SQL查询中是否需要单引号? 具体来说,Java JDBC查询
[英]Are single quotations necessary in SQL queries? Specifically, Java JDBC queries
问题描述
I am using MySQL Workbench as a GUI for my servers. 
我使用MySQL Workbench作为服务器的GUI。
Looking at some of the queries that Workbench does, it seems to single quotation my database name and the column names, ie 查看Workbench所做的一些查询,似乎单引号引用了数据库名称和列名称,即
"INSERT INTO `mydb`.`weather_data`(`dateTime`,`hourlyTemp`,`dewPoint`,`windSpeed`,`relHum`) VALUES(?,?,?,?,?)";
Now, I am using JDBC (Java) to do an automatic query. 现在,我正在使用JDBC(Java)进行自动查询。 The string I use is: 我使用的字符串是:
String insertTableSQL = "INSERT INTO `mydb`.`weather_data`"
+ "(`dateTime`,`hourlyTemp`,`dewPoint`,`windSpeed`,`relHum`) VALUES"
+ "(?,?,?,?,?)";
My question is, should I use the single quotations? 我的问题是,我应该使用单引号吗? Should I remove them? 我应该删除它们吗? Is it necessary? 有必要吗?
EDIT second question: 编辑第二个问题:
This is my full preparedStatement(); 这是我完整的prepareStatement();
private static void batchInsertRecordsIntoTable() throws SQLException{
Connection dbConnection = null;
PreparedStatement preparedStatement = null;
String insertTableSQL = "INSERT INTO `mydb`.`weather_data`"
+ "(`dateTime`,`hourlyTemp`,`dewPoint`,`windSpeed`,`relHum`) VALUES"
+ "(?,?,?,?,?)";
try{
dbConnection = getDBConnection();
preparedStatement = dbConnection.prepareStatement(insertTableSQL);
dbConnection.setAutoCommit(false);
preparedStatement.setString(1, "1111111111"); // dateTime
preparedStatement.setInt(2, 12); // hourlyTemp
preparedStatement.setInt(3, 12); // dewPoint
preparedStatement.setInt(4, 12); //windSpped
preparedStatement.setInt(5, 12); //relHum
preparedStatement.addBatch();
preparedStatement.executeBatch();
dbConnection.commit();
System.out.println("Record was inserted into mydb weather_data");
}catch(SQLException e){
System.out.println(e.getMessage());
dbConnection.rollback();
}finally{
if(preparedStatement!=null){
preparedStatement.close();
}
if(dbConnection!=null){
dbConnection.close();
}
}
}
For some reason, the data is not being appended/added/inserted into my DB despite having no connection errors. 由于某些原因,尽管没有连接错误,也没有将数据追加/添加/插入到我的数据库中。
2 个解决方案
解决方案1
1 已采纳 2013-11-08 21:49:33
Not required, but very nice to have. 不需要,但是很高兴。 You're letting the parser and any human reading it, what is a table, column, string. 您正在让解析器和任何人阅读它,什么是表,列,字符串。 You should continue using them. 您应该继续使用它们。 Not using them can only hurt you, using them just adds extra bytes to your file. 不使用它们只会伤害您,使用它们只会在文件中增加额外的字节。
解决方案2
0 2013-11-08 21:52:25
You can put the table and field names in backticks, but you don't have to. 您可以将表名和字段名放在反引号中,但不必这样做。 The advantage of using backticks is that you may use some special characters in your field names (eg a comma). 使用反引号的优点是,您可以在字段名称中使用一些特殊字符(例如,逗号)。 (But should anyone really want to do this?) The disadvantage is that backticks are not part of the ANSI SQL standard. (但是,真的应该有人这样做吗?)缺点是反引号不是ANSI SQL标准的一部分。 So using backticks could possibly break your code if you migrate to an other SQL implementation as MSSQL. 因此,如果您迁移到其他SQL实现(例如MSSQL),则使用反引号可能会破坏您的代码。
tl;dr: Some consider it a good style to use backticks, but you are not required to do this if you do not want to use special characters in your field names. tl; dr:有些人认为使用反引号是一种很好的样式,但是如果您不想在字段名称中使用特殊字符,则不需要这样做。
Edited: as @a_horse_with_no_name said in the comments, MySQL is the only major system that supports backticks. 编辑:正如@a_horse_with_no_name在评论中所说,MySQL是唯一支持反引号的主要系统。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.