Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/61.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java 插入到sql未知字段中_Java_Mysql_Sql_Insert Into - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java 插入到sql未知字段中

Java 插入到sql未知字段中

java mysql sql

Java 插入到sql未知字段中,java,mysql,sql,insert-into,Java,Mysql,Sql,Insert Into,我将java与eclipse和mysql一起用于数据库。我有一个类用于连接数据库并将变量写入数据库。下面是该类: package model; import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; import java.sql.Statement; public class AddChannelDb { public void AddToDb(String c

我将java与eclipse和mysql一起用于数据库。我有一个类用于连接数据库并将变量写入数据库。下面是该类:

package model;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;

public class AddChannelDb {
    public void AddToDb(String channelName, int channelNo)
        throws ClassNotFoundException, SQLException {

    String myDriver = "com.mysql.jdbc.Driver";
    String db = "jdbc:mysql://localhost/digiturkschema";
    Class.forName(myDriver);
    Connection conn = DriverManager.getConnection(db, "root",
            "****");
    Statement st = conn.createStatement();
    st.executeUpdate("INSERT INTO channelstable(channelNo,channelName) VALUES ("+ channelNo + "," + channelName + ")");
}
}
这两个变量(channelName和channelNo)由用户在我的view类中输入,来自文本字段的get方法。我获取这些变量时没有问题,我控制了它,但不知何故我无法写入数据库。例如,当我为channelName输入“showTv”和为channelNo输入“21”时,我会出现如下错误:

com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Unknown column 'showTv' in 'field list'
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.Util.getInstance(Util.java:386)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1053)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4120)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4052)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2503)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2664)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2788)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1816)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1730)
at model.AddChannelDb.AddToDb(AddChannelDb.java:18)
at controller.DigiTurkController$addChannelBtnListener.actionPerformed(DigiTurkController.java:47)
at javax.swing.AbstractButton.fireActionPerformed(Unknown Source)
at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source)
at javax.swing.DefaultButtonModel.setPressed(Unknown Source)
at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source)
at java.awt.Component.processMouseEvent(Unknown Source)
at javax.swing.JComponent.processMouseEvent(Unknown Source)
at java.awt.Component.processEvent(Unknown Source)
at java.awt.Container.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Window.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEventImpl(Unknown Source)
at java.awt.EventQueue.access$400(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.awt.EventQueue$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.awt.EventQueue$4.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)
我很努力地在网上搜索,但什么也找不到。这看起来是个简单的问题,但我无法解决。感谢您的时间和帮助。(顺便说一句,我确信表名和变量名是正确的。)

更改此项:

 st.executeUpdate("INSERT INTO channelstable(channelNo,channelName) VALUES ("+ channelNo + "," + channelName + ")");
致:

基本上,在要插入的值周围缺少引号

旁注:我建议您在不必注意引号的地方使用,您的SQL将是安全的,不会像现在的SQL注入形式那样容易受到SQL注入的攻击。

更改此项:

 st.executeUpdate("INSERT INTO channelstable(channelNo,channelName) VALUES ("+ channelNo + "," + channelName + ")");
致:

基本上,在要插入的值周围缺少引号

旁注:我建议您在不必注意引号的地方使用,您的SQL将是安全的,不会像现在的SQL注入形式那样容易受到SQL注入的攻击。

更改此项:

 st.executeUpdate("INSERT INTO channelstable(channelNo,channelName) VALUES ("+ channelNo + "," + channelName + ")");
致:

基本上,在要插入的值周围缺少引号

旁注:我建议您在不必注意引号的地方使用,您的SQL将是安全的,不会像现在的SQL注入形式那样容易受到SQL注入的攻击。

更改此项:

 st.executeUpdate("INSERT INTO channelstable(channelNo,channelName) VALUES ("+ channelNo + "," + channelName + ")");
致:

基本上,在要插入的值周围缺少引号

旁注:我建议您在不必注意引号的地方使用,您的SQL将是安全的,不会像现在的SQL注入形式那样容易受到SQL注入的攻击。

您不应该使用
conn.createStatement()
,而应该使用
con.prepareStatement()
,它将保护您免受SQL注入的影响

您的代码如下所示:

String sql = "INSERT INTO channelstable(channelNo,channelName) VALUES ( ? , ? )";
Statement st = conn.prepareStatement(sql);

st.setInt(1, channelNo);    
st.setString(2, channelName);
st.executeUpdate(sql);
您不应该使用
conn.createStatement()
,而应该使用
con.prepareStatement()
,它将保护您免受SQLInjection的影响

您的代码如下所示:

String sql = "INSERT INTO channelstable(channelNo,channelName) VALUES ( ? , ? )";
Statement st = conn.prepareStatement(sql);

st.setInt(1, channelNo);    
st.setString(2, channelName);
st.executeUpdate(sql);
您不应该使用
conn.createStatement()
,而应该使用
con.prepareStatement()
,它将保护您免受SQLInjection的影响

您的代码如下所示:

String sql = "INSERT INTO channelstable(channelNo,channelName) VALUES ( ? , ? )";
Statement st = conn.prepareStatement(sql);

st.setInt(1, channelNo);    
st.setString(2, channelName);
st.executeUpdate(sql);
您不应该使用
conn.createStatement()
,而应该使用
con.prepareStatement()
,它将保护您免受SQLInjection的影响

您的代码如下所示:

String sql = "INSERT INTO channelstable(channelNo,channelName) VALUES ( ? , ? )";
Statement st = conn.prepareStatement(sql);

st.setInt(1, channelNo);    
st.setString(2, channelName);
st.executeUpdate(sql);
谢谢,它解决了问题,我现在正在寻找准备好的声明。好的建议,再次感谢Hanks,它解决了问题,我现在正在寻找准备好的声明。好的建议,再次感谢Hanks,它解决了问题,我现在正在寻找准备好的声明。好的建议,再次感谢Hanks,它解决了问题,我现在正在寻找preparedStatement。好的建议,再次感谢您的回复:您要么需要在所有客户端上安装本地数据库,要么在线托管数据库(mysql托管等)。其他选项是使用应用程序中捆绑的嵌入式数据库,如SQLite、Apache Derby等。作为响应:您需要在所有客户端上安装本地数据库或在线托管数据库(mysql托管等)。其他选项是使用应用程序中捆绑的嵌入式数据库,如SQLite、Apache Derby等。作为响应:您需要在所有客户端上安装本地数据库或在线托管数据库(mysql托管等)。其他选项是使用应用程序中捆绑的嵌入式数据库,如SQLite、Apache Derby等。作为响应:您需要在所有客户端上安装本地数据库或在线托管数据库(mysql托管等)。其他选择是使用应用程序中捆绑的嵌入式数据库,如SQLite、ApacheDerby等。