Question

我有两张桌子＆＃34;客户＆＃34;和＆＃34;引用＆＃34;，每个都有一个customer_number字段，即CHAR（6）。实际上，＆＃34;引用＆＃34;是一张桌子，＆＃34;客户＆＃34;是一个映射到＆＃34; Groups＆＃34; （也是CHAR（6））。数据库是11g XE。

我插入＆＃34; 000100＆＃34;进入＆＃34;客户＆＃34;，当我查询它时，我得到了什么。我将相同的东西插入＆＃34;引用＆＃34;，当我查询它时，我得到＆＃34; 100＆＃34;有三个尾随空格。

为了确定：

这里是＆＃34; CUSTOMER＆＃34; DDL声明：

  CREATE OR REPLACE FORCE VIEW "SCHEMA"."CUSTOMER" ("CUSTOMER_RSN", "CUSTOMER_NAME", "GROUP_TYPE", "ORGANIZATION_NAME", "MANAGING_GROUP_RSN", "CUSTOMER_NUMBER", ... "LAST_CHANGED_AT") 
AS 
      select GROUPS_RSN, GROUP_NAME, GROUP_TYPE, ORGANIZATION_NAME, MANAGING_GROUP_RSN, CUSTOMER_NUMBER, ... LAST_CHANGED_AT
    from SCHEMA.GROUPS where group_type = 'Customer' WITH CHECK OPTION;

这里是＆＃34; Groups＆＃34; DDL声明：

CREATE TABLE "SCHEMA"."GROUPS" 
   (    "GROUPS_RSN" NUMBER(6,0) NOT NULL ENABLE, 
    "GROUP_NAME" VARCHAR2(100 BYTE) NOT NULL ENABLE, 
    "GROUP_TYPE" VARCHAR2(40 BYTE) NOT NULL ENABLE, 
    "ORGANIZATION_NAME" VARCHAR2(100 BYTE), 
    "CUSTOMER_NUMBER" CHAR(6 BYTE) DEFAULT '000000' NOT NULL ENABLE, 
    "CUSTOMER_CODE" VARCHAR2(4 BYTE), …
     PRIMARY KEY ("GROUP_NAME", "GROUP_TYPE")
  USING INDEX PCTFREE 10 INITRANS 2 MAXTRANS 255 COMPUTE STATISTICS 
  STORAGE(INITIAL 16384 NEXT 1048576 MINEXTENTS 1 MAXEXTENTS 2147483645
  PCTINCREASE 0 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT)
  TABLESPACE "SCHEMA_IDX"  ENABLE
   ) SEGMENT CREATION IMMEDIATE 
  PCTFREE 10 PCTUSED 40 INITRANS 1 MAXTRANS 255 NOCOMPRESS LOGGING
  STORAGE(INITIAL 16384 NEXT 1048576 MINEXTENTS 1 MAXEXTENTS 2147483645
  PCTINCREASE 0 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT)
  TABLESPACE "SCHEMA" ;

以下是＆＃34;客户＆＃34;：

的更新代码

String customer_number = "";  
customer_number = request.getParameter( "customer_number" );

...

logger.debug("Updating the customer_number:" + customer_number );
                        String updateSql =
                                "update oe_customer set " +
                                "customer_name = '" + customer_name "', " +
                                "managing_group_rsn = " + managing_group_rsn + ", " +
                                "customer_number = '" + customer_number + "', " ...

这是＆＃34;客户＆＃34;的更新日志输出：

21:21:30.861 [http-bio-8080-exec-74] DEBUG org.apache.jsp.updateCustomer_jsp - Updating the customer_number:000100

这是＆＃34;引用＆＃34; DDL声明：

 CREATE TABLE "TIME"."QUOTE" 
   (    "QUOTE_RSN" NUMBER(6,0) NOT NULL ENABLE, 
    "QUOTE_NUMBER" NUMBER(6,0), 
    "OE_CUSTOMER_RSN" NUMBER(6,0) NOT NULL ENABLE, 
    "CUSTOMER_NUMBER" CHAR(6 BYTE) DEFAULT '000000' NOT NULL ENABLE, 
    "CUSTOMER_NAME" VARCHAR2(100 BYTE) NOT NULL ENABLE,   ...    
 CONSTRAINT "UNIQUE_Q_RSN" UNIQUE ("QUOTE_RSN")
  USING INDEX PCTFREE 10 INITRANS 2 MAXTRANS 255 COMPUTE STATISTICS 
  STORAGE(INITIAL 16384 NEXT 1048576 MINEXTENTS 1 MAXEXTENTS 2147483645
  PCTINCREASE 0 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT)
  TABLESPACE "SCHEMA_IDX"  ENABLE, 
     CONSTRAINT "PK_Q" PRIMARY KEY ("QUOTE_NUMBER")
  USING INDEX PCTFREE 10 INITRANS 2 MAXTRANS 255 COMPUTE STATISTICS 
  STORAGE(INITIAL 16384 NEXT 1048576 MINEXTENTS 1 MAXEXTENTS 2147483645
  PCTINCREASE 0 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT)
  TABLESPACE "SCHEMA_IDX"  ENABLE
   ) SEGMENT CREATION IMMEDIATE 
  PCTFREE 10 PCTUSED 40 INITRANS 1 MAXTRANS 255 NOCOMPRESS LOGGING
  STORAGE(INITIAL 16384 NEXT 1048576 MINEXTENTS 1 MAXEXTENTS 2147483645
  PCTINCREASE 0 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT FLASH_CACHE DEFAULT CELL_FLASH_CACHE DEFAULT)
  TABLESPACE "SCHEMA" ;

这是＆＃34;引用＆＃34;：

的更新代码

newValue.customerNumber is a public String customerNumber;

...
            logger.debug("Updating existing quote, rsn: " + newValue.quoteRSN);
            String updateQuote = "update quote set ";
            try {

                updateQuote += "OE_CUSTOMER_RSN = " + newValue.oe_customerRSN + ", ";
                updateQuote += "CUSTOMER_NUMBER = " + newValue.customerNumber + ", ";
                logger.debug("Updating quote customer_number to:" + newValue.customerNumber);

这里是来自更新的日志输出＆＃34;引用＆＃34;：

00:50:45.232 [http-bio-8080-exec-73] DEBUG quote.Quote_Single_Record - Updating existing quote, rsn: 86250
00:50:45.232 [http-bio-8080-exec-73] DEBUG quote.Quote_Single_Record - Updating quote customer_number to:000100

这里是数据库中的值：

如果您有任何想法，请提供帮助。感谢。

Answer 1

在表QUOTE的声明中，未引用newValue.customerNumber。

 "customer_number = -->'" + customer_number + "'<--, "

VS

 updateQuote += "CUSTOMER_NUMBER = " + newValue.customerNumber + ", ";

所以它是一个数字，并且通过转换没有前导零。

提示：尝试使用预准备语句，它们可以安全地防止像这样的错误和SQL注入。

为什么oracle会在插入或更新时自动修剪字符串的前导零？

1 个答案: