Java MySQL更新查询

时间:2010-08-31 20:56:51

标签: java mysql jdbc

我收到错误“无法发布数据”。

这是SSCCE

//package mysqltest;

import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.applet.Applet;
import java.awt.TextArea.*;
import java.sql.*;
import java.util.*;
import javax.swing.plaf.*;
import javax.swing.plaf.basic.*;
import java.net.*;
import java.applet.*;

    public class test extends JApplet {

      public JTextArea c;

      public void init() {

          c = new JTextArea();

          add(c);
          c.append("Looking for database...");

        Connection conn = null;
        Properties props = new Properties();
        String url = "jdbc:mysql://localhost:3306/";
        String dbName = "mystik";
        String driver = "com.mysql.jdbc.Driver";
        String userName = "root";
        String password = "";
        String loggedusername = getParameter("name");
        try {
          Class.forName(driver).newInstance();
          props.put("user", "root");
          conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/mystik", props);
          c.append("\nConnected to the database");


                        c.append("\nGetting stats for: " + loggedusername);
                        PreparedStatement statement = conn.prepareStatement( "select * from `user` where `username` = '"+loggedusername+"'");
                        ResultSet result = statement.executeQuery();
                        // just a dumb mysql statement!
                        while(result.next())
                        {
                        c.append("\nUsername: "+result.getString(2)+ "\nLevel: "+result.getString(6)+"\nEXP: "+result.getString(8)+"\n");
                        }

                        PreparedStatement updateEXP = conn.prepareStatement( "update`user` set `exp` = '666'  where `username` = '"+loggedusername+"'");
                        ResultSet updateEXP_done = updateEXP.executeQuery();

                        while(result.next())
                        {
                        c.append("\nUsername: "+result.getString(2)+ "\nLevel: "+result.getString(6)+"\nEXP: "+result.getString(8)+"\n");
                        }


          conn.close();
          c.append("\nDisconnected from database");
        } catch (Exception e) {
          e.printStackTrace();
        }

      }

    }

并且它有效...而且只是update java查询没有。

以下是JTextArea看到的内容:

Looking for database...
Connected to the database
Getting stats for: weka
Username: weka
Level: 1
EXP: 1

这是我的错误:

added manifest
adding: test.class(in = 2440) (out= 1308)(deflated 46%)
adding: mysql-connector-java-5.1.13-bin.jar(in = 767492) (out= 735869)(deflated
4%)

Warning:
The signer certificate will expire within six months.
java.sql.SQLException: Can not issue data manipulation statements with executeQu
ery().
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1075)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:989)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:984)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:929)
        at com.mysql.jdbc.StatementImpl.checkForDml(StatementImpl.java:436)
        at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:
2176)
        at test.init(test.java:53)
        at sun.applet.AppletPanel.run(AppletPanel.java:424)
        at java.lang.Thread.run(Thread.java:619)

最后,这是我使用.bat文件编译的方式。

@ECHO OFF
C:
CD \wamp\www\mystikrpg\mysqltest
javac -cp mysql-connector-java-5.1.13-bin test.java
jar cvf mysqlTry.jar test.class mysql-connector-java-5.1.13-bin.jar
jarsigner -keystore dankey -storepass soccer -keypass soccer mysqlTry.jar gamerpg
appletviewer -J-Djava.security.policy=game.policy mysqltry.html

如何修复此错误? 感谢。

4 个答案:

答案 0 :(得分:6)

还要考虑使用用户名参数:

PreparedStatement updateEXP = conn.prepareStatement("update使用者set EXP = '666' where的用户名= ? ");

updateEXP.setString(1, loggedusername);

ResultSet updateEXP_done = updateEXP.executeUpdate();

答案 1 :(得分:4)

AS PreparedStatement文档:

  

执行此语句中的SQL语句   PreparedStatement对象,必须   是一个SQL INSERT,UPDATE或DELETE   声明;或者是一个SQL语句   什么都不返回,比如DDL   言。

要执行更新,删除或插入数据库中的任何数据的查询,您无法使用executeQuery ...您必须使用:.executeUpdate(query)

所以这段代码(错误):

   PreparedStatement updateEXP = conn.prepareStatement("update `user` set `exp` = '666'  where `username` = '"+loggedusername+"'");
   ResultSet updateEXP_done = updateEXP.executeQuery();

必须看起来像():

正确使用

   PreparedStatement updateEXP = conn.prepareStatement("update `user` set `exp` = ? ");
   updateEXP.setString(1, loggedusername);
   ResultSet updateEXP_done = updateEXP.executeUpdate();

答案 2 :(得分:3)

根据Javadoc,DML查询(INSERTUPDATEDELETE)需要使用executeUpdate()执行,而不是executeQuery()。它会返回一个int,其中包含受影响的行数。

PreparedStatement updateEXP = conn.prepareStatement( "update`user` set `exp` = '666'  where `username` = '"+loggedusername+"'");
int affectedRows = updateEXP.executeUpdate();

也就是说,关闭conn(以及StatementResultSet!)应该在finally块中完成,否则当异常发生时它仍会打开在close()被调用之前被抛出。你使用PreparedStatement也是错误的。您仍然通过简单的字符串连接来内联列值,而不是将它们设置为参数化值。你没有从它的SQL注入预防功能中受益。

另见:

答案 3 :(得分:0)

executeUpdate(query)代替executeQuery()