate</td>
 <td><input type="text" name="_gst_RATE" required="required" class="form-control" value="<%=GST_RATE%>"/></td>
 </tr>
  <tr>
 <td>GST Rate Confirmation</td>
 <td><input type="text" name="GST_rate_Confirmation" required="required" class="form-control" value="<%=IS_GST_RATECONFIRMED %>"/></td>
 </tr>
  <tr>
 <td>Item Description</td>
 <td><input type="text" name="_ItemDesc" required="required" class="form-control" value="<%=item_desc %>"/></td>
 </tr>
  <tr>
 <td>Units</td>
 <td><input type="text" name="_unit_" required="required" class="form-control" value="<%=UNIT %>"/></td>
 </tr>
  <tr>
 <td>Quantity</td>
 <td><input type="text" name="_QTy" required="required" class="form-control" value="<%=_QTY%>"/></td>
 </tr>
  <tr>
 <td>P</td>
 <td><input type="text" name="_p" required="required" class="form-control" value="<%=_P%>"/></td>
 </tr>
  <tr>
 <td>W</td>
 <td><input type="text" name="__w" required="required" class="form-control" value=<%=W %> "/></td>
 </tr>
  <tr>
 <td>V</td>
 <td><input type="text" name="__V" required="required" class="form-control" value="<%=_V%>"/></td>
 </tr>
 <tr>
 <td><input type="reset" value="Reset" class="btn btn-info"/></td>
  <td><input type="submit" name="update" value="Update" class="btn btn-primary"/></td>
  </tr>
</tbody>
</table>
</form>
</div>
</center>
<center>
<a href="jkpddReport.jsp">View BOQ</a>
</center>
</body>
</html>

When i insert the data in all the textfield. it shows only blank page if data is not updated.

What I have tried:

i Have debugged the application but i cant get any clue

Posted 14-Apr-20 7:08am

Member 14639038

Updated 14-Apr-20 7:46am

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

MadMyche · Answer 1 · 2020-04-14T07:47:00

Solution 1

Java

String sql = "update boq set hsn_Code='"+HSN_CODE+"', is_hsnConfirmed='"+HSNCODE_CONFIRMATION+"',gst_rate='"+gst_Rate+"',is_gstRate_confirmed='"+GST_RATE_Confirmation+"',item_Description='"+ITEM_DESC+"',Unit="+_Unit+"',Qty='"+_qty+"', p='"+P+"',w='"+_W+"',v='"+V+"'_where id="+Id+"";

status = stmt.executeUpdate(sql);

Your code is littered with SQL Injection Vulnerabilities.
Never Ever should you assemble an SQL query by concatenating strings together. The best thing to do is to use Parameters

This would give you something like this to work with

Java

String sql = "update boq set hsn_Code=?, is_hsnConfirmed=?,gst_rate=?,is_gstRate_confirmed=?,item_Description=?,Unit=?,Qty=?, p=?,w=?
,v=? where id=?";

PreparedStatement ps = connection.prepareStatement(sql);
ps.setString(1, HSN_CODE);
ps.setString(2, HSNCODE_CONFIRMATION);
ps.setString(3, gst_Rate);
ps.setString(4, GST_RATE_Confirmation);
ps.setString(5, ITEM_DESC);
ps.setString(6, _Unit);
ps.setString(7, _qty);
ps.setString(8, P);
ps.setString(9, _W);
ps.setString(10, V);
ps.setString(11, Id);

boq-form.jsp also should be updated in a similar manner

Reference:
Prepared Statement (Java Platform SE 7 )[^]

Posted 14-Apr-20 7:47am

MadMyche

Comments

Member 14639038 15-Apr-20 7:40am

but it is also not working

Member 14639038 16-Apr-20 13:02pm

by USING HIBERNATE , i HAVE FOUND SAME PROBLEM.
NO ERRORS,EXCEPTION .
I AM posting code:

HibernateUtil.java----->

package com.mvc.util;

import org.hibernate.SessionFactory;
import org.hibernate.cfg.Configuration;

public class HibernateUtil {
private static SessionFactory sessionfactory=null;
static
{
try
{
sessionfactory = new Configuration().configure("/com/mvc/resources/hibernate.cfg.xml").buildSessionFactory();

}
catch (Throwable ex) {
// Log the exception.
System.err.println("Initial SessionFactory creation failed." + ex);
throw new ExceptionInInitializerError(ex);
}
}

public static SessionFactory getSessionFactory() {
return sessionfactory;

}
}

BoqDaoImpl.java-------->

package com.mvc.dao;
import org.hibernate.Session;
import org.hibernate.Transaction;

import com.mvc.bean.BOQ;
import com.mvc.dao.BoqDao;
import com.mvc.util.HibernateUtil;

public class BoqDaoImpl implements BoqDao{

@Override
public void updateBoqData(String hsnCode, String hsnCode_Confirmed, String gstRate, String gstRate_Confirmed,
String itemDescription, String uNit, String qTy, String p1, String W1, String v1, String ID1) {
// TODO Auto-generated method stub
Session session = HibernateUtil.getSessionFactory().openSession();
Transaction transact = session.beginTransaction();
BOQ boq = (BOQ)session.load(BOQ.class, ID1);
boq.setHsn_code(hsnCode);
boq.setIs_hsnConfirmed(hsnCode_Confirmed);
boq.setGst_rate(gstRate);
boq.setIs_gstRate_confirmed(gstRate_Confirmed);
boq.setItem_Description(itemDescription);
boq.setUnit(uNit);
boq.setQty(qTy);
boq.setP(p1);
boq.setW(W1);
boq.setV(v1);
session.update(boq);
transact.commit();
session.close();
}

}

BoqDao.java----------->
package com.mvc.dao;

public interface BoqDao {
public void updateBoqData (String hsnCode,String hsnCode_Confirmed,String gstRate,String gstRate_Confirmed,String itemDescription, String uNit,String qTy,String p1, String W1,String v1,String ID1);
}

BoqController.java------>

package com.mvc.controller;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.mvc.bean.BOQ;
import com.mvc.dao.BoqDao;
import com.mvc.dao.BoqDaoImpl;

@WebServlet("/boqController")
public class BoqController extends HttpServlet{
BOQ bo = new BOQ();
BoqDaoImpl boqDaoimpl = new BoqDaoImpl();
public static BoqDao boqDao=null;
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
PrintWriter out = response.getWriter();
String hsn = request.getParameter("HSNCode");
String hsnCode_confirmed = request.getParameter("HsnCode_Confirmed");
String gst_rate = request.getParameter("GStRate");
String gstRate_Confirmed = request.getParameter("GSTRate_Confirmed");
String item_description = request.getParameter("item_Description");
String _unit = request.getParameter("UNIT");
String Quantities = request.getParameter("quantities");
String P2 = request.getParameter("P1");
String W3 = request.getParameter("W2");
String V3 = request.getParameter("V2");
RequestDispatcher rd = request.getRequestDispatcher("jkpddReport.jsp");
rd.forward(request, response);

}
}

EditBoq.jsp------->

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>

<title>Edit BOQ

Update BOQ

Member 14639038 16-Apr-20 13:12pm

when i click this button i got no response .