![](/img/trans.png)
[英]How do I insert data into a SET column for a mysql database with jdbc?
[英]I am stuck I cannot insert data into MySQL database from JDBC
我想做一個簡單的注冊表格,但是我不能繼續前進,我已經嘗試了一切,但仍然無法正常工作,這是我的代碼:
protected void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws javax.servlet.ServletException, IOException
{
StringBuilder builder= new StringBuilder();
Reader reader=request.getReader();
int c;
while ((c=reader.read())!=-1)
{
builder.append((char) c);
}
String signup=builder.toString();
try {
JSONObject object= new JSONObject(signup);
String name=object.getString("username");
String email=object.getString("email");
String pass=object.getString("pass");
String sql="INSERT INTO user_f VALUES("+email+","+name+","+pass+")"+";";
statement.executeUpdate(sql);
//ResultSet set= statement.executeQuery("SELECT ")
} catch (JSONException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
我的錯誤堆棧我對代碼進行了很多次編輯,因此我對收到的錯誤感到沮喪:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@gmail.com,dsf,sdfsd)' at line 1
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.Util.getInstance(Util.java:387)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:939)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3878)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3814)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2478)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2625)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2547)
at com.mysql.jdbc.StatementImpl.executeUpdateInternal(StatementImpl.java:1541)
at com.mysql.jdbc.StatementImpl.executeLargeUpdate(StatementImpl.java:2605)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1469)
at com.herda.app.Servlet.doPost(Servlet.java:56)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
錯誤表明您的MySQL查詢沒有有效的語法。 您需要在字符串文字周圍加上引號。 嘗試這樣的事情:
String sql = "INSERT INTO user_f VALUES(\"" + email + "\", \"" + name + "\", \"" + pass + "\");";
但是,請注意,此代碼可用於SQL注入! 要解決此安全問題,可以使用准備好的語句。 這也為您解決了報價問題。
您應該測試您的sql查詢拳頭。 在MySql Workbench上執行
我認為應該
String sql="INSERT INTO user_f VALUES('"+email+"','"+name+"','"+pass+"')"+";";
問題是您缺少值周圍的引號,但是您永遠不要通過將值連接到查詢字符串中來構造這樣的查詢。 它將打開您的代碼以進行SQL注入(例如,當您插入用戶輸入時),這將帶來很大的安全風險。 相反,您應該使用帶參數占位符的預處理語句。 這將避免轉義值,因此SQL注入不會成為問題。
由於某些語句可以重復使用,因此在某些數據庫系統上的預處理語句還具有帶來更高性能的附加值。
舉個例子:
try (PreparedStatement pstmt = connection.prepareStatement(
"INSERT INTO user_f(email,name,pass) VALUES(?,?,?)")) {
pstmt.setString(1, email);
pstmt.setString(2, name);
pstmt.setString(3, pass);
pstmt.executeUpdate();
}
在此答案中,我還明確列出了您要插入的列,這使您的代碼更具將來的可靠性(例如,當您添加或刪除列時)。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.