Java 为什么我总是让SQL参数索引超出范围异常?
我研究了类似的问题,并遵循了编写插入数据库的查询的语法,但我一直遇到这个异常。我显然没有看到什么。它在“insertStatement.setInt(1,schoolID);”处停止运行。我了解到这意味着查询的语法不正确。请告诉我哪里出错了。我一点也看不见Java 为什么我总是让SQL参数索引超出范围异常?,java,mysql,jsp,servlets,web-applications,Java,Mysql,Jsp,Servlets,Web Applications,我研究了类似的问题,并遵循了编写插入数据库的查询的语法,但我一直遇到这个异常。我显然没有看到什么。它在“insertStatement.setInt(1,schoolID);”处停止运行。我了解到这意味着查询的语法不正确。请告诉我哪里出错了。我一点也看不见 package Servlets; import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.Dr
package Servlets;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;
import java.sql.Timestamp;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import jpa.entities.School;
/**
*
* @author Timothy
*/
@WebServlet(name = "SchoolFormServlet", urlPatterns = {"/SchoolFormServlet"})
public class SchoolFormServlet extends HttpServlet {
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException, ParseException {
response.setContentType("text/html;charset=UTF-8");
try (PrintWriter out = response.getWriter()) {
/* TODO output your page here. You may use following sample code. */
ServletContext sc = this.getServletContext();
sc.getAttribute("schoolForm");
Integer schoolId = Integer.parseInt(request.getParameter("schoolID"));
String schoolName = request.getParameter("schoolName");
Integer periods = Integer.parseInt(request.getParameter("periods"));
Integer repeatDays = Integer.parseInt(request.getParameter("repeatDays"));
String scheduleBlock = request.getParameter("scheduleBlock");
Integer semesters = Integer.parseInt(request.getParameter("semesters"));
String rangeForLunch = request.getParameter("rangeForLunch");
String schoolYear = request.getParameter("schoolYear");
initAndExecuteQuery(schoolId,schoolName,semesters,periods,repeatDays,scheduleBlock,rangeForLunch,schoolYear);
out.println("<!DOCTYPE html>");
out.println("<html>");
out.println("<head>");
out.println("<title>Servlet SchoolFormServlet</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Servlet SchoolFormServlet at " + request.getContextPath() + "</h1>");
out.println("</body>");
out.println("</html>");
}
}
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/**
* Handles the HTTP <code>GET</code> method.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
try {
processRequest(request, response);
} catch (ParseException ex) {
Logger.getLogger(SchoolFormServlet.class.getName()).log(Level.SEVERE, null, ex);
}
}
/**
* Handles the HTTP <code>POST</code> method.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
try {
processRequest(request, response);
} catch (ParseException ex) {
Logger.getLogger(SchoolFormServlet.class.getName()).log(Level.SEVERE, null, ex);
}
}
/**
* Returns a short description of the servlet.
*
* @return a String containing servlet description
*/
@Override
public String getServletInfo() {
return "Short description";
}// </editor-fold>
public void initAndExecuteQuery(Integer schoolID,String schoolName, Integer semesters,Integer periods,Integer repeatDays,String scheduleBlock,String rangeForLunch, String schoolYear) {
// JDBC driver name and database URL
String jdbcDriver ="com.mysql.jdbc.Driver";
String url ="jdbc:mysql://173.194.104.102:3306/hssp_schema?zeroDateTimeBehavior=convertToNull";
Connection connection = null;
ResultSet resultSet = null;
Statement statement = null;
// Database credentials
String userName = "admin_aamir";
String passWord = "tommybrown";
try {
Class.forName("com.mysql.jdbc.Driver").newInstance();
connection = DriverManager.getConnection(url, userName , passWord);
// Execute SQL query
String sql;
sql = "INSERT INTO School VALUES ('"+schoolID+" ','"+schoolName+" ','"+semesters+" ','"+periods+" ','"+repeatDays+" ','"+scheduleBlock+" ','"+rangeForLunch+" ','"+schoolYear+" ')";
PreparedStatement insertStatement = connection.prepareStatement(sql);
insertStatement.setInt(1, schoolID);
insertStatement.setString(2,schoolName);
insertStatement.setInt(3,periods);
insertStatement.setInt(4,repeatDays);
insertStatement.setString(5,scheduleBlock);
insertStatement.setString(6,rangeForLunch);
insertStatement.setString(7,schoolYear);
insertStatement.executeQuery();
insertStatement.close();
connection.close();
}
catch (Exception e) {
e.printStackTrace();
}
}
}
您需要在SQL字符串中打问号,告诉它它有参数,而不是直接在字符串中添加参数
sql = "INSERT INTO School VALUES(?, ?, ? ...)
MySQL连接器实现将用您设置的参数值替换这些问号,这是一项艰巨的工作(它不会像您的代码那样只粘贴它们,因为这会使它容易受到攻击)。正确的语法是必要的
在TABLENAME(字段1、字段2、字段3)中插入值(?、、、?)
那么您需要第一个参数中的列的名称和相同数量的?在第二个。然后,您的setX(1,value)语句在执行前填写问号所在的位置。在学校(…)
中输入数据库表列名,在值(?,?…)
中根据要插入到数据库中的列名数量输入问号,因为您当前的案例是8列,所以请打8个问号
String sql;
sql = "INSERT INTO School(schoolID,schoolName,semesters,periods,repeatDays,scheduleBlock,rangeForLunch,schoolYear) VALUES (?,?,?,?,?,?,?,?)";
PreparedStatement insertStatement = connection.prepareStatement(sql);
insertStatement.setInt(1, schoolID);
insertStatement.setString(2,schoolName);
insertStatement.setInt(3,periods);
insertStatement.setInt(4,repeatDays);
insertStatement.setString(5,scheduleBlock);
insertStatement.setString(6,rangeForLunch);
insertStatement.setString(7,schoolYear);
// you have missing 1 line for number 8 , since you wanted to insert 8 data into 8 column
insertStatement.executeQuery();
insertStatement.close();
connection.close();
方法1:
编写以下代码
String sql;
sql = "INSERT INTO School VALUES ('"+schoolID+" ','"+schoolName+" ','"+semesters+" ','"+periods+" ','"+repeatDays+" ','"+scheduleBlock+" ','"+rangeForLunch+" ','"+schoolYear+" ')";
PreparedStatement insertStatement = connection.prepareStatement(sql);
int valid = insertStatement.executeUpdate();
if(valid == 1)
System.out.println("insertion successfull");
else
System.out.println("problem while inserting data in database");
希望对你有用,对我也有用
方法2:
编写以下代码
String sql;
sql = "INSERT INTO School VALUES ('"+schoolID+" ','"+schoolName+" ','"+semesters+" ','"+periods+" ','"+repeatDays+" ','"+scheduleBlock+" ','"+rangeForLunch+" ','"+schoolYear+" ')";
sql = "INSERT INTO School VALUES(?,?,?,?,?,?,?,?)";
PreparedStatement insertStatement = connection.prepareStatement(sql);
insertStatement.setInt(1, schoolID);
insertStatement.setString(2,schoolName);
insertStatement.setInt(3,semesters) // you forgot to write this statement assuming the data types are correct
insertStatement.setInt(4,periods);
insertStatement.setInt(5,repeatDays);
insertStatement.setString(6,scheduleBlock);
insertStatement.setString(7,rangeForLunch);
insertStatement.setString(8,schoolYear);
int valid = insertStatement.executeUpdate();
if(valid == 1)
System.out.println("insertion successfull");
else
System.out.println("problem while inserting data in database");
希望你能理解这两种方法我应该这样做吗:“插入学校价值观(“?+schoolID+”、“?+schoolName+”、“?+semests+”);问号到底应该放在哪里?@user4789552:就像yshavit向你展示的那样。
插入学校价值观(?,?)
。虽然我们希望有一个列列表,而不是依赖于表中列的数量和顺序,例如,插入学校(id、名称、周期)值(?、?)
。(这些问号是绑定占位符,您可以使用setInt
,setString
等方法为SQL文本中的每个问号占位符提供一个值。您考虑得太多了。)您不需要将值放入SQL字符串中。实际上,只需要问号。数据库从那里获取。可以将问号想象为“这里有东西”,而set…
方法则表示某物是什么。这些是您真正的数据库凭据吗?我尝试连接:),但出现了“错误2013(HY000)”:在“读取初始通信数据包”时与MySQL服务器的连接中断,系统错误:0“为了您的利益,我希望这些是无效的数据库凭据。如果是,请对其进行编辑。这是怎么回事:sql=“插入到学校(学校ID、学校名称、学期、周期、重复日、scheduleBlock、Rangefor午餐、学年)值(?,,,,,,,,,?)";这就是我现在所说的:“在学校价值观中插入(?,,,,,,,,,,,,,,?)”;但事实并非如此work@user4789552:在insert语句中提供与绑定占位符顺序相对应的列列表<代码>插入学校(id、名称、句点等)值(?、、?…),就像arcy演示的那样。(我们不知道表中列的名称,也不知道它们的显示顺序,因此我们无法提供您需要的确切说明。)。。。顺便提一下“它不起作用”不能充分描述你正在观察的行为。