Fatal编程技术网
  • java/
  • Java 我怎样做一个事先准备好的陈述?

Java 我怎样做一个事先准备好的陈述?

java jdbc

Java 我怎样做一个事先准备好的陈述?,java,jdbc,prepared-statement,Java,Jdbc,Prepared Statement,我怎样才能对这一点做出事先准备好的陈述 Statement stmt = con.createStatement(); long lastid = getLastId(stmt); // create a SQL query String strQuery = "INSERT INTO studenten " + " (id, naam, adres, postcode, plaats, geboren) " + " VALUES (" + (

我怎样才能对这一点做出事先准备好的陈述

    Statement stmt = con.createStatement();

    long lastid = getLastId(stmt);

    // create a SQL query
    String strQuery = "INSERT INTO studenten " +
    " (id, naam, adres, postcode, plaats, geboren) " +
    " VALUES (" + (lastid+1) + "," +
        "'" + contact.getNaam() + "'," +
        "'" + contact.getAdres() + "'," +
        "'" + contact.getPostcode() + "'," +
        "'" + contact.getPlaats() + "'," +
      "{d '" + contact.getGeboren() + "'}" +
    ") ";

    stmt.executeUpdate(strQuery);      
    stmt.close();
    con.close();
您需要将值替换为问号
作为占位符

String sql = "INSERT INTO studenten (id, naam, adres, postcode, plaats, geboren)"
     + " VALUES (?, ?, ?, ?, ?, ?)";
Connection connection = null;
PreparedStatement statement = null;

try {
    connection = database.getConnection();
    statement = connection.prepareStatement(sql);
    statement.setLong(lastId + 1); // Why don't you use an generated sequence? This is plain ugly and errorprone.
    statement.setString(contact.getNaam());
    statement.setString(contact.getAdres());
    statement.setString(contact.getPostcode());
    statement.setString(contact.getPlaats());
    statement.setDate(new java.sql.Date(contact.getGeboren().getTime())); // Assuming it returns java.util.Date
    statement.executeUpdate();
} finally {
    // Always close in finally to prevent resource leaks.
    if (statement != null) try { statement.close(); } catch (SQLException ignore) {}
    if (connection != null) try { connection.close(); } catch (SQLException ignore) {}
}
另见:
    • 这里有一个更好的方法:

      String sql = "INSERT INTO studenten (id, naam, adres, postcode, plaats, geboren)"
     + " VALUES (?, ?, ?, ?, ?, ?)"

try {
    connection = database.getConnection();
    statement = connection.prepareStatement(sql);
    statement.setLong(1,your_id_value);
    statement.setString(2,contact.getNaam());
    statement.setString(3,contact.getAdres());
    statement.setString(5,contact.getPlaats());  // order doesn't matter now you can give the index of the parameter
    statement.setString(4,contact.getPostcode());
    statement.setDate(6,getGeboren());
    statement.executeUpdate();

    // or System.out.println(statement.executeUpated())  to see how many row are effected by this query
    statement.close();
} catch(java.sql.Exception sql_exception ){
    //you can see what goes wrong here with your statement 
    e.printStackTrace();
}
      您使用的是什么数据库系统?谢谢!lastID只是我需要编辑的源代码的一部分,我不知道他们为什么使用它