将数据插入MySQL表时出错

时间:2013-06-05 02:43:24

标签: java mysql insert

需要帮助...

    Connection cn = DriverManager.getConnection ("jdbc:mysql://localhost/posdb", "root", "");
    PreparedStatement dat = cn.prepareStatement("INSERT INTO order VALUES('"+num+"',"+buyamount.elementAt(0)+","+buyamount.elementAt(1)+","+buyamount.elementAt(2)+","+buyamount.elementAt(3)+","+buyamount.elementAt(4)+","+buyamount.elementAt(5)+","+buyamount.elementAt(6)+","+buyamount.elementAt(7)+","+buyamount.elementAt(8)+","+buyamount.elementAt(9)+","+buyamount.elementAt(10)+","+buyamount.elementAt(11)+","+buyamount.elementAt(12)+","+buyamount.elementAt(13)+","+buyamount.elementAt(14)+","+buyamount.elementAt(15)+","+buyamount.elementAt(16)+","+buyamount.elementAt(17)+","+buyamount.elementAt(18)+","+buyamount.elementAt(19)+","+tot+","+tot2+","+(tot2-tot)+")");
    System.out.println(dat);
    dat.executeUpdate();
    cn.close();

错误讯息:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order VALUES('20130605093640',1, 0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9500,1200' at line 1

num是一个字符串,tot和tot2是整数,buyamount是整数的向量。

谢谢..任何帮助将不胜感激..

2 个答案:

答案 0 :(得分:1)

Order是MySQL中的保留字 - 使用反引号:

INSERT INTO `order`...

http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html

答案 1 :(得分:0)

此外,您可能需要考虑以正确的方式使用预准备语句。这将有助于避免sql注入并使代码更易于阅读。

private static final String INSERT = "insert into myTable values(?,?,?)";
public void insertData(String varA, int numB, Date myDate) throws SQLException  {

    Connection cn=null;
    PreparedStatement ps=null;
    try {
        cn = DriverManager.getConnection("...your connection string...");
        ps = cn.prepareStatement(INSERT);
        ps.setString(1, varA);
        ps.setInt(2, numB);
        ps.setDate(3, myDate);

        ps.executeUpdate();

    }catch(SQLException sqe) {
        throw sqe;
    } finally {
        try {ps.close();}catch(Exception ex) {}
        try {cn.close();}catch(Exception ex) {}
    }
}