将 java 添加到 sql 时遇到问题
[英]I'm facing an issue when I'm adding java to sql
问题描述
Well, I want to update an SQL query with a chunk of java code but it doesn't work.
好吧,我想用一段 java 代码更新一个 SQL 查询,但它不起作用。 I don't know if I'm using the right way to do it.我不知道我是否使用正确的方法来做到这一点。
Here my code :这是我的代码:
String GICA_petrom_filter = "";
if (context.yoda_core_country.equals("ROU")) {
GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}
Can I use a prepared statement ?我可以使用准备好的语句吗? not sure if it's efficient...不确定它是否有效...
1 个解决方案
解决方案1
0 已采纳 2020-10-19 15:55:51
First of all you should not concatenate strings like this in SQL, it is a really bad habit, this should help you https://www.baeldung.com/sql-injection首先,你不应该在 SQL 中连接这样的字符串,这是一个非常糟糕的习惯,这应该对你有帮助https://www.baeldung.com/sql-injection
Try to use query builders, or the methods described if the article linked above尝试使用查询构建器,或者上面链接的文章中描述的方法
And then you're missing a space after the然后你在后面错过了一个空格
AND NASSAS NOT IN (SELECT MAG FROM'"
change it to :将其更改为:
AND NASSAS NOT IN (SELECT MAG FROM '"
But as I said, you should not concatenate to build queries like this ;) Also try posting the errors you get in the log, when you ask a question, it helps a lot to solve your issues !但是正如我所说,您不应该连接以构建这样的查询 ;) 还可以尝试将您收到的错误发布到日志中,当您提出问题时,这对解决您的问题有很大帮助!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.