java - does it make sense to serialize and object -


i trying store data in mysql. columns 'ingredients' of type varchar, 'recipe' of type text , 'menu_id' of type tinyint. 'ingredients' , 'recipe' should viewed , adjusted , saved jtextarea.

each object reference have different menu_id used call methods on. methods readcard(int menu_id) or

public void adjustcard(){        try{  string sset; sset= "update eatingcard " + "set menu_id = '"+ this.menu_id + "'," + "ingredients='" + this.ingredients + "'," + "recipe='" + this.recipe+ "' "+ "where eatingcard.menu_id = " + this.menu_id;           }catch{  statement.executeupdate(sset);                     }catch(exception e){                  e.printstacktrace();                  system.out.println("did not update");              }                    

does make sense serialize object, if want change it's ingredients , recipe use of jbutton save / update changes made ? or should rely on mysql handle changes without serialization? dont see advantage of serialization in particular case.

if have no need query data, can save data in raw form, wouldn't recommend that form serialized object. using serialized object far less portable more standard interoperable format such json.

in case, looking @ example, seems quite want query data @ point in future (it lend quite naturally more structure). e.g. search on ingredients? recipes? may want update data in more flexible ways in future. example, in more normalized structure (say ingredient per row in table), add new ingredients. in model, need pull whole object in order update ingredients. less efficient.

beyond that, , more importantly, not safe save user input database. code show above suffers sql injection. should consider using prepared statements , bind parameters input escaped.


Comments

Popular posts from this blog

SVG stroke-linecap doesn't work for circles in Firefox? -

routes - Laravel 4 Wildcard Routing to Different Controllers -

cross browser - XSLT namespace-alias Not Working in Firefox or Chrome -