JavaFX文本字段到MySQL插入：SQL语法错误_Java_Mysql_Sql_Javafx

JavaFX文本字段到MySQL插入：SQL语法错误

java mysql sql javafx

JavaFX文本字段到MySQL插入：SQL语法错误,java,mysql,sql,javafx,Java,Mysql,Sql,Javafx,我有一个MySQL表，如下所示：我在表单中创建了一些文本字段，并将输入保存为字符串： String name = shopname.getText(); String address = streetaddress.getText(); String city = cityname.getText(); String state = statename.getText(); String country = countryname.getText();

我有一个MySQL表，如下所示：

我在表单中创建了一些文本字段，并将输入保存为字符串：

    String name = shopname.getText();
    String address = streetaddress.getText();
    String city = cityname.getText();
    String state = statename.getText();
    String country = countryname.getText();
    String zip = zipcode.getText();
    String phonept1 = phonecountryid.getText();
    String phonept2 = phoneareaid.getText();
    String phonept3 = phoneothernumber.getText();
    String phonefull = phonept2 + " " + "(" + phonept1 + ")" + " " + phonept3;

然后我制作了一个INSERT方法，该方法可以很好地处理旧的SQLite数据库：

            conn = DBConnect.Connector();
            stmt = conn.createStatement();
            stmt.executeUpdate("INSERT INTO shopList (name,address,city,state,country,zipcode,phonefull) VALUES(" +name+ "," + address + "," + city + "," + state + "," + country + "," + zip + "," + phonefull + ")");
            conn.close();

但现在它说：

严重：空 com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException：您的SQL语法有错误；检查与MySQL服务器版本对应的手册，以了解第1行中使用的接近“（22）22222）”的正确语法

有人看到语法错误吗

ps.（22）22222是经过测试的phonefull输入

conn = DBConnect.Connector();
stmt = conn.createStatement();
stmt.executeUpdate("INSERT INTO shopList (name,address,city,state,country,zipcode,phonefull) VALUES('" +name+ "','" + address + "','" + city + "','" + state + "','" + country + "','" + zip + "','" + phonefull + "')");
conn.close();

试试这个（我用单引号把字符串值括起来）

编辑：

通过直接传递字符串值，您很容易受到SQL注入的影响。如果可能，您希望使用

PreparedStatement

对象和

setString

方法

值（…）