Java数据库插入失败
我的程序应该从xml文件中获取数据并将它们放入数据库中 我使用phpmyadminmysql数据库Java数据库插入失败,java,mysql,database,jdbc,Java,Mysql,Database,Jdbc,我的程序应该从xml文件中获取数据并将它们放入数据库中 我使用phpmyadminmysql数据库 package jSpyDroidEclipse; import java.awt.BorderLayout; import java.awt.EventQueue; import javax.swing.JFrame; import javax.swing.JOptionPane; import javax.swing.JPanel; import javax.swing.border.Em
package jSpyDroidEclipse;
import java.awt.BorderLayout;
import java.awt.EventQueue;
import javax.swing.JFrame;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.border.EmptyBorder;
import javax.swing.JButton;
import javax.swing.JFileChooser;
import java.awt.event.ActionListener;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.spi.CurrencyNameProvider;
import java.awt.event.ActionEvent;
public class DBInput extends JFrame {
private JPanel contentPane;
private File xmlFile;
/**
* Launch the application.
*/
public String strStr(String haystack, String needle) {
if(haystack==null || needle==null) return null;
int hLength=haystack.length();
int nLength=needle.length();
if(hLength<nLength) return null;
if(nLength==0) return haystack;
for(int i=0; i<=hLength-nLength; i++)
{
if(haystack.charAt(i)==needle.charAt(0))
{
int j=0;
for(; j<nLength; j++)
{
if(haystack.charAt(i+j)!=needle.charAt(j))
{
break;
}
}
if(j==nLength) return haystack.substring(i) ;
}
}
return null;
}
public static void main(String[] args) {
EventQueue.invokeLater(new Runnable() {
public void run() {
try {
DBInput frame = new DBInput();
frame.setVisible(true);
} catch (Exception e) {
e.printStackTrace();
}
}
});
}
/**
* Create the frame.
*/
public DBInput() {
setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
setBounds(100, 100, 450, 300);
contentPane = new JPanel();
contentPane.setBorder(new EmptyBorder(5, 5, 5, 5));
setContentPane(contentPane);
contentPane.setLayout(null);
JButton b_browse = new JButton("Browse");
b_browse.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent arg0) {
JFileChooser fileChooser = new JFileChooser();
fileChooser.setCurrentDirectory(new java.io.File("user.home"));
fileChooser.setDialogTitle("Select the XML file");
fileChooser.setFileSelectionMode(JFileChooser.FILES_AND_DIRECTORIES);
if (fileChooser.showOpenDialog(b_browse) == JFileChooser.APPROVE_OPTION) {
xmlFile = fileChooser.getSelectedFile();
BufferedReader bufferedReader = null;
try {
bufferedReader = new BufferedReader(new FileReader(xmlFile));
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String currentLine = null;
try {
currentLine = bufferedReader.readLine();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
StringBuilder xmlCode = new StringBuilder();
xmlCode.append(currentLine);
if((currentLine!=null) && !currentLine.equals(""))
{
try {
while((currentLine = bufferedReader.readLine())!=null)
{
xmlCode.append(currentLine);
}
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
String sXMLCode = xmlCode.toString();
DBConnect connect = new DBConnect();
while(sXMLCode!=null)
{
String adv_name = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_ADV_NAME);
String category = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_CATEGORY);
String curency = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_CURENCY);
String free_shiping = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_FREE_SHIPPING);
String gift = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_GIFT_INCLUDED);
String manufacturer = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_MANUFACTURER);
String price_no_vat = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRICE_NO_VAT);
String price_vat = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRICE_VAT);
String PRODUCT_AFF_LINK = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_AFF_LINK);
String PRODUCT_CODE = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_CODE);
String PRODUCT_DESC = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_DESC);
String PRODUCT_NAME = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_NAME);
String PRODUCT_PIC = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_PIC);
String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, gift_included, product_name, product_desc, product_aff_link, product_pic, price_no_vat, price_vat, free_shipping) VALUES("+
PRODUCT_CODE + "," + adv_name + "," + category + "," + manufacturer + "," + gift + "," + PRODUCT_NAME + "," + PRODUCT_DESC + "," + PRODUCT_AFF_LINK + "," + PRODUCT_PIC + "," + price_no_vat + "," + price_vat + "," + free_shiping + ");";
connect.insertData(query);
//shifting to next product
String code = xmlCode.toString();
sXMLCode = strStr(sXMLCode.substring(1), XMLParser._TAG_PRODUCT);
//connect.disconnect();
//connect = null;
}
}
}
});
b_browse.setBounds(164, 103, 97, 25);
contentPane.add(b_browse);
}
}
package jSpyDroidEclipse;
import java.awt.BorderLayout;
import java.awt.EventQueue;
import javax.swing.JFrame;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.border.EmptyBorder;
import javax.swing.JButton;
import javax.swing.JFileChooser;
import java.awt.event.ActionListener;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.spi.CurrencyNameProvider;
import java.awt.event.ActionEvent;
public class DBInput extends JFrame {
private JPanel contentPane;
private File xmlFile;
/**
* Launch the application.
*/
public String strStr(String haystack, String needle) {
if(haystack==null || needle==null) return null;
int hLength=haystack.length();
int nLength=needle.length();
if(hLength<nLength) return null;
if(nLength==0) return haystack;
for(int i=0; i<=hLength-nLength; i++)
{
if(haystack.charAt(i)==needle.charAt(0))
{
int j=0;
for(; j<nLength; j++)
{
if(haystack.charAt(i+j)!=needle.charAt(j))
{
break;
}
}
if(j==nLength) return haystack.substring(i) ;
}
}
return null;
}
public static void main(String[] args) {
EventQueue.invokeLater(new Runnable() {
public void run() {
try {
DBInput frame = new DBInput();
frame.setVisible(true);
} catch (Exception e) {
e.printStackTrace();
}
}
});
}
/**
* Create the frame.
*/
public DBInput() {
setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
setBounds(100, 100, 450, 300);
contentPane = new JPanel();
contentPane.setBorder(new EmptyBorder(5, 5, 5, 5));
setContentPane(contentPane);
contentPane.setLayout(null);
JButton b_browse = new JButton("Browse");
b_browse.addActionListener(new ActionListener() {
public void actionPerformed(ActionEvent arg0) {
JFileChooser fileChooser = new JFileChooser();
fileChooser.setCurrentDirectory(new java.io.File("user.home"));
fileChooser.setDialogTitle("Select the XML file");
fileChooser.setFileSelectionMode(JFileChooser.FILES_AND_DIRECTORIES);
if (fileChooser.showOpenDialog(b_browse) == JFileChooser.APPROVE_OPTION) {
xmlFile = fileChooser.getSelectedFile();
BufferedReader bufferedReader = null;
try {
bufferedReader = new BufferedReader(new FileReader(xmlFile));
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
String currentLine = null;
try {
currentLine = bufferedReader.readLine();
} catch (IOException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
StringBuilder xmlCode = new StringBuilder();
xmlCode.append(currentLine);
if((currentLine!=null) && !currentLine.equals(""))
{
try {
while((currentLine = bufferedReader.readLine())!=null)
{
xmlCode.append(currentLine);
}
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
String sXMLCode = xmlCode.toString();
DBConnect connect = new DBConnect();
while(sXMLCode!=null)
{
String adv_name = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_ADV_NAME);
String category = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_CATEGORY);
String curency = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_CURENCY);
String free_shiping = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_FREE_SHIPPING);
String gift = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_GIFT_INCLUDED);
String manufacturer = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_MANUFACTURER);
String price_no_vat = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRICE_NO_VAT);
String price_vat = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRICE_VAT);
String PRODUCT_AFF_LINK = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_AFF_LINK);
String PRODUCT_CODE = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_CODE);
String PRODUCT_DESC = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_DESC);
String PRODUCT_NAME = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_NAME);
String PRODUCT_PIC = XMLParser.getItem(new String(sXMLCode), XMLParser._TAG_PRODUCT_PIC);
String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, gift_included, product_name, product_desc, product_aff_link, product_pic, price_no_vat, price_vat, free_shipping) VALUES("+
PRODUCT_CODE + "," + adv_name + "," + category + "," + manufacturer + "," + gift + "," + PRODUCT_NAME + "," + PRODUCT_DESC + "," + PRODUCT_AFF_LINK + "," + PRODUCT_PIC + "," + price_no_vat + "," + price_vat + "," + free_shiping + ");";
connect.insertData(query);
//shifting to next product
String code = xmlCode.toString();
sXMLCode = strStr(sXMLCode.substring(1), XMLParser._TAG_PRODUCT);
//connect.disconnect();
//connect = null;
}
}
}
});
b_browse.setBounds(164, 103, 97, 25);
contentPane.add(b_browse);
}
}
位于com.mysql.jdbc.SQLError.createSQLException(SQLError.java:964)
位于com.mysql.jdbc.SQLError.createSQLException(SQLError.java:897)
位于com.mysql.jdbc.SQLError.createSQLException(SQLError.java:886)
你似乎没有使用撇号。至少应该是这样的:-
String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, gift_included, product_name, product_desc, product_aff_link, product_pic, price_no_vat, price_vat, free_shipping)
VALUES('"+ PRODUCT_CODE + "','" + adv_name + "', [etc]
…虽然这会让您面临SQL注入攻击,所以我会使用参数。您似乎没有使用撇号。至少应该是这样的:-
String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, gift_included, product_name, product_desc, product_aff_link, product_pic, price_no_vat, price_vat, free_shipping)
VALUES('"+ PRODUCT_CODE + "','" + adv_name + "', [etc]
PrepapredStatementPRODUCT\u codeadv\u name“value”public void insertData(String query)String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, "
+ "gift_included, product_name, product_desc, product_aff_link, "
+ "product_pic, price_no_vat, price_vat, free_shipping) VALUES(?, ?, ?, ....)";
try (PreparedStatement pstm = getPreparedStatement(query)) {
pstm.setString(1, PRODUCT_CODE);
pstm.setString(2, adv_name);
pstm.setString(3, category);
...
pstm.execute();
closeStatement(pstm);
}
PrepapredStatementPRODUCT\u codeadv\u name“value”public void insertData(String query)String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, "
+ "gift_included, product_name, product_desc, product_aff_link, "
+ "product_pic, price_no_vat, price_vat, free_shipping) VALUES(?, ?, ?, ....)";
try (PreparedStatement pstm = getPreparedStatement(query)) {
pstm.setString(1, PRODUCT_CODE);
pstm.setString(2, adv_name);
pstm.setString(3, category);
...
pstm.execute();
closeStatement(pstm);
}
在下面的行中可以肯定:
String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, gift_included, product_name, product_desc, product_aff_link, product_pic, price_no_vat, price_vat, free_shipping) VALUES("+
PRODUCT_CODE + "," + adv_name + "," + category + "," + manufacturer + "," + gift + "," + PRODUCT_NAME + "," + PRODUCT_DESC + "," + PRODUCT_AFF_LINK + "," + PRODUCT_PIC + "," + price_no_vat + "," + price_vat + "," + free_shiping + ");";
'"+PRODUCT_CODE+"',
您可以感觉到这(字符串连接)是一种非常简单的查询方式。您需要使用。这也将避免。请在下面的一行中确认:
String query = "INSERT INTO PRODUCTS(product_code, adv_name, category, manufacturer, gift_included, product_name, product_desc, product_aff_link, product_pic, price_no_vat, price_vat, free_shipping) VALUES("+
PRODUCT_CODE + "," + adv_name + "," + category + "," + manufacturer + "," + gift + "," + PRODUCT_NAME + "," + PRODUCT_DESC + "," + PRODUCT_AFF_LINK + "," + PRODUCT_PIC + "," + price_no_vat + "," + price_vat + "," + free_shiping + ");";
'"+PRODUCT_CODE+"',
您可以感觉到这一点(字符串连接)是一种不可编辑的查询方式。您需要使用。这也将避免。您是否尝试调试应用程序?检查您的查询,看看参数的数量是否匹配。检查是否没有任何参数获得
nullnull