我正在为我们在学校的项目创建学生资料,这是我第一次这样做。
这是我对我在netbeans中创建的jTable(鼠标单击)的查询
int row = jTable1.getSelectedRow();
String tc = jTable1.getModel().getValueAt(row, 0).toString();
try {
String query ="select * from CAREPOINT_STUDENT where NAME="+tc+" ";
pst= (OraclePreparedStatement) ungabelio1.prepareStatement(query);
rs = (OracleResultSet) pst.executeQuery();
if(rs.next()){
String NAME_ID = rs.getString("NAME");
String AGE_ID = rs.getString("AGE");
String ADDRESS_ID = rs.getString("ADDRESS");
String NUM_ID = rs.getString("NUM");
String COURSE_ID = rs.getString("COURSE");
String SPECIAL_ID = rs.getString("SPECIAL");
String SCHOOL_ID = rs.getString("SCHOOL");
String DOWNPAY_ID = rs.getString("DOWNPAY");
String DISCOUNT_ID = rs.getString("DISCOUNT");
String BALANCE_ID = rs.getString("BALANCE");
String REVSCHED_ID = rs.getString("REVSCHED");
String EMAIL_ID = rs.getString("EMAIL");
NAME.setText(NAME_ID);
AGE.setText(AGE_ID);
ADDRESS.setText(ADDRESS_ID);
NUM.setText(NUM_ID);
COURSE.setText(COURSE_ID);
SPECIAL.setText(SPECIAL_ID);
SCHOOL.setText(SCHOOL_ID);
DOWNPAY.setText(DOWNPAY_ID);
DISCOUNT.setText(DISCOUNT_ID);
BALANCE.setText(BALANCE_ID);
REVSCHED.setText(REVSCHED_ID);
EMAIL.setText(EMAIL_ID);
}
} catch (Exception e) {
JOptionPane.showMessageDialog(null, e);
}
}
当我运行程序并尝试单击在jtable内创建并打印(mouseclicked)并打印的数据(学生档案,例如姓名,年龄,学校等)时,出现此问题“ ORA-00933: SQL命令未正确结束”
除此之外,我还有另一个问题,我创建了2个名为“ DELETE”的jbutton,这意味着它将删除我填写的数据(学生资料)和“ UPDATE”,这意味着重新编辑数据(学生资料)我填满了。
这是我在netbeans中对“ DELETE” jbutton的查询
try {
String query;
query = "DELETE FROM CAREPOINT_STUDENT where NAME="+NAME.getText()+" ";
pst= (OraclePreparedStatement) ungabelio1.prepareStatement(query);
pst.execute();
JOptionPane.showMessageDialog(null, "Successfully deleted!");
fetch();
} catch (Exception e) {
JOptionPane.showMessageDialog(null, e);
}
}
这是我在netbeans中的“ UPDATE” jbutton的查询
try {
String query;
query = "update CAREPOINT_STUDENT set AGE=?,ADDRESS=?,NUM=?,COURSE=?,SPECIAL=?,SCHOOL=?,DOWNPAY=?,DISCOUNT=?,BALANCE=?,REVSCHED=?,EMAIL=? where NAME="+NAME.getText()+"";
pst= (OraclePreparedStatement) ungabelio1.prepareStatement(query);
pst.setString(1,AGE.getText());
pst.setString(2,ADDRESS.getText());
pst.setString(3, NUM.getText());
pst.setString(4, COURSE.getText());
pst.setString(5, SPECIAL.getText());
pst.setString(6, SCHOOL.getText());
pst.setString(7, DOWNPAY.getText());
pst.setString(8, DISCOUNT.getText());
pst.setString(9, BALANCE.getText());
pst.setString(10, REVSCHED.getText());
pst.setString(11, EMAIL.getText());
pst.executeUpdate();
JOptionPane.showMessageDialog(null, "Successfully updated!");
fetch();
} catch (Exception e){
JOptionPane.showMessageDialog(null, e);
}
}
当我运行程序并单击这两个按钮时,出现相同的问题“ ORA-00936:缺少表达式”
我真的很感谢,希望有人能帮助我解决这个问题。这样我就可以对sql / oracle有所了解。
对不起,我的英语不好。
答案 0 :(得分:3)
避免将参数串联为字符串;使用准备好的语句。
否则,您将遇到各种麻烦,例如转义特殊字符,SQL注入等问题。
例如,运行SQL语句的一种更安全的方法可能是:
String query = "select * from CAREPOINT_STUDENT where NAME = ?";
pst = (OraclePreparedStatement) ungabelio1.prepareStatement(query);
pst.setString(1, tc);
rs = (OracleResultSet) pst.executeQuery();
注意:在需要执行一些动态SQL的情况下,将SQL语句作为字符串进行组装仍然很有用。即使这样,也可以使用?作为参数,并按照上面的说明应用它们。
答案 1 :(得分:-1)
您可能需要一些额外的单引号,因此查询将显示为:
select * from CAREPOINT_STUDENT where NAME='Entered name';
调整您的代码:
String query ="select * from CAREPOINT_STUDENT where NAME='"+tc+"' ";