[英]Java mysql syntax error
I get syntax error to mysql insert
statement. 我收到mysql insert
语句的语法错误。 May I know how to correct this error ? 我可以知道如何纠正此错误吗?
user=txtuser.getText();
char[] pass=jPasswordField1.getPassword();
String passString=new String(pass);
try{
Connection con = createConnection();
Statement st = con.createStatement();
**String sql = "INSERT INTO login(username,Password)"+"VALUES"+"('"user"','"passString"')";**
st.executeUpdate(sql);
}
catch(Exception e){
JOptionPane.showMessageDialog(null,"Exception: "+ e.toString());
}
You're missing a few +
operators: 您缺少一些+
运算符:
String sql = "INSERT INTO login(username,Password) VALUES ('" + user + "','" + passString + "')";
Consider using PreparedStatement
placeholders to set these parameters. 考虑使用PreparedStatement
占位符设置这些参数。 This will protect you from SQL injection attacks also. 这也将保护您免受SQL注入攻击。 Here is an example 这是一个例子
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.