堆栈内存溢出
  简体   繁体   English

Derby数据库插入错误

[英]Derby Database insertion error

 原文  2013-11-15 04:01:48       java/ mysql/ database/ derby

问题描述

I am writing a code it displays output on output screen well. 我正在编写一个代码,它可以很好地在输出屏幕上显示输出。 But when i linked data base to it it gives error of some type which i search a lot on Google but can't got help. 但是,当我将数据库链接到它时,它会出现某种类型的错误,我在Google上进行了很多搜索,但无法获得帮助。 

import java.net.URL;
import java.io.*;
import java.util.ArrayList;
import java.sql.Connection;
import java.sql.DriverManager;

import java.sql.SQLException;
import java.sql.Statement;

public class Test{
    public ArrayList lines=new ArrayList();// global list contain <item>.......</item>

    public static void main(String[] args) throws Exception {
        Test obj= new Test();

       /* String proxy="172.16.4.7";    //proxy address
        String port= "1117";    //proxy port
        System.setProperty("http.proxyHost" , proxy);   //setting proxy
        System.setProperty("http.proxyPort", port); //setting proxy port
       */ 
        URL url = new URL("http://feeds.feedburner.com/geo/GiKR");  //geo url
        BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream()));
        String line;
        line=in.readLine(); //skiping first line of xml version
        line= in.readLine();

        if (line.contains("<item>")) {
           while(line.contains("<item>")) {
              line = obj.extractItem(line); //extraction <item>a nd </item> from origional news feed

           }

        }
    }
String extractItem(String line){
    int start=0, end=0,length=0;
    start= line.indexOf("<item>");
    end= line.indexOf("</item>");
    length= line.length();
    try{
    String host = "jdbc:derby://localhost:1527/NewsFinal";
    String uName="ashfaq";
    String pass="pakistan";
    Connection con = DriverManager.getConnection( host, uName, pass );
    Statement stmt= con.createStatement();

    //lines.add(line.substring(start+6, end));
    String item=line.substring(start+6, end+7);
    //System.out.println(item);
    //String query="INSERT INTO ITEMS2(ITEM) VALUES(" + "'"+item+"'"+")";
    String query="insert into ITEMS(ITEMDATA) values("+"'" + item + "'"+")";
     stmt.executeUpdate(query);
    }
    catch(SQLException err)
    {System.out.println(err.getMessage());}

   //System.out.println(line.substring(start+6, end+7)); //strat+6 to remove item tag, start+13 removes item and title tag
    return line.substring(0,start) + line.substring(end+6,length);
    }

}

Here is the output generated by it: 这是它生成的输出: 

run:
Syntax error: Encountered "1" at line 1, column 318.
Syntax error: Encountered "1" at line 1, column 330.
Syntax error: Encountered "1" at line 1, column 342.
Syntax error: Encountered "1" at line 1, column 318.
Syntax error: Encountered "1" at line 1, column 330.
Syntax error: Encountered "1" at line 1, column 326.
Syntax error: Encountered "1" at line 1, column 351.
Syntax error: Encountered "1" at line 1, column 319.
Syntax error: Encountered "1" at line 1, column 299.
Syntax error: Encountered "1" at line 1, column 328.
Syntax error: Encountered "1" at line 1, column 307.
Syntax error: Encountered "1" at line 1, column 331.
Syntax error: Encountered "1" at line 1, column 334.
Syntax error: Encountered "1" at line 1, column 319.
Syntax error: Encountered "1" at line 1, column 334.
Syntax error: Encountered "1" at line 1, column 307.
Syntax error: Encountered "1" at line 1, column 325.
Syntax error: Encountered "1" at line 1, column 301.
Syntax error: Encountered "1" at line 1, column 312.
Syntax error: Encountered "1" at line 1, column 306.
Syntax error: Encountered "1" at line 1, column 327.
Syntax error: Encountered "1" at line 1, column 342.
Syntax error: Encountered "1" at line 1, column 333.
Syntax error: Encountered "1" at line 1, column 338.
Syntax error: Encountered "1" at line 1, column 329.
BUILD SUCCESSFUL (total time: 3 seconds)

in the function extractItem(String line) , when i uncomment 在函数extractItem(String line) ,当我取消注释时 

System.out.println(item);

it displays output well but cant insert in data base which i created with it. 它显示输出很好,但不能插入我用它创建的数据库中。

Database is going well i insert data in it from gui and it worked and also from execute command but don't know why this error arise. 数据库运行良好,我从gui中向其中插入了数据,它也可以从execute命令正常工作,但不知道为什么会出现此错误。

1 个解决方案

解决方案1
 0  2013-11-16 09:32:26

Just putting quotes around an arbitrary string is not going to be enough to make it valid as a VALUE if it contains another quote and leaves you wide open to SQL Injection attacks. 仅在双引号周围加上引号还不足以使它作为VALUE(如果它包含另一个引号)并让您容易受到SQL Injection攻击的影响。

Use a PreparedStatement and set the value in that. 使用PreparedStatement并在其中设置值。

You are also creating a new Connection and Statement for every item and not closing any of them. 您还将为每个项目创建一个新的ConnectionStatement ,而不关闭其中的任何一个。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Derby数据库的SQL语句中的错误 - Error in SQL statement for Derby database Apache Derby中找不到数据库错误 - Database not found error in Apache Derby 将错误插入数据库表 - Insertion error into a database table 数据库值插入错误 - Database value insertion Error derby数据库 - The derby database 由于查询导致数据库插入错误 - Database Insertion error due to query Derby客户端jdbc驱动程序连接错误:无法创建数据库&#39;sample&#39; - Derby client jdbc driver connection error : Failed to create database 'sample' 如何从apache derby中读取错误消息“找不到数据库”? - How to read an error message 'database not found' from apache derby? 在eclipse链接jpa中移动到java 8次后derby数据库出错 - Error in derby database after move to java 8 time in eclipse link jpa 连接到Derby网络服务器时找不到数据库错误 - Database not found error when connecting to Derby network server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM