我在mysql中有以下查询,它在mysql中完美运行,并且也生成输出表。但是当我在jsp中写它时,它显示错误。
String q2 = "select id,username,password,fname,email,dob,mobile,habits,attitudes,tastes,moral,economic,people,imagess"
+ "from user, request "
+ "where user.habits='" + q1 + "'"
+ " and user.username=request.rto"
+ " and request.rfrom='" + username + "'"
+ " and request.status='Accepted'";
显示的错误是,
jsp文件中的第118行:/search1.jsp发生错误 字符串文字未通过双引号正确关闭 stacktrace:
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:103)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:366)
org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:485)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:379)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:354)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:341)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:657)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:357)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
答案 0 :(得分:0)
你有一些额外的双引号,这是不平衡的。遵循Jon Skeet和Luiggi Mendoza提供的建议,因为这是避免这类问题的最佳实践,并且可以帮助您避免SQL注入
String q2 = "select id,username,password,fname,email,dob,mobile,habits,attitudes,tastes,moral,economic,people,imagess"
+ " from user, request "
+ "where user.habits='" + q1
+ "' and user.username=request.rto"
+ " and request.rfrom='" + username
+ "' and request.status='Accepted'";
答案 1 :(得分:0)
问题在于你的查询,当你构建了你的sql查询时,你错过了所选列名末尾和子句之间的一个空格
之前需要一个空格( imagessfrom )
以下是正确的
String q2 = "select id,username,password,fname,email,dob,mobile,habits,attitudes,tastes,moral,economic,people,imagess"
+ " from user, request "
+ "where user.habits='" + q1 + "'"
+ " and user.username=request.rto"
+ " and request.rfrom='" + username + "'"
+ " and request.status='Accepted'";