[英]what's wrong with my insert statement? mysql java
what's wrong with my insert method? 我的插入方法有什么问题? my table has two columns, name, and artist..and timestamp, that too actually, how do i pass timestamp argument to the insert statement?
我的表有两列,即name和artist ..和timestamp,实际上,我如何将timestamp参数传递给insert语句?
ok.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent e) {
try {
/*FileWriter dir = new FileWriter(nameOfSong.getText()
+ ".txt");
BufferedWriter buffer = new BufferedWriter(dir);
buffer.write(nameOfSong.getText());
buffer.newLine();
buffer.write(artist.getText());
buffer.newLine();
buffer.newLine();
buffer.write(lyrics.getText());
buffer.close();
*/
Statement statement = connection.createStatement();
statement.executeUpdate("INSERT INTO lyrics1_lyrics1 VALUES(" +
nameOfSong.getText() + ", " + artist.getText() + "");
} catch (Exception z) {
System.err.println("Error: " + z.getMessage());
}
internalFrame.dispose();
}
});
)
Always use PreparedStatement
. 始终使用
PreparedStatement
。
String sql="INSERT INTO lyrics1_lyrics1 VALUES (?,?)";
PreparedStatement statement = connection.prepareStatement(sql);
statement.setString(1,nameOfSong.getText());
statement.setString(2,artist.getText());
statement.executeUpdate();
statement.close();
connection.close();
The text values need to be surrounded by single quotes ( ''
). 文本值需要用单引号(包围
''
)。
And SQL-escaped to avoid SQL injection attacks, or the first time you have a song by Little Bobby Tables , all your DB are belong to him. 并且为了避免SQL注入攻击而逃避了SQL攻击,或者您第一次有Little Bobby Tables演唱歌曲时,所有DB都属于他。
Better yet, use a PreparedStatement
, and let the machine do work for you. 更好的是, 使用
PreparedStatement
,让机器为您工作。
You can use prepared statement for it 您可以使用准备好的语句
String query = "INSERT INTO lyrics1_lyrics1(name, artist, timestamp) values(?, ?, ?)";
PreparedStatement pstmt = conn.prepareStatement(query);
pstmt.setString(1, name); // set input parameter 2
pstmt.setString(2, artist);
pstmt.setString(3, new TimeStamp(new Date().getTime()));
You need to add an import statement for the TimeStap; 您需要为TimeStap添加导入语句;
import java.sql.Timestamp;
or else use 否则使用
pstmt.setString(3, new java.sql.TimeStamp(new Date().getTime()));
Example: Prepared Statement Insert . 示例: 准备语句插入 。
You can find a lot of example in java2s site . 您可以在java2s站点中找到很多示例。
Change the line to: 将行更改为:
statement.executeUpdate("INSERT INTO lyrics1_lyrics1 VALUES('" +
nameOfSong.getText() + "', '" + artist.getText() + "'");
这可能会解决您的问题:
statement.executeUpdate("INSERT INTO lyrics1_lyrics1 VALUES('" + nameOfSong.getText() + "', '" + artist.getText() + "')");`
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.