堆栈内存溢出
  简体   繁体   English

在SQL查询中使用时,“=?”表示什么

[英]What does “=?” represent when used in an SQL query

 原文  2012-02-03 03:42:08       java/ sql/ jdbc/ syntax

问题描述

I'm fairly new to SQL and I'm currently reworking a java program that another programmer has developed. 我是SQL的新手,我正在重新编写另一个程序员开发的java程序。 When I print one of his query select statements the script contains sql syntax: 当我打印他的一个查询select语句时,脚本包含sql语法: 

SELECT * from database WHERE id = ?

I just want know what =? 我只想知道什么=? is supposed to do? 应该怎么做? I've been googling around and I can't find any relevant answer. 我一直在谷歌搜索,我找不到任何相关的答案。

5 个解决方案

解决方案1
 5 已采纳  2012-02-03 03:45:06

It's not a SQL notation, but a JDBC (Java Database Connectivity) notation. 它不是SQL表示法,而是JDBC(Java数据库连接)表示法。 The ? ? gets replaced with a parameter that is specified separately. 被替换为单独指定的参数。 Using this approach, instead of trying to substitute the parameter yourself into the string, helps prevent the risk of SQL injection . 使用此方法,而不是尝试将参数替换为字符串,有助于防止SQL注入的风险。

解决方案2
 1  2012-02-03 03:43:44

The ? ? is a place holder, a parameter, so that you can pass it in dynamically and return different results for different parameters. 是一个占位符,一个参数,以便您可以动态传递它并为不同的参数返回不同的结果。

Somewhere in the code you should see that he adds the parameter to the Statement object and execute it. 在代码中的某处,您应该看到他将参数添加到Statement对象并执行它。

解决方案3
 1  2012-02-03 03:46:14

Most likely you are using a tool that will replace the "?" 很可能你使用的工具将取代“?” with an actual value. 具有实际价值。 I've seen this in other tools before such as SQL DTS (Data Transformation Services)... but that's showing how old I am :) 我之前在其他工具中看到过这种情况,例如SQL DTS(数据转换服务)......但是这显示我多大了:)

The ? ? is not part of the SQL language. 不是SQL语言的一部分。

解决方案4
 1  2012-02-03 06:05:25

The ? ? is a place holder used in SQL queries when used with JDBC Prepared statement . 是与JDBC Prepared语句一起使用时在SQL查询中使用的占位符。 Using a prepared statement has advantages over the normal statement specially when you use it repeatedly (say in a loop). 使用预准备语句优于正常语句,特别是当您重复使用它时(例如在循环中)。

解决方案5
 0  2012-02-05 18:14:41

Here is an example : 这是一个例子: 

PreparedStatement ps = 
    connection.prepareStatement("select name from users where user_name = ?");
ps.setString(1, "user1");

the "?" “?” gets replace by "user1" when the query is run and the first name of the user with user name "user1" is returned. 运行查询时将替换为“user1”,并返回用户名为“user1”的用户的名字。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 格式化字符串时%df表示什么? - What does %df represent when formatting a string? ()-> {}在Java中代表什么? - What does ()->{} represent in java? “ T”在此代码中代表什么? - What does “T” represent in this code? 系统时间代表什么? - What does the system time represent? “\ 1”在此Java字符串中表示什么? - What does “\1” represent in this Java string? 31 在这个方法中代表什么? - What does the 31 represent in this method? $%,。2f代表什么? - What does $%,.2f represent? GraphicsConfiguration在Java中代表什么? - What does a GraphicsConfiguration represent in Java? 豆如何正确使用?它们代表什么? - How are beans correctly used and what do they represent? 如何在Guava中表示SQL表和SELECT查询? - How to represent SQL Table and SELECT Query in Guava?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM