Java 使用twitter4j执行此查询时发生BatchUpdateException
守则:Java 使用twitter4j执行此查询时发生BatchUpdateException,java,mysql,twitter4j,Java,Mysql,Twitter4j,守则: Exception in thread "main" java.sql.BatchUpdateException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 're talking election 2016 with @ForbesOpinion's @Avi
Exception in thread "main" java.sql.BatchUpdateException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 're talking election 2016 with @ForbesOpinion's @Avik ' at line 1
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.Util.getInstance(Util.java:387)
at com.mysql.jdbc.SQLError.createBatchUpdateException(SQLError.java:1161)
at com.mysql.jdbc.StatementImpl.executeBatchInternal(StatementImpl.java:1048)
at com.mysql.jdbc.StatementImpl.executeBatch(StatementImpl.java:958)
at FirstTwitterApp.main(FirstTwitterApp.java:76)
Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 're talking election 2016 with @ForbesOpinion's @Avik ' at line 1
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.Util.getInstance(Util.java:387)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:942)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3966)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3902)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2526)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2673)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2545)
at com.mysql.jdbc.StatementImpl.executeUpdateInternal(StatementImpl.java:1540)
at com.mysql.jdbc.StatementImpl.executeBatchInternal(StatementImpl.java:1022)
... 2 more
您的状态文本包含单引号。由于在生成查询之前没有转义字符串,因此这将有效地关闭用于包装字符串的单引号 从不通过连接用户提供的字符串来构建SQL查询。搜索“小鲍比下降表”,找出原因
始终使用
PreparedStatement
生成查询,因为这会自动为您处理转义操作。Date your_Date=tweet.getCreatedAt();SimpleDataFormat格式化程序=新的SimpleDataFormat(“YYYY-MM-dd h:m:s”);String date=formatter.format(您的_日期);String textStatus=tweet.getText();System.out.println(textStatus);String qry=“插入twitter数据(id、名称、文本、状态、配置文件、图片、创建日期)值(NULL),“+tweet.getUser().getScreenName()+”,“+textStatus+”,“+tweet.getUser().getOriginalProfileImageURL()+”,“+date+”);connect.st.addBatch(qry);connect.st.executeBatch();您可能想了解什么是SQL注入漏洞;然后使用PreparedStatement
,而不是将SQL查询构建为字符串。
Date your_date = tweet.getCreatedAt() ;
SimpleDateFormat formatter = new SimpleDateFormat("YYYY-MM-dd h:m:s");
String date = formatter.format(your_date);
String textStatus = tweet.getText();
System.out.println(textStatus);
String qry="insert into twitter_data(id,name,text_status,profile_picture,created_date)values(NULL,'"
+tweet.getUser().getScreenName()+"','"
+textStatus+"','"+tweet.getUser().getOriginalProfileImageURL()+"','"
+date+"')";
connect.st.addBatch(qry);
connect.st.executeBatch();