Java MySQLSyntaxErrorException-已准备语句中的参数无效
我有如下代码。我尝试了堆栈中的其他解决方案,但似乎没有任何效果。生成错误的Java代码如下所示Java MySQLSyntaxErrorException-已准备语句中的参数无效,java,jsp,jdbc,Java,Jsp,Jdbc,我有如下代码。我尝试了堆栈中的其他解决方案,但似乎没有任何效果。生成错误的Java代码如下所示 public Connection getConnection() { try { conn = DriverManager.getConnection(CONNSTR, USER, PASS); return conn; } catch (SQLException e) { e.
public Connection getConnection()
{
try
{
conn = DriverManager.getConnection(CONNSTR, USER, PASS);
return conn;
}
catch (SQLException e)
{
e.printStackTrace();
return null;
}
}
public boolean AuthenticateUser()
{
String UserName = "User";
String Password = "Password";
try
{
PreparedStatement pstmt = null;
ResultSet rs = null;
conn = getConnection();
String strSQL = "SELECT UserName " +
" FROM Users " +
" WHERE UserId = ? AND " +
" Password = ?";
pstmt = (PreparedStatement) conn.prepareStatement(strSQL);
pstmt.setString(1, UserName);
pstmt.setString(2, Password);
System.out.println(strSQL);
rs = pstmt.executeQuery(strSQL);
System.out.println(rs.getRow());
rs.last();
int TotalRows = rs.getRow();
System.out.println(TotalRows);
if(TotalRows > 0)
return true;
else
return false;
}
catch (SQLException e)
{
e.printStackTrace();
return false;
}
}
CREATE TABLE Users(Id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,
UserName VARCHAR(255),
UserId VARCHAR(255),
Password VARCHAR(255))
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '? AND Password = ?' at line 1
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
at com.mysql.jdbc.Util.getInstance(Util.java:386)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3609)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3541)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2002)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2163)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2618)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2568)
at com.mysql.jdbc.StatementImpl.executeQuery(StatementImpl.java:1557)
at com.apryll.db.util.dbUtil.AuthenticateUser(dbUtil.java:55)
at com.apryll.db.Login.doPost(Login.java:42)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:304)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:164)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:562)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:395)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:250)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:302)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
您将变量UserName作为第一个查询参数传递,但在查询中使用的是UserId,它是int而不是字符串
希望能有所帮助,您再次将SQL传递给
executeQuery您有哪些例外情况?可以发布完整的堆栈跟踪吗?不要添加快照。复制并在此处发布异常。我甚至看不到该图像。您可以右键单击并选择查看图像吗?为什么要再次将SQL作为参数传递给
executeQuery语句的API中(超类PreparedStatement
),但是当从PreparedStatement
或CallableStatement
调用接受查询字符串的Statement
方法时,驱动程序应该抛出异常。