JAVA中的MySQLSyntaxErrorException
有人请帮助我。我正在做的事情是正确的,但我得到了一个错误。这是一个JAVA应用程序链接到MYSQL wamp服务器 错误: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以了解第1行“Chege”附近使用的正确语法 我的代码:JAVA中的MySQLSyntaxErrorException,java,mysql,Java,Mysql,有人请帮助我。我正在做的事情是正确的,但我得到了一个错误。这是一个JAVA应用程序链接到MYSQL wamp服务器 错误: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:您的SQL语法有错误;检查与MySQL服务器版本对应的手册,以了解第1行“Chege”附近使用的正确语法 我的代码: public class MyQuery { public Connection getConnection() {
public class MyQuery {
public Connection getConnection() {
Connection con = null;
try {
con = DriverManager.getConnection("jdbc:mysql://"
+ "localhost:3306/employee_certificate", "root", "");
} catch (SQLException ex) {
Logger.getLogger(Query.class.getName())
.log(Level.SEVERE, null, ex);
}
return con;
}
public ArrayList<Item> getData(String EmpName) {
ArrayList<Item> list = new ArrayList<Item>();
Connection con = getConnection();
Statement st;
ResultSet rs;
try {
st = con.createStatement();
rs = st.executeQuery("SELECT Emp_Id, Emp_Name, Department "
+ "FROM staff WHERE Emp_Name = " + EmpName + " ");
Item I;
while (rs.next()) {
I = new Item(
rs.getString("Emp_Id"),
rs.getString("Emp_Name"),
rs.getString("Department"));
list.add(I);
}
} catch (SQLException ex) {
Logger.getLogger(Query.class.getName()).log(Level.SEVERE, null, ex);
}
return list;
}
}
公共类MyQuery{
公共连接getConnection(){
连接con=null;
试一试{
con=DriverManager.getConnection(“jdbc:mysql://”
+“localhost:3306/employee_certificate”、“根目录”、“根目录”);
}catch(SQLException-ex){
Logger.getLogger(Query.class.getName())
.log(Level.SEVERE,null,ex);
}
返回con;
}
公共ArrayList getData(字符串名称){
ArrayList=新建ArrayList();
Connection con=getConnection();
报表st;
结果集rs;
试一试{
st=con.createStatement();
rs=st.executeQuery(“选择Emp\U Id、Emp\U名称、部门”
+“来自员工,其中Emp_Name=“+EmpName+”);
项目一;
while(rs.next()){
I=新项目(
rs.getString(“Emp_Id”),
rs.getString(“Emp_名称”),
rs.getString(“部门”);
列表.添加(I);
}
}catch(SQLException-ex){
Logger.getLogger(Query.class.getName()).log(Level.SEVERE,null,ex);
}
退货清单;
}
}
您的查询字符串不正确。应类似于以下内容:
rs=st.executeQuery("SELECT Emp_Id, Emp_Name, Department "
+ "FROM staff WHERE Emp_Name = '"+EmpName+"'");
但我建议使用PreparedStatement对象将SQL语句发送到数据库
String query = "SELECT Emp_Id, Emp_Name, Department FROM staff WHERE Emp_Name = ?";
PreparedStatement preStatement = conn.prepareStatement(query);
preStatement.setString(1, EmpName);
ResultSet result = preStatement.executeQuery();
这种方法更安全、更方便。您的查询字符串不正确。应类似于以下内容:
rs=st.executeQuery("SELECT Emp_Id, Emp_Name, Department "
+ "FROM staff WHERE Emp_Name = '"+EmpName+"'");
但我建议使用PreparedStatement对象将SQL语句发送到数据库
String query = "SELECT Emp_Id, Emp_Name, Department FROM staff WHERE Emp_Name = ?";
PreparedStatement preStatement = conn.prepareStatement(query);
preStatement.setString(1, EmpName);
ResultSet result = preStatement.executeQuery();
这种方法更安全、更方便。您的查询中有一个小问题:
try {
st = con.createStatement();
//Add quotes 'YourString'
rs = st.executeQuery("SELECT Emp_Id, Emp_Name, Department "
+ "FROM staff WHERE Emp_Name = '" + EmpName + "' ");
Item I;
while (rs.next()) {
I = new Item(rs.getString("Emp_Id"), rs.getString("Emp_Name"), rs.getString("Department"));
list.add(I);
}
} catch (SQLException ex) {
Logger.getLogger(Query.class.getName()).log(Level.SEVERE, null, ex);
}
对于安全查询,请使用准备好的语句:
try {
PreparedStatement ps = connection.prepareStatement("SELECT Emp_Id, Emp_Name, Department FROM staff WHERE Emp_Name = ?");
ps.setString(1, EmpName);
rs = ps.executeUpdate();
Item I;
while (rs.next()) {
I = new Item(rs.getString("Emp_Id"), rs.getString("Emp_Name"), rs.getString("Department"));
list.add(I);
}
} catch (SQLException ex) {
Logger.getLogger(Query.class.getName()).log(Level.SEVERE, null, ex);
}
您的查询中有一个小问题:
try {
st = con.createStatement();
//Add quotes 'YourString'
rs = st.executeQuery("SELECT Emp_Id, Emp_Name, Department "
+ "FROM staff WHERE Emp_Name = '" + EmpName + "' ");
Item I;
while (rs.next()) {
I = new Item(rs.getString("Emp_Id"), rs.getString("Emp_Name"), rs.getString("Department"));
list.add(I);
}
} catch (SQLException ex) {
Logger.getLogger(Query.class.getName()).log(Level.SEVERE, null, ex);
}
对于安全查询,请使用准备好的语句:
try {
PreparedStatement ps = connection.prepareStatement("SELECT Emp_Id, Emp_Name, Department FROM staff WHERE Emp_Name = ?");
ps.setString(1, EmpName);
rs = ps.executeUpdate();
Item I;
while (rs.next()) {
I = new Item(rs.getString("Emp_Id"), rs.getString("Emp_Name"), rs.getString("Department"));
list.add(I);
}
} catch (SQLException ex) {
Logger.getLogger(Query.class.getName()).log(Level.SEVERE, null, ex);
}
将EmpName的值放在引号中,或者更好地使用Prepared Statementsquotes不起作用
其中Emp_Name='“+EmpName+””
注意引号。非常感谢@juergen d。它起作用了!将EmpName的值放在引号中,或者更好地使用Prepared Statementsquotes不起作用其中Emp_Name='“+EmpName+”“
注意引用。非常感谢@juergen d。它起作用了!