void addOrderToTable(Order order, Connection dbConnection) throws SQLExcepti

1.     void addOrderToTable(Order order, Connection dbConnection) throws SQLException {
2.         List<Book> books = order.getBooks();
3.         String login = order.getUser().getLogin();
4.         Statement statement = dbConnection.createStatement();
5.         ResultSet resultSet = statement.executeQuery("SELECT * FROM \"USERS\" WHERE (login) = " + login);
6.         String addOrder = "INSERT INTO \"ORDERS\" (userId, sum, isPaid) " +
7.                 "VALUES (?, ?, ?)";
8.         PreparedStatement preparedStatement = dbConnection.prepareStatement(addOrder);
9.         preparedStatement.setInt(1, resultSet.getInt("id"));
10.         preparedStatement.setDouble(2, order.getSum());
11.         preparedStatement.setBoolean(3, false);
12.         preparedStatement.executeUpdate();
13.  
14.         for (Book book: books) {
15.             ResultSet bookId = statement.executeQuery("SELECT * FROM \"SHOP_DEPO\" WHERE author = "
16.                     + book.getAuthor() +
17.                     " AND title = " + book.getTitle() +
18.                     " AND publisher = " + book.getPublisher() +
19.                     " AND year = " + book.getYear() +
20.                     " AND pages = " + book.getPages() +
21.                     " AND price = " + book.getPrice());
22.             ResultSet orderId = statement.executeQuery("SELECT * FROM \"ORDERS\" WHERE" +
23.                     " (userId) = " + resultSet.getInt("id"));
24.  
25.             String addBookId = "INSERT INTO \"ORDERS_POSITIONS\" (orderId, bookId) " +
26.                     "VALUES (?, ?)";
27.             PreparedStatement addBookIdstatement = dbConnection.prepareStatement(addBookId);
28.             addBookIdstatement.setInt(1, orderId.getInt("id"));
29.             addBookIdstatement.setInt(2, bookId.getInt("id"));
30.         }
31.         preparedStatement.close();
32.     }