我正在尝试将此Java Web应用程序插入数据库。下图显示了我遇到的错误。
问题:当我调用insertDB()
时它起作用了,因为id列正在计数1,2,3,...,但是当我全部传递customers36
表中的其余数据时,它们都是空白数据输入。display()
方法有效,但插入方法无效,而且我用光了它可能要用的东西。
Image showing that the data is not getting to the database.
注意: selectDB()//也可以
力求尽可能具体。 db中的数据是所有字符串,但id列除外。这就是为什么我将所有字符串发送到数据库的原因。
//Code is for a java bank application.
package Business;
import java.sql.*;
import java.util.logging.Level;
import java.util.logging.Logger;
/**
* @author DEVGRU
*/
public class Customer
{
//properties
private String custId;
private String custPassword;
private String custFname;
private String custLname;
private String address;
private String email;
Connection con = null;
//Constructors
public Customer()
{
custId = "";
custPassword = "";
custFname = "";
custLname = "";
address = "";
email = "";
}
public Customer( String id, String pw, String fn, String ln, String add, String em )
{
custId = id;
custPassword = pw;
custFname = fn;
custLname = ln;
address = add;
email = em;
}
//Setters and getters.
public void setCustId( String id )
{
custId = id;
}
public String getCustId()
{
return custId;
}
public void setCustPassword( String pw )
{
custPassword = pw;
}
public String getCustPassword()
{
return custPassword;
}
public void setCustFirstName( String fn )
{
custFname = fn;
}
public String getCustFirstName()
{
return custFname;
}
public void setCustLastName( String ln )
{
custLname = ln;
}
public String getCustLastName()
{
return custLname;
}
public void setAddress( String add )
{
address = add;
}
public String getAddress()
{
return address;
}
public void setEmail( String em )
{
email = em;
}
public String getEmail()
{
return email;
}
//Db Management and Manipulation methods
/**
* @param id@throws ClassNotFoundException
*/
public void selectDb( String id ) throws ClassNotFoundException
{
Class.forName( "com.mysql.jdbc.Driver" );
try
{
//Get the connection and stick it in con.
con = DriverManager.getConnection( Settings.mysql_connstring, Settings.mysql_user, Settings.mysql_password );
Statement stmt = con.createStatement();
String sql; //Single Quotes Arround String Data.Pay Attention.
sql = "Select * from `JavaChatBankDB`.`Customers` where CustID = '" + id + "'";
System.out.println( sql );
ResultSet rs;
//Execute
rs = stmt.executeQuery( sql );
//Process
while ( rs.next() )
{
custId = rs.getString( 1 );
custPassword = rs.getString( 2 );
custFname = rs.getString( 3 );
custLname = rs.getString( 4 );
address = rs.getString( 5 );
email = rs.getString( 6 );
}//End while
}
catch ( SQLException ex )
{
System.out.println( "Error somewhere. " + ex );
}
finally
{
try
{
con.close();
}
catch ( SQLException ex )
{
Logger.getLogger( LoginServlet.class.getName() ).log( Level.SEVERE,
null, ex );
}//End Try/Catch on connection.close() -- sqlexception.
}//End Finally
}//End Select Db
public void insertDB( String id, String pw, String fn, String ln, String add,
String em ) throws ClassNotFoundException
{
Class.forName( "com.mysql.jdbc.Driver" );
try
{
//Get the connection and stick it in con.
con = DriverManager.getConnection( Settings.mysql_connstring, Settings.mysql_user, Settings.mysql_password );
Statement stmt = con.createStatement();
//Single Quotes Arround String DataPay Attention.
String sql = "INSERT INTO `JavaChatBankDB`.`Customers36` (`CustId`,`CustPassword`, `CustFirstName`, `CustLastName`, `CustAddress`, `CustEmail`)"
+ "VALUES ('" + custId + "','" + custPassword + "','" + custFname + "','" + custLname + "','" + address + "','" + email + "')";
System.out.println( sql );
int answer = stmt.executeUpdate( sql );
if ( answer >= 1 )
{
System.out.println( "Success on Inserting Data into the Database. Go Check!!!" );
}
else
{
System.out.println( "An error occured while attempting to update database" );
}
custId = id;
custPassword = pw;
custFname = fn;
custLname = ln;
address = add;
email = em;
}
catch ( SQLException ex )
{
System.out.println( "Error somewhere. " + ex );
}
finally
{
try
{
con.close();
}
catch ( SQLException ex )
{
Logger.getLogger( LoginServlet.class.getName() ).log( Level.SEVERE, null, ex );
}//End Try/Catch on connection.close() -- sqlexception.
}//End Finally
}//End Select Db
public void display()
{
System.out.println( "_________Display___________" );
System.out.println( " " );
System.out.println( "Customer Id: " + custId );
System.out.println( "Customer Password:" + custPassword );
System.out.println( "Customer First Name: " + custFname );
System.out.println( "Custoner Last Name: " + custLname );
System.out.println( "Customer Address: " + address );
System.out.println( "Customer Email: " + email );
}
public static void main( String[] args ) throws ClassNotFoundException
{
//Customer c1 = new Customer("4567","root","mike","baules","afghanistan","camels@sandbox.org");
Customer c2 = new Customer();
//c2.selectDb("3006");
c2.insertDB( "3007", "apple", "Steve", "Jobs", "cali", "apple@apple.com" );
c2.display();
}
}//End Class
答案 0 :(得分:1)
在发送查询之后,您将为查询设置值。好,为时已晚,查询已发送(使用默认值或先前值)。所以代替:
String sql = "INSERT INTO `JavaChatBankDB`.`Customers36` (`CustId`,`CustPassword`, `CustFirstName`, `CustLastName`, `CustAddress`, `CustEmail`)"
+ "VALUES ('"+custId+"','"+custPassword+"','"+custFname+"','"+custLname+"','"+address+"','"+email+"')";
int answer = stmt.executeUpdate(sql);
[...]
custId = id;
custPassword = pw;
custFname = fn;
custLname = ln;
address = add;
email = em;
您必须交换订单或完全不使用变量custId
,custPassword
等,而使用方法参数值id
,pw
等等。
此外,对于具有可变输入的查询,应使用准备好的语句,以防止任何SQL注入。请阅读https://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html,了解如何在Java中将预处理语句与JDBC一起使用。
答案 1 :(得分:0)
代码应分为多个类,例如DbHelper和Customer。请更具体地说明您的问题,因为我只看到您插入1个ID为3007类型字符串的客户?还可以考虑将Long用作id或AtomicLong。