0

I am trying to write an update SQL statement for many columns within one table only. For example product table. Within product table, there are many columns like name, description, price, quantity, image, category, status.

So I came out with this SQL statement:

String sql = "UPDATE sm_product SET productDescription = '" + desc +
    "' , productPrice = ' + price + ', productQuantity = ' + quantity +
    ', productImage = '" + image + "', productCategory = '" + category +
    '"  WHERE productName = '" + name + "'";

However, the compiler told me that there are unclosed character literal and not a statement. I wonder how should I fix this SQL statement because I only have one table to update. But within that table, there are many fields.

Thanks in advance.

Improve this question
4
  • 1
    Note the edit I made, and how the syntax highlighting is showing that many of your to-be-inserted varabieslare NOT being highlighted properly. Commented Jun 21, 2013 at 15:34
  • unrelated to your question, but still something to note, make sure you are sanitizing your inputs so that you don't get SQL Injection. Commented Jun 21, 2013 at 15:36
  • How to sanitizing inputs? And what is SQL injection? Commented Jun 21, 2013 at 15:45
  • Please tag your questions with the language you're using, so we can give answers appropriate for your environment. Commented Jun 21, 2013 at 15:57

1 Answer 1

Reset to default
1

It looks like you have problems with your quotes. Try this:

String sql = "UPDATE sm_product SET productDescription = '" + desc +
    "' , productPrice = " + price + ", productQuantity = " + quantity +
    ", productImage = '" + image + "', productCategory = '" + category +
    "'  WHERE productName = '" + name + "'";

This is assuming that price and quantity are numeric and the rest are strings.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

So numerics are "". I thought they were ''. But how come when I write in one line, there's an error?
Numbers don't need any quotes, only strings need to be quoted.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.