Delete data from a table connected to BD with Java

Navigation
1

Today I appeal to you in order to ask your help for the following problem. Result that I have a table in JAVA that is connected to a BD (Mysql). I want to delete a record of this table but when I try it it marks the following error " incompatible types: String can not be converted to int ".

Then the code of the method delete 

public boolean eliminarEmpleado(int cedula) {
    boolean resultado = false;

    try {
        String sql = "Delete from tercero where id = "+cedula;
        objConec.conectar();
        Statement st = objConec.conex.createStatement();
        int valor = st.executeUpdate(sql);
        if(valor>0){
            resultado = true;
        }
        objConec.conex.close();
        st.close();
    } catch (Exception e) {
        JOptionPane.showMessageDialog(null, "Error al eliminar" + e.getMessage());
    }
    return resultado;
}

Next the code of my delete button 

private void btnEliminarActionPerformed(java.awt.event.ActionEvent evt) {                                            
    empleado objEmpleado = new empleado();

    //Asigno el modelo para el JTable
    DefaultTableModel modeloTabla = (DefaultTableModel) tblEmpleado.getModel();

    //Asigno el indice del elemento seleccionado
    int indice = tblEmpleado.getSelectedRow();

    //Asigno al campo cedula el elemto a eliminar
    //int cedula = Integer.parseInt((String)modeloTabla.getValueAt(indice,0));
    int cedula = (int) modeloTabla.getValueAt(indice, 0);

    //Elimino el registro de la tabla
    modeloTabla.removeRow(indice);

    //Elimino el registro
    boolean respuesta = objEmpleado.eliminarEmpleado("delete from empleado where cedula = '"+cedula+"' ");
}

The error marks me on this line 

boolean respuesta = objEmpleado.eliminarEmpleado("delete from empleado where cedula = '"+cedula+"' ");
    
asked by Permomo 04.11.2018 в 11:03
source

3 answers

0

I strongly recommend that when you have to perform concatenations in queries of that type, you use prepared statement, since these concatenations are susceptible to SQL Inyection. Here is an example of how the query would be, instead of using a statement object, one called preparedStatement is used: 

public void eliminarEmpleado(int cedula){

 String consulta= "delete from empleado where cedula = ?";
 preparedStatement = conexion.prepareStatement(consulta);
 preparedStatement .setInt(1, cedula);
 preparedStatement .executeUpdate();

}
    
answered by 04.11.2018 / 14:32
source
0

What you mention Sjuan76 is correct, friend your method deleteEmployee receives the value of the attribute " cedula " only and yet when you call it in the button you are sending the complete query to the method ... in order you only have to send the value of cedula because the query and connection to BD you have programmed in the method that I mentioned at the beginning. Greetings.

    
answered by 04.11.2018 в 13:46
0

Thank you very much, I have already followed your recommendations. I solved it in the following way: instead of returning the complete query just send the data 'cedula'. 

private void btnEliminarActionPerformed(java.awt.event.ActionEvent evt) {                                            
    empleado objEmpleado = new empleado();

    //Asigno el modelo para el JTable
    DefaultTableModel modeloTabla = (DefaultTableModel) tblEmpleado.getModel();

    //Asigno el indice del elemento seleccionado
    int indice = tblEmpleado.getSelectedRow();

    //Asigno al campo cedula el elemto a eliminar
    //int cedula = Integer.parseInt((String)modeloTabla.getValueAt(indice,0));
    int cedula = (int) modeloTabla.getValueAt(indice, 0);   

    //Elimino el registro de la tabla
    modeloTabla.removeRow(indice);

    //Elimino el registro
    objEmpleado.eliminarEmpleado(cedula);          
}

However, I have a small question regarding what SJuan76 said about SQL Inyection.    public boolean deleteEmployee (int cedula) {         / *         String query="delete from employee where cedula =?";         preparedStatement = connection.prepareStatement (query);         preparedStatement .setInt (1, cedula);         preparedStatement .executeUpdate ();         * / 

    boolean resultado = false;

    try {
        String sql = "Delete from empleado where cedula = ?";
        objConec.conectar();
        PreparedStatement ps = conectar.PrepareStatement(sql);
        PreparedStatement .setInt(1, cedula);
        PreparedStatement .executeUpdate(1);
        if(valor>0){
            resultado = true;
        }
        objConec.conex.close();
        st.close();
    } catch (Exception e) {
        JOptionPane.showMessageDialog(null, "Error al eliminar" + e.getMessage());
    }
    return resultado;

}

Try to do it coo you told me, but it marked me enough errors. The biggest mistake I have is that I do not know how to assign the connection variable to be used within the preparedStatement.

Thank you very much again!

    
answered by 04.11.2018 в 18:07
Error java.lang.NumberFormatException Query by data of another MySQL table