需要一点帮助。遇到一些异常问题,我在使用这个库时非常新。在此先感谢:)
错误:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:您的SQL语法中有错误;查看与您的MySQL服务器版本对应的手册,以便在#"' common_translations.name'附近使用正确的语法。 as nm JOIN(' common_translations.name_id' as nid)
我的代码:
private DatabaseConnection db;
private final HashMap <String, String> statements;
public DatabaseReader(DatabaseConnection db) {
statements = new HashMap<String, String>() {
private static final long serialVersionUID = -1827340576955092045L;
{
put("odds","vfl::%");
put("common_translations", "vhc::%");
put("common_translations","vdr::%");
put("common_translations", "vto::%");
put("common_translations","vbl::%");
put("common_translations", "vf::%");
put("odds","vsm::%");
put("odds", "rgs::%");
put("odds", "srrgs::%");
}};
this.db = db;
}
public void read() {
try {
Connection connection = db.connect(db.getUrl_common_translation());
PreparedStatement ps = (PreparedStatement) connection.prepareStatement("SELECT nm.id, nid.key, nm.name FROM ? as nm JOIN (? as nid)\r\n" +
" ON (nm.id = nid.id) where nid.key like ? and nm.typeId=8 and nm.sourceId=-1 and nm.languageCode='en'");
for(Entry <String,String> e : statements.entrySet()) {
ps.setString(1, e.getKey() + ".name");
ps.setString(2, e.getKey() + ".name_id");
ps.setString(3, e.getValue());
ResultSet rs = ps.executeQuery();
while(rs.next()) {
int id = rs.getInt("id");
//String tag = rs.getString("tag");
//String translation = rs.getString("translation");
System.out.println(id);
}
}
} catch (SQLException e) {
e.printStackTrace();
}
}
答案 0 :(得分:1)
您正在使用错误的方式设置列名称:
ps.setString(1, e.getKey() + ".name");
ps.setString(2, e.getKey() + ".name_id");
将在引号之间输入:
FROM "something.name" as
这是一种错误的语法。
相反,您必须直接设置名称而不使用这样的预处理语句:
Connection connection = db.connect(db.getUrl_common_translation());
PreparedStatement ps = (PreparedStatement) connection.prepareStatement();
for (Entry<String, String> e : statements.entrySet()) {
String query = "SELECT nm.id, nid.key, nm.name FROM " + e.getKey() + ".name" +" as nm "
//----------------------------------------------^__________________^
+ "JOIN (" + e.getKey() + ".name_id" + " as nid) ON (nm.id = nid.id) "
//-----------^_____________________^
+ "where nid.key like ? and nm.typeId=8 "
+ "and nm.sourceId=-1 and nm.languageCode='en'";
ps.setString(1, e.getValue());
ResultSet rs = ps.executeQuery(query);
//------------------------------^^
但在此之前你必须检查名称不应该包含感染查询的东西(以避免语法错误和sql注入),所以你需要先制作一些控制器
答案 1 :(得分:0)
从DB的角度来看,您将尝试执行查询:
SELECT nm.id, nid.key, nm.name
FROM :param1 as nm
JOIN (:param2 as nid) ON (nm.id = nid.id)
where nid.key like :param3 and nm.typeId=8 and nm.sourceId=-1 and nm.languageCode='en'
有一些参数。但是您不能将表或视图作为参数传递。这毫无意义。
要解决您的问题,您可以使用此代码段:
String sql = "SELECT nm.id, nid.key, nm.name FROM %s as nm JOIN (%s as nid)\r\n" +
" ON (nm.id = nid.id) where nid.key like ? and nm.typeId=8 and nm.sourceId=-1 and nm.languageCode='en'"
for(Entry <String,String> e : statements.entrySet()) {
PreparedStatement ps = (PreparedStatement) connection.prepareStatement(
String.format(sql, e.getKey() + ".name", e.getKey() + ".name_id")
);
ps.setString(1, e.getValue());
.... your code here ....
}