我有一个名为paramValue的参数,那么我尝试存储它,如果我的paramvalue等于任何没有撇号的值,就像paramvalue ='klang @' 但是如果有撇号,它将不会像以下paramvalue ='kl'ang @' 我把我的代码的一部分
query += "'" + paramValue + "'";
我尝试了这个,但是出现了类似';的错误。预期”下面是否有其他选择可以做到这一点,谢谢您的任何建议
query += """ + paramValue + """;
下面是我的代码
public boolean insertInto(String tableName, String paramsName[], String paramsValues[], String id) {
String query = "INSERT INTO tbl1" + tableName + " (id, dateCreated, dateModified";
for (String paramName : paramsName) {
query += ", c_" + paramName;
}
query += ") VALUES( ";
if (id == null || id.isEmpty()) {
query += "UUID(), NOW() , NOW()";
} else {
query += "'" + id + "', NOW(), NOW()";
}
for (String paramValue : paramsValues) {
query += "'" + paramValue + "'";
}
query += ")";
Connection con = null;
//myconn
try {
con = ds.getConnection();
PreparedStatement stmt = con.prepareStatement(query);
return stmt.execute();
} catch (SQLException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
} finally {
try {
if (con != null) {
con.close();
}
} catch (SQLException ex) {
Logger.getLogger(this.getClass().getName()).log(Level.SEVERE, null, ex);
}
}