Greetings,

Within my jsp I have HTML code (see below) which accepts input, one of these fields sequence unlike the others is an Integer and within the HTML FORM the INPUT TYPE is set to "int".

<FORM ACTION="wk465682AddFAQ.jsp" METHOD="POST">
  Id: <INPUT TYPE=TEXT NAME=Id><BR><BR>
  Category: <INPUT TYPE=TEXT NAME=category><BR><BR>
  Question<BR><TEXTAREA NAME=question COLS=100 ROWS=2></TEXTAREA><BR><BR>   
  Answer<BR><TEXTAREA NAME=answer COLS=100 ROWS=4></TEXTAREA><BR><BR> 
  Sequence: <INPUT TYPE="int" NAME=sequence><BR><BR>    
  <INPUT TYPE=Submit VALUE="Add to Database">
</FORM>

These values are then retrieved in the same jsp file using the code below and inserted into the table (sequence field is Number format in MS acess table):-

Enumeration parameters = request.getParameterNames();
 
 if(parameters.hasMoreElements()) {
    String IdParam  = request.getParameter("Id");
    String categoryParam  = request.getParameter("category");
    String questionParam = request.getParameter("question");    
    String answerParam = request.getParameter("answer");    
    Integer sequenceParam = request.getParameter("sequence");
    statement.executeUpdate("INSERT INTO FAQ (\"Id\",\"category\", \"question\", \"answer\", \"sequence\", \"UserId\", \"created\") VALUES ('"+IdParam+"','"+categoryParam+"','"+questionParam+"','"+answerParam+"', '"+sequence+"', '"+ session.getAttribute("theName")+"', '"+dateString+"')   ");
  }
ResultSet columns = statement.executeQuery("SELECT * FROM FAQ");
while(columns.next()) {
    String Id  = columns.getString("Id");
    String category  = columns.getString("category");
    String question  = columns.getString("question");   
    String answer = columns.getString("answer");
    String userId  = columns.getString("userId");   
    String created = columns.getString("created");
    Integer sequence = columns.getInt("sequence");

The jsp falls over with error regarding sequence as It cant convert between String to Integer and Int to Integer.

I've been looking at examples, but obviously I arent declaring the sequence value as an Integer properly.

Any advice would be appreciated
Cheers Rob

I have resolved the initial problem of inserting the field sequence as an integer instead of a string, I changed it form a string to an integer using the code below :-

String sequenceParam = request.getParameter("sequence");
	int sequence = Integer.parseInt(sequenceParam);

    statement.executeUpdate("INSERT INTO FAQ (\"category\", \"question\", \"answer\", \"sequence\", \"UserId\", \"created\") VALUES ('"+categoryParam+"','"+questionParam+"','"+answerParam+"', '"+sequence+"', '"+ session.getAttribute("theName")+"', '"+dateString+"' )");
  }

Is there a better method to use? Suprised to see I need to use '" around the value on the INSERT statement as I thought this was only for STRINGS??

yes, NEVER use Java scriptlets in JSP code.
NEVER do database operations from JSP.
ALWAYS use PreparedStatement for database operations.
ALWAYS use parameterised queries for database operations.

So basically restart from scratch.

Thanks for the advice I have done the following two:-

ALWAYS use PreparedStatement for database operations.
ALWAYS use parameterised queries for database operations.


Unfortunately I wont be doing the other points
:-( , I'm a university student and have to follow the module structure and have to do the other things.

Thanks for the advice
Rob

if you're really a university student you above all have to use your own judgement and think for yourself.
When presented with a bad example you should have the intelligence to detect that and not follow it blindly.

I do understand what youre saying but due to the fact I'm against very tight deadlines, I need to go for the marks i.e. get the primary requirements finished, which unfortunately means I dont have the time to rewrite and re-test all of my code.

Much like many modules I've done I wish I had more time to investigate/explore more (12 wks modules).

Thanks for you input it hasnt fallen on death ears.

int IdParam = Integer.pasrseInt(request.getParameter("Id"));
I think,the above syntex will be solved ur problem.
Subhajit Majumder

humm you sould use preparedStatement
instead of statement.executeUpdate
and to #7
your code do not check exception .....

This question has already been answered. Start a new discussion instead.