stackoom
  简体   繁体   中英

I'm facing an issue when I'm adding java to sql

 原文  2020-10-19 15:31:33       java/ sql

Question

Well, I want to update an SQL query with a chunk of java code but it doesn't work. I don't know if I'm using the right way to do it.

Here my code :

String GICA_petrom_filter = "";

if (context.yoda_core_country.equals("ROU")) {
  GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}

Can I use a prepared statement ? not sure if it's efficient...

1 answers

solution1
 0 ACCPTED  2020-10-19 15:55:51

First of all you should not concatenate strings like this in SQL, it is a really bad habit, this should help you https://www.baeldung.com/sql-injection

Try to use query builders, or the methods described if the article linked above

And then you're missing a space after the

AND NASSAS NOT IN (SELECT MAG FROM'"

change it to :

AND NASSAS NOT IN (SELECT MAG FROM '"

But as I said, you should not concatenate to build queries like this ;) Also try posting the errors you get in the log, when you ask a question, it helps a lot to solve your issues !

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question I'm facing an issue with control structures Though I have Java enabled in the server, I'm facing java path issue I'm facing “Java heap space error” ,when I'm trying to give entire folder as input to Mapreduce Program I'm facing an issue with payment gateway using the razorpay APIs When i am Trying to install JAVA 7 in Ubuntu 18.04 m facing some problem I'm facing a problem with selecting in jtable Array errors I'm facing using Scanner I'm facing an error with jcalender code in netbeans Formating a string in Java when I'm not printing it I'm having issue when i run my java application on a Sco OpenServer Release 5.0.6
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM