[英]Derby Database insertion error
I am writing a code it displays output on output screen well. 我正在编写一个代码,它可以很好地在输出屏幕上显示输出。 But when i linked data base to it it gives error of some type which i search a lot on Google but can't got help.
但是,当我将数据库链接到它时,它会出现某种类型的错误,我在Google上进行了很多搜索,但无法获得帮助。
import java.net.URL;
import java.io.*;
import java.util.ArrayList;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
public class Test{
public ArrayList lines=new ArrayList();// global list contain <item>.......</item>
public static void main(String[] args) throws Exception {
Test obj= new Test();
/* String proxy="172.16.4.7"; //proxy address
String port= "1117"; //proxy port
System.setProperty("http.proxyHost" , proxy); //setting proxy
System.setProperty("http.proxyPort", port); //setting proxy port
*/
URL url = new URL("http://feeds.feedburner.com/geo/GiKR"); //geo url
BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream()));
String line;
line=in.readLine(); //skiping first line of xml version
line= in.readLine();
if (line.contains("<item>")) {
while(line.contains("<item>")) {
line = obj.extractItem(line); //extraction <item>a nd </item> from origional news feed
}
}
}
String extractItem(String line){
int start=0, end=0,length=0;
start= line.indexOf("<item>");
end= line.indexOf("</item>");
length= line.length();
try{
String host = "jdbc:derby://localhost:1527/NewsFinal";
String uName="ashfaq";
String pass="pakistan";
Connection con = DriverManager.getConnection( host, uName, pass );
Statement stmt= con.createStatement();
//lines.add(line.substring(start+6, end));
String item=line.substring(start+6, end+7);
//System.out.println(item);
//String query="INSERT INTO ITEMS2(ITEM) VALUES(" + "'"+item+"'"+")";
String query="insert into ITEMS(ITEMDATA) values("+"'" + item + "'"+")";
stmt.executeUpdate(query);
}
catch(SQLException err)
{System.out.println(err.getMessage());}
//System.out.println(line.substring(start+6, end+7)); //strat+6 to remove item tag, start+13 removes item and title tag
return line.substring(0,start) + line.substring(end+6,length);
}
}
Here is the output generated by it: 这是它生成的输出:
run:
Syntax error: Encountered "1" at line 1, column 318.
Syntax error: Encountered "1" at line 1, column 330.
Syntax error: Encountered "1" at line 1, column 342.
Syntax error: Encountered "1" at line 1, column 318.
Syntax error: Encountered "1" at line 1, column 330.
Syntax error: Encountered "1" at line 1, column 326.
Syntax error: Encountered "1" at line 1, column 351.
Syntax error: Encountered "1" at line 1, column 319.
Syntax error: Encountered "1" at line 1, column 299.
Syntax error: Encountered "1" at line 1, column 328.
Syntax error: Encountered "1" at line 1, column 307.
Syntax error: Encountered "1" at line 1, column 331.
Syntax error: Encountered "1" at line 1, column 334.
Syntax error: Encountered "1" at line 1, column 319.
Syntax error: Encountered "1" at line 1, column 334.
Syntax error: Encountered "1" at line 1, column 307.
Syntax error: Encountered "1" at line 1, column 325.
Syntax error: Encountered "1" at line 1, column 301.
Syntax error: Encountered "1" at line 1, column 312.
Syntax error: Encountered "1" at line 1, column 306.
Syntax error: Encountered "1" at line 1, column 327.
Syntax error: Encountered "1" at line 1, column 342.
Syntax error: Encountered "1" at line 1, column 333.
Syntax error: Encountered "1" at line 1, column 338.
Syntax error: Encountered "1" at line 1, column 329.
BUILD SUCCESSFUL (total time: 3 seconds)
in the function extractItem(String line)
, when i uncomment 在函数
extractItem(String line)
,当我取消注释时
System.out.println(item);
it displays output well but cant insert in data base which i created with it. 它显示输出很好,但不能插入我用它创建的数据库中。
Database is going well i insert data in it from gui and it worked and also from execute command but don't know why this error arise. 数据库运行良好,我从gui中向其中插入了数据,它也可以从execute命令正常工作,但不知道为什么会出现此错误。
Just putting quotes around an arbitrary string is not going to be enough to make it valid as a VALUE if it contains another quote and leaves you wide open to SQL Injection attacks. 仅在双引号周围加上引号还不足以使它作为VALUE(如果它包含另一个引号)并让您容易受到SQL Injection攻击的影响。
Use a PreparedStatement
and set the value in that. 使用
PreparedStatement
并在其中设置值。
You are also creating a new Connection
and Statement
for every item and not closing any of them. 您还将为每个项目创建一个新的
Connection
和Statement
,而不关闭其中的任何一个。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.