堆栈内存溢出
  简体   繁体   English

Java和MySQL插入语句

[英]Java and MySQL insert statement

 原文  2012-10-30 20:31:24       java/ mysql/ jdbc/ insert

问题描述

I am just starting with JBDC. 我刚刚开始使用JBDC。 I need to create an Java/MySQL insert statement which inserts null, strings, and strings parsed to int (as an input from user using Scanner). 我需要创建一个Java / MySQL插入语句,它插入解析为int的null,字符串和字符串(作为使用Scanner的用户输入)。 I tried many possibilities and nothing is working so far. 我尝试了很多可能性,到目前为止没有任何工作。 What would be the correct way of writing such an insert statement or maybe there is an other recommended way I should consider? 编写这样一个插入语句的正确方法是什么,或者我应该考虑另一种推荐的方法? Thanks for your help! 谢谢你的帮助! 

import java.util.ArrayList;
import java.util.Scanner;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class AddBook {

    static Scanner keyboard = new Scanner(System.in);

    static InvMenu invmenu = new InvMenu();
    static MainMenu mainmenu = new MainMenu();

    static boolean b = true;
    static int x;
    static double y;
    static double z;
    static String choice;
    static char letter;

    public static void addBook(){

        Connection conn = null;
        Statement stmt = null;
        ResultSet rs = null;


        System.out.println("+----------------+");
        System.out.println("| Add a Book     |");
        System.out.println("+----------------+\n");

        System.out.print("\nEnter ISBN number: "); 
        String isbn = keyboard.next();

        System.out.print("Enter Book Title: "); 
        String title = keyboard.next();

        System.out.print("Enter Author's name: "); 
        String author = keyboard.next();

        System.out.print("Enter Publisher's name: "); 
        String publisher = keyboard.next();

        System.out.print("Enter The Date the Book is Added to the Inventory (MM/DD/YYYY): "); 
        String dateAdded = keyboard.next();

        do{

            b = true;
            System.out.print("Enter The Quantity of Book Being Added: ");
            String qtyOnHand = keyboard.next();

            try {

                x = Integer.parseInt(qtyOnHand);

            }

            catch(NumberFormatException nFE) {

                b = false;
                System.out.println();
                System.out.println("--------------------------------------------------------");
                System.out.println(" !!!   You did not enter a valid value. Try again   !!!");
                System.out.println("--------------------------------------------------------");
                System.out.println();

            }

        }while(b == false);

        do{

            b = true;
            System.out.print("Enter The Wholesale Cost of the Book: ");
            String wholesale = keyboard.next();

            try {

                y = Double.parseDouble(wholesale);

            }

            catch(NumberFormatException nFE) {

                b = false;
                System.out.println("--------------------------------");
                System.out.println(" !   Wrong Value. Try again   !");
                System.out.println("--------------------------------\n");

            }

        }while(b == false);

        do{

            b = true;
            System.out.print("Enter The Retail Price of the Book: ");
            String retail = keyboard.next();

            try {

                z = Double.parseDouble(retail);

            }

            catch(NumberFormatException nFE) {

                b = false;
                System.out.println("--------------------------------");
                System.out.println(" !   Wrong Value. Try again   !");
                System.out.println("--------------------------------\n");

            }

        }while(b == false);

        System.out.println("-------------------------------------------");
        System.out.println("ISBN number: " + isbn);
        System.out.println("Book Title: " + title);
        System.out.println("Author's name: " + author);
        System.out.println("Publisher's name: " + publisher);
        System.out.println("The Date the Book is Added to the Inventory (MM/DD/YYYY): " + dateAdded);
        System.out.println("The Quantity of Book Being Added: " + x);
        System.out.printf("The Wholesale Cost of the Book: $ %6.2f\n", y);
        System.out.printf("The Retail Price of the Book: $ %6.2f\n", z);
        System.out.println("-------------------------------------------\n");

        try {

            Class.forName("com.mysql.jdbc.Driver").newInstance();

            String connectionUrl = "jdbc:mysql://localhost:3306/serendipity";
            String connectionUser = "root";
            String connectionPassword = "password";
            conn = DriverManager.getConnection(connectionUrl, connectionUser, connectionPassword);
            stmt = conn.createStatement();

            stmt.executeUpdate("INSERT INTO books(book_id, isbn, title, author, publisher, dateAdded, qtyOnHand, wholesale, retail) VALUES ('"+null+ "','"  +isbn+ " ','" +title+ " ',' "  +author+ " ',' " +publisher+ " ',' " +dateAdded+ " ',' " +x+ " ',' " +y+ " ',' " +z+" ')");


        } 

        catch (Exception e) {

            e.printStackTrace();

        } 

        finally {

            try { 

                if (rs != null) rs.close(); 

            } 

            catch (SQLException e) { 

                e.printStackTrace(); 

            }

            try { 

                if (stmt != null) stmt.close(); 

            } 

            catch (SQLException e) { 

                e.printStackTrace(); 

            }

            try { 

                if (conn != null) conn.close(); 

            } catch (SQLException e) { 

                e.printStackTrace(); 

            }

                System.out.println("+------------------------------------+");
                System.out.println("| The Book is Added to the Inventory |");
                System.out.println("+------------------------------------+\n"); 

        }

    }

}

2 个解决方案

解决方案1
 2 已采纳  2012-10-30 20:32:36

You may need to consider using PreparedStatement and use setNull() to insert null. 您可能需要考虑使用PreparedStatement并使用setNull()插入null。

Raw SQL statements are prone to SQL injection attacks. 原始SQL语句容易受到SQL注入攻击。

See this example to learn more about to how to use setNull 请参阅此示例以了解有关如何使用setNull的更多信息

解决方案2
 1  2012-10-30 20:42:01

Are you ensure the connection is work? 你确定连接有效吗? Then, you may consider to use preQueryStatement 然后,您可以考虑使用preQueryStatement

Here is an small example: 这是一个小例子: 

    cnnct = getConnection();
    String preQueryStatement = "INSERT  INTO  CUSTOMER  VALUES  (?,?,?,?)";
    pStmnt = cnnct.prepareStatement(preQueryStatement);
    pStmnt.setString(1, CustId);
    pStmnt.setString(2, Name);
    pStmnt.setString(3, Tel);
    pStmnt.setInt(4, Age);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 适用于mysql的Java插入子查询sql语句 - Java Insert subquery sql statement for mysql 在mysql insert语句中使用Java变量作为值 - Using java variables as values in mysql insert statement 使用准备好的语句插入java mysql数据库 - java mysql database insert using prepared statement 从Java servlet插入到mysql,insert语句不起作用 - insert from java servlet to mysql, insert statement not working 如何使用Java和MySQL在一个语句中插入两个不同的表? - How to insert into two different tables in one statement with Java and MySQL? 我的插入语句怎么了? MySQL的Java - what's wrong with my insert statement? mysql java 如何从插入语句Mysql Java Eclipselink返回主键 - How to return Primary Key from Insert statement Mysql Java Eclipselink 使用java中的Prepared Statement将用户IP地址插入MySql表 - Insert user IP Address into MySql table using Prepared Statement in java Java / MySQL中的if / else语句 - if/else statement in Java/MySQL Mysql Java语句错误 - Mysql Java Statement Error
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM