Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/java/337.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181

Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/mysql/60.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java MyQuery错误:“null |“where子句”中的未知列”_Java_Mysql - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java MyQuery错误:“null |“where子句”中的未知列”

Java MyQuery错误:“null |“where子句”中的未知列”

java mysql

Java MyQuery错误:“null |“where子句”中的未知列”,java,mysql,Java,Mysql,这是我的高级项目。请记住我还是个初学者 因此,我想创建一个搜索应用程序,其中用户将从JComboBox中选择一个“专业”,一旦他们单击“搜索”,该应用程序将从MySQL数据库中检索数据并将其显示在JTable中 因为我不擅长编程,所以我遵循了一些教程,我被这个错误所困扰: “where子句”中的未知列“架构” “架构”是JComboBox中的选项之一,但我认为SQL将其作为一列读取,尽管它是一行 这是我的疑问: public class MyQuery { public Connecti

这是我的高级项目。请记住我还是个初学者

因此,我想创建一个搜索应用程序,其中用户将从JComboBox中选择一个“专业”,一旦他们单击“搜索”,该应用程序将从MySQL数据库中检索数据并将其显示在JTable中

因为我不擅长编程,所以我遵循了一些教程,我被这个错误所困扰:

“where子句”中的未知列“架构”

“架构”是JComboBox中的选项之一,但我认为SQL将其作为一列读取,尽管它是一行

这是我的疑问:

public class MyQuery {

   public Connection getConnection(){
        Connection con = null;
        try {
            con = DriverManager.getConnection("jdbc:mysql://localhost:3306/mydata?autoReconnect=true&useSSL=false", "root", "1110");
        } catch (SQLException ex) {
            Logger.getLogger(Query.class.getName()).log(Level.SEVERE, null, ex);
        }
        return con;
    }

    public ArrayList<Applications> getData(String speciality){

   ArrayList<Applications> list = new ArrayList<Applications>();
   Connection con = getConnection();
   Statement st;
   ResultSet rows;

   try {
   st = con.createStatement();

   rows = st.executeQuery("SELECT * FROM mydb.applications WHERE speciality LIKE " + speciality);

   Applications applications;
   while(rows.next()){
   applications = new Applications(
   rows.getInt("id"),
   rows.getString("name"),
   rows.getString("nationality"),
   rows.getString("speciality"),
   rows.getString("experience")
   );

   list.add(applications);
   }

   } catch (SQLException ex) {
   Logger.getLogger(MyQuery.class.getName()).log(Level.SEVERE, null, ex);
   }
   return list;
   }
}
&

尝试在输入周围加引号:

rows = st.executeQuery("SELECT * FROM mydb.applications WHERE speciality LIKE '" + speciality + "'");
这里的问题在于SQL查询语法:

rows = st.executeQuery("SELECT * FROM mydb.applications WHERE speciality LIKE " + speciality);
应该是:

rows = st.executeQuery("SELECT * FROM mydb.applications WHERE speciality LIKE '" + speciality+"'");
一个更好的解决方案是使用PreparedStatement——这样,如果你的某个特长很酷,即使它包含引号字符,你也不会遇到麻烦

准备好的语句还可以保护您免受SQL注入攻击

PreparedStatement ps = connection.prepareStatement(
    "SELECT * FROM mydb.applications WHERE speciality LIKE ?");
ps.setString(1, specialty);
ResultSet rs = ps.executeQuery();
所以为什么这么严重?因为你一直等到最后一分钟?请阅读-总结是,这不是一个理想的方式来解决志愿者,可能是反作用,以获得答案。请不要将此添加到您的问题中。 
PreparedStatement ps = connection.prepareStatement(
    "SELECT * FROM mydb.applications WHERE speciality LIKE ?");
ps.setString(1, specialty);
ResultSet rs = ps.executeQuery();