This seems like it belongs better in the
JDBC forum. With that being said, I have a few comments about your code.
When you are asking people to help solve a problem, it is nice and sometime necessary to provide the stack trace. There are a lot of things in your code that could be causing errors. The most likely problem is the is a problem with your setting of values from your request. Request parameters are ALWAYS Strings. Your use of toString() could be causing the NullPointer if the parameter does not exist. Have you verified that all the request parameters are being set? Try writing all the Strings to a log to see what their values are being set as.
Whenever you are performing a database update, ALWAYS USE java.sql.PreparedStatement. Using regular java.sql.Statement leaves your application open for SQL injection attacks. You may not want to have your request parameters exactly match the names of the fields in your table. That makes it even easier to perform the SQL injection.
You should also sanitize any inputs for not only SQL injection, but also to prevent simple formatting issues. Do you verify that all the request parameters are of the proper type and length? Do any varchars exceed the length of the database field?
Your database structure should also be in the
Third Normal Form. The way you have your table structured defeats the purpose of having a database since it acts more like a spreadsheet. Is there a reason that your Inventory_Qty field is stored as a varchar instead of a numeric type?
A minor coding point, but a rule of thumb is not to have a single line of code exceed the width of the screen. You should add some line breaks into your SQL query
string.