Click here to Skip to main content
15,513,354 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
<html>

<head>

<meta name="viewport" content="width=device-width, initial-scale=1.0">

<style>

/* Style the body */

body 

{

 font-family: Comic Sans MS;

 margin: 0;

}

.header 

{

 padding: 5px;

 text-align: center;

 background: #1abc9c;

 color: white;

 font-size: 20px;

}

/* For mobile phones: */

[class*="col-"] 

{

 width: 100%;

}

@media only screen and (min-width: 600px) 

{

 /* For tablets: */

 .col-s-1 {width: 8.33%;}

 .col-s-2 {width: 16.66%;}

 .col-s-3 {width: 25%;}

 .col-s-4 {width: 33.33%;}

 .col-s-5 {width: 41.66%;}

 .col-s-6 {width: 50%;}

 .col-s-7 {width: 58.33%;}

 .col-s-8 {width: 66.66%;}

 .col-s-9 {width: 75%;}

 .col-s-10 {width: 83.33%;}

 .col-s-11 {width: 91.66%;}

 .col-s-12 {width: 100%;}

}

@media only screen and (min-width: 768px) 

{

 /* For desktop: */

 .col-1 {width: 8.33%;}

 .col-2 {width: 16.66%;}

 .col-3 {width: 25%;}

 .col-4 {width: 33.33%;}

 .col-5 {width: 41.66%;}

 .col-6 {width: 50%;}

 .col-7 {width: 58.33%;}

 .col-8 {width: 66.66%;}

 .col-9 {width: 75%;}

 .col-10 {width: 83.33%;}

 .col-11 {width: 91.66%;}

 .col-12 {width: 100%;}

}

.content {

 max-width: 1800px;

 margin: auto;

 background: white;

}

.button {

 width: 105px;

 height: 30px;

 background-color: #008CBA;

 border: none;

 color: white;

 text-align: center;

 text-decoration: none;

 display: inline-block;

 font-size: 14px;

 margin: 4px 2px;

 cursor: pointer;

}

.ex1 {

 margin: 200px 120px;

}



</style>

</head>

<body>

<div class="header">

 <h1>Report Table is given below..

</div>



<%@page import = "java.sql.DriverManager,java.sql.Connection,java.sql.Statement,java.sql.ResultSet,java.sql.SQLException, java.util.Vector" %>

  <%

   Statement stmt = null;

   Connection con = null;

   ResultSet rsT = null;



   boolean errFlag = false;

   String str = null;

    

   String sdbName, sregion,sregion1,sregion2,

   sdbName = request.getParameter("scaleup");

	 sregion = request.getParameter("region");

	 sregion1 = request.getParameter("region1");

	 sregion2 = request.getParameter("region2");

   	  

	 int result=0;

    

   try

   {

     Class.forName("com.mysql.jdbc.Driver");

     con = DriverManager.getConnection("jdbc:mysql://127.0.0.1/" + sdbName,"root","");

     stmt = con.createStatement();

    

		//System.out.println("select * from scaleupdata where sregion= '" + region + "' and sregion1='" + region1 + "' and sregion2='" + region2 + "'");		  

		rsT = stmt.executeQuery("select * from scaleupdata where sregion= '" + region + "' and sregion1='" + region1 + "' and sregion2='" + region2 + "'");

		

		if(rsT.next())

		{

			result=0;

			result= rsT.getInt(1);

			result= rsT.getInt(2);

			result= rsT.getInt(3);

			

			<table border='1'>

			<tr>

			<th>region</th>

			<th>region1</th>

			<th>region2</th>

			</tr>

			<tr>

			<td><%result=rst.getInt(1);%></td>

			<td><%result=rst.getInt(2);%></td>

			<td><%result=rst.getInt(3);%></td>

			</tr>

			</table>

				

		}		

		rsT.close();

		

		System.out.println("result "+result);

		

		if(result==1)

		{

			str = "<center><h2>You Have Entered Invalid details</h2></center>";

			     

		}

		 else 

			{

				

			%><jsp:forward page="Login.jsp"/>;<%

				

			} 

			

    stmt = null;

    con = null;

    rsT = null;

   }

   catch(SQLException sqle)

   {

     str = "<h2>Error : " + sqle + "</h2>";	

	    errFlag = true;

   }

%>	





<p><%=str%></p>



</body>

</html>



Generated servlet error:
    [javac] Since fork is true, ignoring compiler setting.
    [javac] Compiling 1 source file
    [javac] Since fork is true, ignoring compiler setting.
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:91: illegal start of expression
    [javac] 			
    [javac]                         ^
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:68: sdbName is already defined in _jspService(javax.servlet.http.HttpServletRequest,javax.servlet.http.HttpServletResponse)
    [javac]       sdbName = request.getParameter("scaleup");
    [javac]       ^
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:82: cannot resolve symbol
    [javac] symbol  : variable region  
    [javac] location: class org.apache.jsp.report_jsp
    [javac] 		rsT = stmt.executeQuery("select * from scaleupdata where sregion= '" + region + "' and sregion1='" + region1 + "' and sregion2='" + region2 + "'");
    [javac]                                                                                        ^
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:82: cannot resolve symbol
    [javac] symbol  : variable region1  
    [javac] location: class org.apache.jsp.report_jsp
    [javac] 		rsT = stmt.executeQuery("select * from scaleupdata where sregion= '" + region + "' and sregion1='" + region1 + "' and sregion2='" + region2 + "'");
    [javac]                                                                                                                      ^
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:82: cannot resolve symbol
    [javac] symbol  : variable region2  
    [javac] location: class org.apache.jsp.report_jsp
    [javac] 		rsT = stmt.executeQuery("select * from scaleupdata where sregion= '" + region + "' and sregion1='" + region1 + "' and sregion2='" + region2 + "'");
    [javac]                                                                                                                                                     ^
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:101: cannot resolve symbol
    [javac] symbol  : variable rst  
    [javac] location: class org.apache.jsp.report_jsp
    [javac] result=rst.getInt(2);
    [javac]        ^
    [javac] C:\Program Files (x86)\Apache Group\Tomcat 4.1\work\Standalone\localhost\_\SCALEUP\report_jsp.java:104: cannot resolve symbol
    [javac] symbol  : variable rst  
    [javac] location: class org.apache.jsp.report_jsp
    [javac] result=rst.getInt(3);
    [javac]        ^
    [javac] 7 errors
<pre lang="Java">


What I have tried:

Here i want to display 3rows of mysql table in output. it shows 7errors how to solve this error? please tell how to reactify the error. i am having 7 errors, i want to show mysql table. i need correct mysql query
Posted
Updated 14-Aug-22 21:17pm
Comments
Richard MacCutchan 15-Aug-22 4:08am    
You need to show which lines the errors occur on, I counted down to line 91 but that is still CSS not Java.

1 solution

Don't do it like that. Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.

When you concatenate strings, you cause problems because SQL receives commands like:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;--'
Which SQL sees as three separate commands:
SQL
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
SQL
DROP TABLE MyTable;
A perfectly valid "delete the table" command
SQL
--'
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.

So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900