如何使用用户输入作为查询参数?

时间:2013-05-03 08:26:02

标签: java sqlite jdbc

所以我对java和SQL很新,他们是我的第一个编程语言。我正在尝试使用JDBC做一些工作。我想允许用户输入id并根据变量返回查询。如果有人能够至少指出我正确的方向......这是我开始的代码。请注意它的粗糙,但只是想获得一段代码,这样我就可以在我的主类中更好地实现它。

 Scanner input = new Scanner(System.in);
    Class.forName("org.sqlite.JDBC");
    Connection conn =
            DriverManager.getConnection("jdbc:sqlite:C:\\Users\\Derek\\Documents\\Databases\\example.sqlite");
    Statement stat = conn.createStatement();
    PreparedStatement prep1 = conn.prepareStatement(
            "insert into MedType values (?, ?);");
    PreparedStatement prep2 = conn.prepareStatement(
            "insert into Media values (?, ?,?, ?,?, ?);");

    System.out.print("Please choose a database(MedType or Media): ");
    String db=input.next();

    if(db.equalsIgnoreCase("MedType"))
    {
    System.out.print("Enter in ID: ");
    String answer1 = input.next();

    System.out.print("");
    String answer2 = input.nextLine();

    System.out.print("Enter in Description: ");
    String answer3 = input.nextLine();

    prep1.setString(1, answer1);//add values into cell
    prep1.setString(2, answer3);
    prep1.addBatch();//add the columns that have been entered

    }
conn.setAutoCommit(false);
    prep1.executeBatch();
    prep2.executeBatch();
    conn.setAutoCommit(true);




    System.out.print("Please Enter Query(One or All): ");
    String q=input.next();


    ResultSet rs= stat.executeQuery("select * from MedType;");


    if(q.equalsIgnoreCase("all")){
    while (rs.next()) {
        System.out.print("All ID = " + rs.getString("ID") + " ");
        System.out.println("All Description = " + rs.getString("Description"));}
    }
   if(q.equalsIgnoreCase("one")){
         System.out.print("Enter ID: ");

    }
   int idNum=input.nextInt();
    ResultSet oneRs = stat.executeQuery("select * from MedType Where"+ (rs.getString("ID")+"="+idNum));

   if(q.equalsIgnoreCase("one")){


        while (oneRs.next()) {
            System.out.print("ID = " + oneRs.getString("ID") + " ");
            System.out.println("Description = " + oneRs.getString("Description"));
        }
    }

    rs.close();
    oneRs.close();
    conn.close();

}
}

ResultSet oneRs = stat.executeQuery("select * from MedType Where"+
   (rs.getString("ID")+"="+idNum));

这是我遇到麻烦的地方。创建一个语句,如果其id等于用户输入,则返回表中的内容。我收到此错误

Exception in thread "main" java.sql.SQLException: [SQLITE_ERROR] SQL error or missing database (near "=": syntax error)

2 个答案:

答案 0 :(得分:2)

在查询中,您试图通过传递id来访问单行。在一般的sql查询中,我们通过传递一些信息来访问单行。 从MedType中选择*,其中id = 3 此查询将返回包含id等于3的行的结果集。 所以在你的代码中你的查询应该从MedType中选择*,其中id =“+ idNum +”,如果在你的db id列中是int。 并将此查询保留在if block中,即

 if(q.equalsIgnoreCase("one"))
{
         System.out.print("Enter ID: ");
         int idNum=input.nextInt();
    ResultSet oneRs = stat.executeQuery("select * from MedType Where id="+idNum+" ");
    // if id column in db is int if it is string then use id='"+idNum+"'                                            

        while (oneRs.next())
       {
            System.out.print("ID = " + oneRs.getString("ID") + " ");
            System.out.println("Description = " + oneRs.getString("Description"));
        }
 }

答案 1 :(得分:1)

在您的查询中:

select * from MedType Where"+ (rs.getString("ID")+"="+idNum

您似乎尝试从返回所有元组的第一个结果集中获取ID。

这不会像在where子句中那样工作,因为ID不存在(因为没有rs.next()现在没有结果)。如果有结果,那么您可能会有类似“where 3 = 3”的内容(3将是之前返回值的结果。您是否尝试过使用:

select * from MedType Where ID = " + idNum

希望这是有道理的。