我想使用java存储所需ID的密码。一切都很好,除了我得到这个例外
"SQL Exception thrown: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(Pass_word) set Pass_word = 'pass' where ID = 2' at line 1".
我只在更新查询中获取此异常,但在select查询中没有。我正在使用Eclipse。谁能告诉我我在做什么是错的?
import java.sql.DriverManager;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
public class information {
public static void main(String[] args) {
String password;
ResultSet rs;
String queryString;
int x=1;
try
{
Class.forName("com.mysql.jdbc.Driver");
Connection conn = null;
conn = DriverManager.getConnection("jdbc:mysql://localhost/onlineexam","root", "batch12@nitap");
System.out.print("Database is connected !");
Statement stmt = conn.createStatement();
PreparedStatement pstmt = null;
while(x==1)
{
System.out.println("Press 1 to enter student id");
System.out.println("Press 2 to exit");
Scanner s= new Scanner(System.in);
int choice = s.nextInt();
switch(choice)
{
case 1: System.out.println("Enter the ID of student");
int id = s.nextInt();
queryString = "select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID=" +id;
rs= stmt.executeQuery(queryString);
//System.out.println(rs.getInt("ID"));
while(rs.next())
{
if(rs.getInt("ID")== id)
{
String roll = rs.getString("Roll_no");
String date = rs.getString("Date");
String time = rs.getString("Time");
String c_name = rs.getString("Course_name");
String c_code = rs.getString("Course_code");
password pass1= new password(roll,date,time,c_name,c_code);
pass= pass1.passwd();
System.out.println(pass);
queryString =" Update student_reg(Pass_word) set Pass_word = 'pass' where ID = ?";
//queryString= "INSERT INTO student_reg(Password) VALUES ('password') where ID = ?";
//stmt.executeUpdate(queryString);
//PreparedStatemenet pstmt = conn.preparedStatement("INSERT INTO student_reg(Password) VALUES ('password') where ID = ?");
//pstmt.setLong(1, id);
pstmt = conn.prepareStatement(queryString);
pstmt.setInt(1, id);
int numberOfUpdatedRecords = pstmt.executeUpdate();
s.close();
}
}
break;
case 2: x=0;
}
}
if(conn!= null)
{
stmt.close();
pstmt.close();
conn.close();
conn = null;
}
}
catch(ClassNotFoundException cnf)
{
System.out.println("Driver could not be loaded: " + cnf);
}
catch(SQLException sqle)
{
System.out.println("SQL Exception thrown: " + sqle);
}
catch(Exception e)
{
System.out.print("Do not connect to DB - Error:"+e);
}
}
}
答案 0 :(得分:2)
您的代码有很多问题:
queryString = "select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID= id";
这一行你有条件,但你没有设置值,你应该设置
queryString = "select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID = " + id;
如果你看一下PreparedStatement以防止SQL注入,那就更好了。
最后一个:
queryString= "INSERT INTO student_reg(Password) VALUES ('password') where ID = id";
这一行似乎想要更新一些东西。请查看它。
答案 1 :(得分:1)
queryString = "select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID= id";
应该是
queryString = "select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID = " + id;
这样可以解决错误,但最好使用PreparedStatement,查询字符串看起来像"select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID = ?",并将id作为参数传递。
答案 2 :(得分:0)
这是显而易见的,因为您不应在查询字符串中包含“id”:
queryString = "select ID,Roll_no, Course_name, Course_code, Date,Time from student_reg where ID = " + id;
来自@spencer的非常好的提示:您不能在WHERE语句中使用INSERT INTO子句。可能你想UPDATE有一个id的行。此外,最好使用PreparedStatemenet来避免此类错误:
conn = DriverManager.getConnection("jdbc:mysql://localhost/onlineexam","root", "batch12@nitap");
PreparedStatemenet pstmt = conn.preparedStatement("UPDATE student_reg SET password = 'password' where ID = ?");
pstmt.setLong(1, id);
int numberOfUpdatedRecords = pstmt.executeUpdate();
我建议你重命名列名password,因为它是mysql中的保留字,所以使用该列名可能会得到奇怪的结果。将其更改为其他内容,例如:pass_word或passwd,....您可能知道,您可以使用某些引号或其他内容在查询中使用关键字作为列名,但将其重命名为其他名称更为安全,仅用于提示。
如果您在没有连接池的情况下使用此连接,则可能需要关闭Statement和Connection。
祝你好运。