Java + JDBC：預處理語句失敗

Question

我正在嘗試做一個准備好的語句，而驅動程序正在按假定的方式工作，但唯一的問題是我的查詢不再有效。

我正在嘗試編寫此查詢：

SELECT ip_address
FROM log_activity
WHERE created_at
  BETWEEN "2017-01-01 00:00:00"
  AND DATE_ADD("2017-01-01 00:00:00", INTERVAL 1 HOUR)
GROUP BY ip_address
HAVING COUNT(*) > 200;

但是在為准備好的語句插入參數后，結果如下：

SELECT ip_address
FROM log_activity
WHERE created_at
  BETWEEN '\'2017-01-01 00:00:00\''
  AND DATE_ADD('\'2017-01-01 00:00:00\'', INTERVAL 1 'hour')
GROUP BY ip_address
HAVING COUNT(*) > 200;

哪個不再是有效的SQL。 那么，如何從參數中刪除這些引號？或者什么是解決此問題的好方法？

...

String startDateArg = "'" + args[0].split("=", 2)[1].replace(".", " ") + "'";
String durationArg = args[1].split("=", 2)[1];
int thresholdArg = Integer.parseInt(args[2].split("=", 2)[1]);

String duration = durationArg.equals("hourly") ? "hour" : durationArg.equals("daily") ? "day" : null;

String getUsersOverAPILimitQuery = "" +
    "select ip_address " +
    "from log_activity " +
    "where created_at " +
    "  between ?" +
    "  and date_add(?, interval 1 ?) " +
    "group by ip_address " +
    "having count(*) > ?;";
PreparedStatement preparedStatement = con.prepareStatement(getUsersOverAPILimitQuery);
preparedStatement.setString(1, startDateArg);
preparedStatement.setString(2, startDateArg);
preparedStatement.setString(3, duration);
preparedStatement.setInt(4, thresholdArg);

System.out.println(preparedStatement);

ResultSet getUsersOverAPILimit = preparedStatement.executeQuery();

while (getUsersOverAPILimit.next()) {
    String ip_address = getUsersOverAPILimit.getString("ip_address");
    System.out.println(ip_address);
}

...

Answer 1

代替這個：

String startDateArg = "'" + args[0].split("=", 2)[1].replace(".", " ") + "'";

做這個：

String startDateArg = args[0].split("=", 2)[1].replace(".", " ");

無需添加單引號，preparedstatement即可為您完成。