使用Java将数据插入mySQL数据库时出错
[英]Error while inserting data to the mySQL DB, with Java
问题描述
Good night everyone. 
各位晚安。 I have these codes. 我有这些代码。 I only copied here the codes which have the problem. 我只在这里复制了有问题的代码。
//This is my main method. I called my Database.class, made the connection and called the insertnewcustomer method.
public static void main(String[] args) {
Database db = new Database();
db.connectDB();
db.insertNewCustomer(86754312, "arda", "zenci", 55418, 400);
.................//
//and here is my insertNewCustomer method which is inside the Database.class
public void insertNewCustomer(int num, String name, String surname, int phone, int debt){
try {
statement.executeUpdate("INSERT INTO Customer(customer_cardno, customer_name, customer_sirname, customer_phone, debt) VALUES(" + num + ", " + name + ", " + surname + ", " + phone + ", " + debt + ")");
} catch (SQLException e) {
e.printStackTrace();
}}
I cannot see any problems but I have a MySQLSyntaxErrorException 我看不到任何问题,但我有一个MySQLSyntaxErrorException
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Unknown column 'arda' in 'field list'
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.Util.getInstance(Util.java:386)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1054)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4187)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4119)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2570)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2731)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2809)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1811)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1725)
at Database.insertNewCustomer(Database.java:39)
at mainFrame.main(mainFrame.java:50)
2 个解决方案
解决方案1
1 2013-05-27 23:05:59
This is happening because you need to surround variables which are not integers with quotes, otherwise database would understand them as column, simply add quotes in not integers column, such as 发生这种情况是因为你需要用引号括起不是整数的变量,否则数据库会将它们理解为列,只需在非整数列中添加引号,例如
statement.executeUpdate("INSERT INTO Customer(customer_cardno, customer_name, customer_sirname, customer_phone, debt) VALUES(" + num + ", '" + name + "', '" + surname + "', " + phone + ", " + debt + ")");
I assumed customer_cardno , customer_phone , debt being i tegers columns, if they are nit just surround variabkes with quotes 我假设customer_cardno , customer_phone , debt是我tegers列,如果他们是nit只是环绕变量带引号
解决方案2
1 2013-05-27 23:06:43
Two things: 两件事情:
First, SQL Injection risk . 首先, SQL注入风险 。 I suggest you take a look on Prepared Statements: http://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html 我建议你看一下Prepared Statements: http : //docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html
Now, if you insist in building the query string like that, you should enclose the String values you are inserting in quotes: 现在,如果您坚持构建类似的查询字符串,则应将要插入的String值括在引号中:
statement.executeUpdate("INSERT INTO Customer " +
(customer_cardno, customer_name, customer_sirname, customer_phone, debt) " +
VALUES(" + num + ", '" + name + "', '" + surname + "', '" + phone + "', " + debt + ")");
/*
* Notice the single quotes arround "name", "surname" and "phone"
*/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.