参数索引超出范围(1>参数数量,即0)
[英]Parameter index out of range (1 > number of parameters, which is 0)
问题描述
I get this error, Can anyone help me in finding my mistake in the query? 
我收到此错误,有人可以帮助我在查询中找到我的错误吗?
public boolean populateLeagues(String leaguename, String password){
Connect connect = new Connect();
Connection conn = connect.Connection();
Statement stmt = conn.createStatement();
String query = "INSERT INTO users VALUES('" + leaguename + "')";
stmt.executeUpdate(query);
conn.close();
}
2 个解决方案
解决方案1
0 已采纳 2012-07-23 20:25:00
AS @Jon Skeet says, use a prepared statement and inject parameters into. AS @Jon Skeet说,使用准备好的语句并将参数注入。 In this way you don't have to figure out all hassles about sql injection and data format(think about using a query like the one you provide to store datetime globally). 这样,您不必找出有关sql注入和数据格式的所有麻烦(想想像使用您提供的查询一样在全局存储日期时间的查询)。 Probably leaguename value is null . leaguename值可能为null 。 Remember that default value for string type isn't the empty strin but null 请记住,字符串类型的默认值不是空字符串,而是null
解决方案2
-1 2012-07-23 19:36:19
您在leaguename周围使用单引号,因为我们不知道leaguename的格式,这可能会导致错误
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.