How to use user input using @QueryParam in SQL Query array

745 views Asked by At

I am really confused on how will I be able to make the where clause using @QueryParam. All I know is that @QueryParam is used to get the input of the user. I was not able to run it on my code. I have downloaded source code from codezone4 and make it as my trial. In this source code, I want the name to be from the user input. I know set parameter. But it is limited. How will I be able to put on the where clause the input of the user? Please I really need your help. :( here's the code I've downloaded

Access.java

package dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;

import dto.Course;

public class Access
{
public ArrayList<Course> getCourses(Connection con) throws SQLException
{
    ArrayList<Course> courseList = new ArrayList<Course>();
    PreparedStatement stmt = con.prepareStatement("SELECT * FROM courses where name = 'based on user's input'"); //here's what I want to know and clarify
    ResultSet rs = stmt.executeQuery();
    try
    {
        while(rs.next())
        {
            Course courseObj = new Course();
            courseObj.setId(rs.getInt("id"));
            courseObj.setName(rs.getString("name"));
            courseObj.setDuration(rs.getString("duration"));
            courseObj.setFee(rs.getDouble("fee"));
            courseList.add(courseObj);
        }
    } catch (SQLException e)
    {       
        e.printStackTrace();
    }
    return courseList;

}
}

Database.java

package dao;

import java.sql.Connection;
import java.sql.DriverManager;

public class Database
{
public Connection getConnection() throws Exception
{
    try
    {
        String connectionURL = "jdbc:mysql://localhost:3306/codezone4";
        Connection connection = null;
        Class.forName("com.mysql.jdbc.Driver").newInstance();
        connection = DriverManager.getConnection(connectionURL, "root", "");
        return connection;
    } catch (Exception e)
    {
        throw e;
    }

}

} 

Course.java

package dto;

public class Course
{
private int id;
private String name;
private String duration;
private double fee;

public Course()
{

}

public Course(int id, String name, String duration, double fee)
{
    super();
    this.id = id;
    this.name = name;
    this.duration = duration;
    this.fee = fee;
}

public int getId()
{
    return id;
}

public void setId(int id)
{
    this.id = id;
}

public String getName()
{
    return name;
}

public void setName(String name)
{
    this.name = name;
}

public String getDuration()
{
    return duration;
}

public void setDuration(String duration)
{
    this.duration = duration;
}

public double getFee()
{
    return fee;
}

public void setFee(double fee)
{
    this.fee = fee;
}

@Override
public String toString()
{
    return "Course [id=" + id + ", name=" + name + ", duration=" + duration
            + ", fee=" + fee + "]";
}

}

AccessManager.java

package model;

import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;

import dao.Access;
import dao.Database;
import dto.Course;

public class AccessManager
{
public ArrayList<Course> getCourses() throws Exception
{
    ArrayList<Course> courseList = new ArrayList<Course>();
    Database db = new Database();
    Connection con = db.getConnection();
    Access access = new Access();
    courseList = access.getCourses(con);
    return courseList;
}
}

CourseService.java I this is where the @QueryParam should be used. I've tried using it

package webService;

import java.util.ArrayList;

import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;

import com.google.gson.Gson;

import model.AccessManager;

import dto.Course;

@Path("/courseService")
public class CourseService
{
@GET
@Path("/coursess")
@Produces("application/json")
public String coursess(@QueryParam("puta") String courses)
{

    ArrayList<Course> courseList = new ArrayList<Course>();
    try
    {
        courseList = new AccessManager().getCourses();
        Gson gson = new Gson();
        courses = gson.toJson(courseList);
    } catch (Exception e)
    {
            e.printStackTrace();
    }
    return courses;
}
}
1

There are 1 answers

11
sudipta06 On

Try something like this:

String course ="SELECT * FROM courses where name = ?"";
PreparedStatement stmt = con.prepareStatement(course);    
stmt.setString(1,'your input here');