Java 使用twitter4j执行此查询时发生BatchUpdateException

守则：

Exception in thread "main" java.sql.BatchUpdateException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 're talking election 2016 with @ForbesOpinion's @Avik ' at line 1
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
    at com.mysql.jdbc.Util.getInstance(Util.java:387)
    at com.mysql.jdbc.SQLError.createBatchUpdateException(SQLError.java:1161)
    at com.mysql.jdbc.StatementImpl.executeBatchInternal(StatementImpl.java:1048)
    at com.mysql.jdbc.StatementImpl.executeBatch(StatementImpl.java:958)
    at FirstTwitterApp.main(FirstTwitterApp.java:76)
Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 're talking election 2016 with @ForbesOpinion's @Avik ' at line 1
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
    at com.mysql.jdbc.Util.getInstance(Util.java:387)
    at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:942)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3966)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3902)
    at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2526)
    at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2673)
    at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2545)
    at com.mysql.jdbc.StatementImpl.executeUpdateInternal(StatementImpl.java:1540)
    at com.mysql.jdbc.StatementImpl.executeBatchInternal(StatementImpl.java:1022)
    ... 2 more

---

您的状态文本包含单引号。由于在生成查询之前没有转义字符串，因此这将有效地关闭用于包装字符串的单引号

从不通过连接用户提供的字符串来构建SQL查询。搜索“小鲍比下降表”，找出原因

---

始终使用

PreparedStatement

生成查询，因为这会自动为您处理转义操作。

Date your_Date=tweet.getCreatedAt（）；SimpleDataFormat格式化程序=新的SimpleDataFormat（“YYYY-MM-dd h:m:s”）；String date=formatter.format（您的_日期）；String textStatus=tweet.getText（）；System.out.println（textStatus）；String qry=“插入twitter数据（id、名称、文本、状态、配置文件、图片、创建日期）值（NULL），“+tweet.getUser（）.getScreenName（）+”，“+textStatus+”，“+tweet.getUser（）.getOriginalProfileImageURL（）+”，“+date+”）；connect.st.addBatch（qry）；connect.st.executeBatch（）；您可能想了解什么是SQL注入漏洞；然后使用

PreparedStatement

，而不是将SQL查询构建为字符串。

Date your_date =  tweet.getCreatedAt() ;
SimpleDateFormat formatter = new SimpleDateFormat("YYYY-MM-dd h:m:s");
String date = formatter.format(your_date);
String textStatus = tweet.getText();
System.out.println(textStatus);
String qry="insert into twitter_data(id,name,text_status,profile_picture,created_date)values(NULL,'"
        +tweet.getUser().getScreenName()+"','"
        +textStatus+"','"+tweet.getUser().getOriginalProfileImageURL()+"','"
        +date+"')";
connect.st.addBatch(qry);
connect.st.executeBatch();