7. SQL Statements and Prepared Statements

8/3/2019 7. SQL Statements and Prepared Statements

1/21

SQL Statements


2/21

Before starting...

1. Open MySQL Query Browser2. Create a stock table

- int: IdStock {PK}

- VarChar: Name {Not Null}- VarChar: Description


3/21

INSERT

The INSERT INTO statement is used to insertnew records in a table.

Stock (Before)

Stock (After)

idStock Name Description

1001 Green Pen This pen is color green



1002 Yellow Pad Used for writing


4/21


5/21

INSERT (1st Form)

The first form doesn't specify the column nameswhere the data will be inserted, only their values:Stock (Before)

INSERT INTO STOCK VALUES (1002,Yellow

Pad, Used for writing);Stock (After)

IdStock {PK} Name Description




1002 Yellow Pad Used for writing


6/21

INSERT (2nd Form)

The second form specifies both the columnnames and the values to be inserted:Stock (Before)

INSERT INTO STOCK (idStock, Name) VALUES

(1002,Yellow Pad);Stock (After)





1002 Yellow Pad


7/21


8/21

UPDATE

UPDATE table_nameSET column1=value, column2=value2,...WHERE some_column=some_value


9/21

UPDATE

Stock (Before)

UPDATE stock SET description=This pen isobviously color green WHERE idStock=1001

Stock (After)




1001 Green Pen This pen is obviously color green


10/21

UPDATE: Warning

Be careful when updating records. Omitting theWHERE clause will update all of the records inthe specified field:



1002 Yellow Pad This pen is obviously color

green


11/21

DELETE

The DELETE statement is used to delete rows ina table.Stock (Before)

Stock (After)



1002 Yellow Pad This pen is obviously color green




12/21

DELETE

DELETE FROM table_nameWHERE some_column=some_value


13/21

DELETE

Stock (Before)

DELETE FROM STOCK WHERE IDSTOCK =

1002Stock (After)



1002 Yellow Pad This pen is obviously color green




14/21

DELETE: Warning

Be careful when updating records. Omitting theWHERE clause will delete all of the records in thetable:

Delete from STOCK;Stock

Another alternative way to write it is:

Delete * from Stock



15/21

String query = INSERT INTO STOCK Values (1001,

Yellow Pad, Used for Writing);

Statement stmt = con.createStatement();

int code = stmt.executeUpdate(query);

Coding: INSERT INTO


16/21

String query = UPDATE stock SET description='This

pen is obviously color green' WHERE idStock=1001

Statement stmt = con.createStatement();

int code = stmt.executeUpdate(query);

Coding: Delete


17/21

Prepared Statement

Parameterized Statement Used when an SQL Statement is to be executedmultiple times with different values only

Can do everything a Statement object can do Use setXXX methods to update values


18/21

try{

String query = insert into stocks VALUES (?,?,?);

PreparedStatement pstmt =

con.prepareStatement(query);

pstmt.setInt(1, 2001);

pstmt.setString(2, C2 Lemon Green Tea);

pstmt.setString(3, Refreshing Drinks);

pstmt.executeUpdate();

} catch (Exception e) {

e.printStackTrace();

}

Coding: Prepared Statement


19/21

MP2 Specs:

Overview:Create a database application that registers,authenticates, edits and deletes a user.

Individual work


20/21

MP2 Specs:

System Details:A user should be able to register to register into thesystem. Data captured from a user are his name,address, username and password.Once a user has registered in the system, he should beable to login into your system. If the user enters a validusername and password combination, he should be ableto view his own profile based on the registration form.

Otherwise, the system should notify that he entered aninvalid username and password combination.Once the user has entered the system, he should beable to update his current details and delete his account.


21/21

MP2 Specs:

Technical Requirements:Must use prepared statements.

May use any method of DB connection.Must have GUI

Submission:

Next week Monday (Oct. 24 2011) demo in class

Documents

7. SQL Statements and Prepared Statements