setRepositoryConnection出错:java.sql.SQLException:ORA-00900:无效的SQL语句

时间:2014-04-29 05:42:18

标签: java sql jdbc ora-00900

这里我在将数据插入数据库时​​遇到错误。

在Oracle中或在该语句之后插入语句之前,我没有收到任何错误。

package com.socket;

import java.util.ArrayList;
import java.io.Serializable;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.*;
import java.sql.*;

import oracle.jdbc.*;

public class Message implements Serializable {

    private static final long serialVersionUID = 1L;
    public String type, sender, content, recipient;

    public Message(String type, String sender, String content, String recipient) {
        this.type = type;
        this.sender = sender;
        this.content = content;
        this.recipient = recipient;
    }

    @Override
    public String toString() {
        SimpleDateFormat sdf = new SimpleDateFormat("dd/MM/yyyy HH:mm:ss");
        Calendar cal = Calendar.getInstance();
        String Current = sdf.format(cal.getTime());
        String Content1 = content + Current;

        Connection conn = null;

        String driverName = "oracle.jdbc.OracleDriver";

        String url = "jdbc:oracle:thin:@172.16.0.35:1521:orcl";

        String username = "itn"; //SET USERNAME

        String password = "itn"; //SET PASSWORD

        try {
            if (conn == null) {
                Class.forName(driverName);
                conn = DriverManager.getConnection(url, username, password);

                String Query = "INSERT INTO ENTRIES (SERIALNO, TYPE, SENDER, CONTENT, TIMER, RECIPIENT, CREATEDON) VALUES ((Select max(SERIALNO)+1 from ENTRIES), '" 
                        + type + "', '" + sender + "', '" + content + "', TO_DATE('" + Current 
                        + "', 'DD/MM/YYYY HH24:MI:SS'), '" + recipient + "', TO_DATE('"
                        + Current + "', 'DD/MM/YYYY HH24:MI:SS'))";

                System.out.println(Query);
                Statement st = conn.createStatement();
                st.executeUpdate("Query");
                st.close();
            }
        } catch (Throwable t) {
            System.out.println("error in setRepositoryConnection : " + t);
            //logger.log("Unable to set connection ", "Repository.java", "Repository", t, Logger.CRITICAL);
        }
        return "{type='" + type + "', sender='" + sender + "', contentx='" + Content1 + "', recipient='" + recipient + "'}";

    }
}

1 个答案:

答案 0 :(得分:4)

这部分毫无意义:

System.out.println(Query);
Statement st = conn.createStatement();
st.executeUpdate("Query");

您需要执行查询并使用您构建的SQL:

int result = st.executeUpdate(Query);

最好的方法是使用PreparedStatement,因为它使代码更易读,更容易理解,它提供了参数的编译时检查,并为SQL注入提供了保护:

PreparedStatement statement = conn.prepareStatement();
statement.setInt(1, intVariable);