使用JDBC的SQL语法错误

Question

我不知道这部分的错误是什么，请帮忙

这是我的代码

public void addEmploye(Employe employe, Service service) throws SQLException{
    int id_service = getServiceId(service);
    if(nbrPersonnes(employe.getCin())!=0)
        System.out.println("Employe deja existant verifier le cin");
    else{
     String SQL = "insert into Employe(post) "
            + "values ("
            + "'"+employe.getPost()+"')"

            + "insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_employe,id_service)"
            + "values('"+employe.getCin()+"',"
            + "'"+employe.getNom()+"',"
            + "'"+employe.getPrenom()+"',"
            + "'"+employe.getAdresse()+"',"
            + "'"+employe.getTel()+"',"
            + "'"+employe.getEmail()+"',"
            + "'"+employe.getPassword()+"',"
            + "0,"
            + " SELECT LAST_INSERT_ID() FROM `Personne`,"
            +id_service+")";
     if(id_service!=0)
         try {
             stmt = con.createStatement();  
             rs = stmt.executeUpdate(SQL);
        } catch (SQLException e) {
            System.out.println("addEmploye "+e.toString());
        }
    }
}

这是错误

    addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1

我的teamparnter为MSSQL编写了此代码，但我现在想在Mysql SGBD下使用它，我发现此问题有任何建议

Answer 1

您必须在该长SQL语句中的某处出现错误，或者要传递的参数之一包含使该语句混乱的内容。

对于SQL插入，永远不要使用这种方法。 使用准备好的语句： 准备好的语句

准备好的语句使代码更简洁，并防止SQL注入之类的事情。 实现这一点，您应该能够修复您的插入语句

Answer 2

SQL语句只能包含ONE语句，您的代码正在尝试执行insert into Employe(post) values (...)insert into Personne(... 。

这必须分为两个SQL命令，分别执行： insert into Employe(post) values (...)和insert into Personne(... insert into Employe(post) values (...) ，您可以使用相同的Statement实例，但是executeUpdate必须调用两次。

并且指示使用Jamal H建议的PreparedStatement。