SQL-Java-UPDATE语句查询
[英]SQL - Java - UPDATE statement query
问题描述
So what I want to do is "Update the 'usertype' column in the 'user' table WHERE the email(/user) value is obtained from the textbox" 
因此,我想要做的是“在‘用户’表更新的‘用户类型’列WHERE从文本中获得的电子邮件(/用户)值”
JButton GrantButton = new JButton("Grant Seller Access");
GrantButton.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent arg0) {
try {
String update_query = "UPDATE user SET usertype = 'seller' WHERE email = " & GrantField.getText()";"
//Here is where the error is stated on eclipse
PreparedStatement pSt = connect.prepareStatement(update_query);
pSt.setString(1, GrantField.getText());
pSt.execute();
JOptionPane.showMessageDialog(null, "The Request has been approved");
} catch (Exception e) {
e.printStackTrace();
}
}
});
Is it possible to do this?
Any help will be appreciated. 任何帮助将不胜感激。
4 个解决方案
解决方案1
0 2015-05-31 03:40:16
Your update_query is not proper. 您的update_query不正确。 You are using setString on PreparedStatement but you are not specifying where this value should be inserted in query (you query is not parameterized). 您在PreparedStatement上使用setString,但未指定在查询中应插入此值的位置(您的查询未参数化)。 To specify that you need to write ? 要指定您需要写? where you want to insert value. 您要在其中插入值的位置。 Also user is reserved word in database so ideally you should not use this name. 用户也是数据库中的保留字,因此理想情况下,您不应使用此名称。 For example : 例如 :
String update_query = "UPDATE [table_name] SET usertype = seller WHERE email = ?" ;
PreparedStatement preparedStatement = dbConnection.prepareStatement(update_query);
preparedStatement.setString(1,Value);// this value will be replaced at ?
If you don't know how to connect to database from Java and create connection, you need to learn it from : http://docs.oracle.com/javase/tutorial/jdbc/ 如果您不知道如何从Java连接到数据库并创建连接,则需要学习以下内容: http : //docs.oracle.com/javase/tutorial/jdbc/
解决方案2
0 2015-05-31 03:44:12
try wrapping your textbox value with single quotes like this: 尝试使用单引号将文本框值包装起来,如下所示:
String update_query = "UPDATE user
SET usertype = 'seller'
WHERE email = '" & GrantField.getText() & "';"
I added an ampersand after getText() too. 我也在getText()之后添加了&符。
解决方案3
0 已采纳 2015-05-31 03:45:55
There are some problem with your sql query. 您的sql查询存在一些问题。
- The table name is
Userit is a reserve word so enclose it in ""表名是“ User它是保留字,因此将其括在“”中 - you are checking an email. 您正在查看电子邮件。 It is varchar so it should enclose in
'它是varchar,因此应将其括在' - Always try to use parameterized sql queries it would avoid sql injection problem 始终尝试使用参数化的sql查询,这样可以避免sql注入问题
You are doing setstring to pass a value to the query but in the query you are not specifying where the value should be substituted.
您正在执行setstring来将值传递给查询,但是在查询中您未指定应替换值的位置。 String update_query ="UPDATE "user" SET usertype = 'seller' WHERE email = '" & GrantField.getText()&"';" PreparedStatement pSt = connect.prepareStatement(update_query); //pSt.setString(1, GrantField.getText()); this statement not needed because you are providing the value in query iteself pSt.execute();
OR 要么
String update_query = "UPDATE [user] SET usertype = 'seller' WHERE email = ?" ;
PreparedStatement pSt = dbConnection.prepareStatement(update_query);
pSt.setString(1,GrantField.getText());
pSt.execute();
解决方案4
0 2015-05-31 05:53:02
Just modify this part 只需修改这部分
String update_query = "UPDATE user SET usertype = 'seller' WHERE ***email = '" + GrantField.getText()+"';***
hope it may work for you. 希望它对您有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.