JavaHow-ToBeginner · 3 min read

How to Update Data in Database Using Java - Simple Guide

To update data in a database using Java, use JDBC to create a connection, prepare an UPDATE SQL statement with PreparedStatement, set the parameters, and execute the update with executeUpdate(). This modifies existing records safely and efficiently.

📐

Syntax

Here is the basic syntax to update data using Java JDBC:

Connection: Connect to the database.
PreparedStatement: Prepare an SQL UPDATE statement with placeholders.
Set parameters: Replace placeholders with actual values.
Execute update: Run the update using executeUpdate().
Close resources: Always close the statement and connection.

java

String sql = "UPDATE table_name SET column1 = ? WHERE column2 = ?";
PreparedStatement pstmt = connection.prepareStatement(sql);
pstmt.setString(1, "newValue");
pstmt.setInt(2, 123);
int rowsUpdated = pstmt.executeUpdate();

💻

Example

This example shows how to update a user's email in a database table named users where the user's ID matches a given value.

java

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.SQLException;

public class UpdateExample {
    public static void main(String[] args) {
        String url = "jdbc:mysql://localhost:3306/mydatabase";
        String user = "root";
        String password = "password";

        String sql = "UPDATE users SET email = ? WHERE id = ?";

        try (Connection conn = DriverManager.getConnection(url, user, password);
             PreparedStatement pstmt = conn.prepareStatement(sql)) {

            pstmt.setString(1, "newemail@example.com");
            pstmt.setInt(2, 5);

            int rowsAffected = pstmt.executeUpdate();
            System.out.println(rowsAffected + " row(s) updated.");

        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}

Output

1 row(s) updated.

⚠️

Common Pitfalls

Not closing Connection and PreparedStatement can cause resource leaks.
Using string concatenation for SQL can cause SQL injection vulnerabilities; always use PreparedStatement.
Forgetting to call executeUpdate() means the update won't happen.
Not handling SQLException properly can hide errors.

java

/* Wrong way: vulnerable to SQL injection and no resource closing */
String sql = "UPDATE users SET email = '" + newEmail + "' WHERE id = " + userId;
Statement stmt = connection.createStatement();
stmt.executeUpdate(sql);

/* Right way: use PreparedStatement and try-with-resources */
String sql = "UPDATE users SET email = ? WHERE id = ?";
try (PreparedStatement pstmt = connection.prepareStatement(sql)) {
    pstmt.setString(1, newEmail);
    pstmt.setInt(2, userId);
    pstmt.executeUpdate();
}

📊

Quick Reference

Remember these key points when updating data in Java:

Use PreparedStatement to avoid SQL injection.
Always close database resources to prevent leaks.
Check the number of rows affected to confirm the update.
Handle exceptions to catch errors early.

✅

Key Takeaways

Use PreparedStatement with parameter placeholders to update data safely.

Always close your database connections and statements to avoid resource leaks.

Call executeUpdate() to apply the changes and check the affected rows.

Avoid building SQL queries with string concatenation to prevent SQL injection.

Handle SQLExceptions to detect and fix database errors promptly.