Java SQL语句和准备好的语句错误
用户输入一种疾病,SQL应该返回所有患有该疾病的患者的详细信息。但我得到了以下错误:Java SQL语句和准备好的语句错误,java,mysql,sql,prepared-statement,inner-join,Java,Mysql,Sql,Prepared Statement,Inner Join,用户输入一种疾病,SQL应该返回所有患有该疾病的患者的详细信息。但我得到了以下错误: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1 SQL查询如下图所示。请帮我调试一下 SELECT patient_personal_details.patient
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?' at line 1
SQL查询如下图所示。请帮我调试一下
SELECT patient_personal_details.patient_id,
patient_personal_details.first_name,
patient_personal_details.last_name,
patient_personal_details.gender,
patient_personal_details.occupation,
patient_personal_details.marital_status
FROM patient_personal_details
INNER JOIN patient_medical_details
ON patient_personal_details.patient_id = patient_medical_details.patient_id
WHERE patient_medical_details.disease = ?
代码如下:
public JTable getAllPatientsByDisease(String disease)throws RemoteException{
JTable table = null;
try{
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/hospital_database","root","");
String sql = " SELECT patient_personal_details.patient_id, patient_personal_details.first_name, patient_personal_details.last_name, patient_personal_details.gender, patient_personal_details.occupation, patient_personal_details.marital_status FROM patient_personal_details "
+ " INNER JOIN patient_medical_details "
+ " ON patient_personal_details.patient_id = patient_medical_details.patient_id "
+ " WHERE patient_medical_details.disease = ? ";
PreparedStatement ps = con.prepareStatement(sql);
ps.setString(1, disease);
ResultSet rs = ps.executeQuery(sql);
table = new JTable(buildTableModel(rs));
}
catch(SQLException | ClassNotFoundException e){
System.out.println("Error: "+e);
}
return table;
}
更新的答案:(现在我们有了代码) 问题在于:
ResultSet rs = ps.executeQuery(sql);
// ----------------------------^^^
删除sql
,只需使用:
ResultSet rs = ps.executeQuery();
通过将SQL指定为参数,您使用的是,而不是<代码>语句#executeQuery按字面意思使用SQL字符串,而不在参数中替换(基本上就像您没有调用setString
)。(是的,这不是JDBC人员做出的一个奇妙的设计决定。)
原始答案: 该错误消息的关键位是“…靠近“?”,它告诉我们,您从未在该点设置要替换到查询中的值,因此?按字面意思使用 您需要使用(如果“disease”列是文本列)或
setInt
等来设置查询的参数。例如:
PreparedStatement ps = connection.prepareStatement("SELECT ... WHERE patient_medical_details.disease = ?");
ps.setString(1, "arachnophobia"); // <===
ResultSet rs = ps.executeQuery();
PreparedStatement ps=connection.prepareStatement(“SELECT…WHERE patient\u medical\u details.disease=?”;
ps.setString(1,“蜘蛛恐惧症”);// 更新的答案:(现在我们有了代码)
问题在于:
ResultSet rs = ps.executeQuery(sql);
// ----------------------------^^^
删除sql
,只需使用:
ResultSet rs = ps.executeQuery();
通过将SQL指定为参数,您使用的是,而不是<代码>语句#executeQuery
按字面意思使用SQL字符串,而不在参数中替换(基本上就像您没有调用setString
)。(是的,这不是JDBC人员做出的一个奇妙的设计决定。)
原始答案: 该错误消息的关键位是“…靠近“?”,它告诉我们,您从未在该点设置要替换到查询中的值,因此?按字面意思使用 您需要使用(如果“disease”列是文本列)或
setInt
等来设置查询的参数。例如:
PreparedStatement ps = connection.prepareStatement("SELECT ... WHERE patient_medical_details.disease = ?");
ps.setString(1, "arachnophobia"); // <===
ResultSet rs = ps.executeQuery();
PreparedStatement ps=connection.prepareStatement(“SELECT…WHERE patient\u medical\u details.disease=?”;
ps.setString(1,“蜘蛛恐惧症”);//执行此查询的代码在哪里?请参见下文;执行此查询的代码在哪里?请参见下文