Java Reference
In-Depth Information
Display 19.25
JSP Program to Update Database Entries Submitted by a Browser Viewing
Display 19.18
(part 3 of 3)
59 %>
60 </body>
61 </html>
Sample Dialogue
Submitted on the Web browser when viewing Display 19.18.
Author ID:
2
New URL:
http://www.dansimmons.com/about/bio.htm
Web browser display after clicking Submit.
Edit URL
This version of EditURL.jsp updates the URL field of a Derby database to
the submitted value for the row with a matching Author ID.
Loaded the embedded driver.
Connecting to and creating the database...
Connected.
URL changed to http://www.dansimmons.com/about/bio.htm for Author ID = 2
Displaying all rows:
1. ID = 1, Author = Adams, Douglas, URL = http://www.douglasadams.com
2. ID = 2, Author = Simmons, Dan, URL = http://www.dansimmons.com/about/
bio.htm
3. ID = 3, Author = Stephenson, Neal, URL = http://www.nealstephenson.com
Although we have covered enough JSP to write fairly sophisticated programs, there
is much more that we have not discussed. For example, beans can be used as a
convenient way to encapsulate data submitted from a HTML form. Additionally,
we have not covered sessions, tag libraries, security, and numerous other topics
that are important in the construction of JSP pages. In particular, the technique of
generating SQL read and write queries based on user-entered values is not secure—a
malicious user could enter values that potentially run arbitrary SQL Statements.
A more secure solution is to use a precompiled SQL statement that is supported by the
java.sql.PreparedStatement
class. Refer to a textbook dedicated to JSP or database
programming to learn more.
