我有一个小程序,我已经构建了从数据库中循环密码列表,哈希它们,并使用哈希密码更新数据库。我已经改变了列长度,以确保密码不会很长。然后我将其写入我的方法,该方法应该将值写入数据库。
sqlInsert = "UPDATE dealers SET Password = ?, Password2 = ?, PasswordID = ? WHERE DNo = ?";
PreparedStatement statement = connect.prepareStatement(sqlInsert);
statement.setString(1, pw2);
statement.setString(2, pw1);
statement.setString(3, pId);
statement.setString(4, dId);
result = statement.executeUpdate(sqlInsert);
问题是每次运行程序时都会出现以下错误:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, Password2 = ?, PasswordID = ? WHERE DNo = ?' at line 1
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, Password2 = ?, PasswordID = ? WHERE DNo = ?' at line 1
at sun.reflect.GeneratedConstructorAccessor7.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorA ccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.Util.getInstance(Util.java:384)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4232)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4164)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2615)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2776)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2832)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1755)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1679)
at com.secureautodata.business.data.KeyGenerator.encInsert(KeyGenerator.java:99)
at com.secureautodata.business.data.KeyGenerator.main(KeyGenerator.java:392)
我已经打破了语法并在数据库中单独尝试了它并且工作正常,我准备好的语句中是否有一些我缺少的东西?
答案 0 :(得分:3)
替换
result = statement.executeUpdate(sqlInsert);
与
result = statement.executeUpdate();
第一个方法在基本Statement接口中定义,并且将执行给定的SQL更新字符串而不使用绑定参数。您需要使用PreparedStatement中定义的那个。