问题:我正在尝试创建车辆预订系统,并且我想在用户预订表格视图中显示的特定车辆并显示其车牌号时显示数据库的更新。 我已经仔细检查了查询,但是它无法通过代码运行,也无法在phpmyadmin sql中运行。代码显示在下面:
public class PrintCar extends Application implements Initializable {
public TableColumn col_plateNum;
public TableColumn col_air;
public TableColumn col_seats;
public TableColumn col_make;
public TableColumn col_miles;
public TableColumn col_year;
public TableColumn col_price;
public TableColumn col_color;
public TableView table;
public TextField plateNum;
public DatePicker dateReserved;
public TableColumn col_ID;
public TableColumn col_reservedDate;
public TableColumn col_reserved;
ResultSet rs;
@Override
public void start(Stage stage) throws Exception {
Parent root= FXMLLoader.load(getClass().getResource("../GUI/PrintCar.fxml"));
stage.setTitle("JavaFX 2 Login");
stage.setScene(new Scene(root, 327,700));
stage.show();
}
ObservableList<Vehicle> obList = FXCollections.observableArrayList();
@Override
public void initialize(URL url, ResourceBundle resourceBundle) {
ConnectionClass connectionClass=new ConnectionClass();
Connection connection=connectionClass.getConnection();
PreparedStatement ps;
try {
ps = connection.prepareStatement("select * from cars ");
rs = ps.executeQuery();
obList.clear();
while(rs.next()){
obList.add(new Car(rs.getString(1),rs.getString(2),
rs.getString(3), rs.getString(4), rs.getString(5)
,rs.getString(6), rs.getString(7), rs.getString(8), rs.getString(9), rs.getString(10), rs.getString(11)));
}
} catch (SQLException e) {
e.printStackTrace();
}
col_ID.setCellValueFactory(new PropertyValueFactory<>("ID"));
col_plateNum.setCellValueFactory(new PropertyValueFactory<>("plateNumber"));
col_color.setCellValueFactory(new PropertyValueFactory<>("Color"));
col_price.setCellValueFactory(new PropertyValueFactory<>("pricePerKilometer"));
col_year.setCellValueFactory(new PropertyValueFactory<>("year"));
col_miles.setCellValueFactory(new PropertyValueFactory<>("milesTravelled"));
col_make.setCellValueFactory(new PropertyValueFactory<>("make"));
col_seats.setCellValueFactory(new PropertyValueFactory<>("maxPassengers"));
col_air.setCellValueFactory(new PropertyValueFactory<>("airConditioned"));
col_reserved.setCellValueFactory(new PropertyValueFactory<>("reserved"));
col_reservedDate.setCellValueFactory(new PropertyValueFactory<>("reservedDate"));
table.setItems(obList);
table.getSortOrder().add(col_ID);
table.getSortOrder().add(col_miles);
table.getSortOrder().add(col_make);
table.getSortOrder().add(col_reservedDate);
}
public void reserveCar(ActionEvent actionEvent) throws SQLException {
ConnectionClass connectionClass=new ConnectionClass();
Connection connection=connectionClass.getConnection();
PreparedStatement ps;
PreparedStatement ps1;
String mainSQL="SET SQL_SAFE_UPDATES = 0;";
String sql = "UPDATE `cars` SET `Reserved`= ? ,`Reserved Date`= ? WHERE 'ID' = '"+plateNum.getText()+"'";
try {
ps1 = connection.prepareStatement(mainSQL);
ps = connection.prepareStatement(sql);
ps.setString(1, "Yes");
ps.setString(2, dateReserved.getValue().toString());
ps1.executeQuery();
ps.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
}
Alert alert = new Alert(Alert.AlertType.INFORMATION);
alert.setTitle("Database Confirmation");
alert.setHeaderText("Success!");
alert.setContentText("Data Successfully added to Database");
alert.showAndWait();
plateNum.setText("");
dateReserved.setValue(null);
}
public void deleteCar(ActionEvent actionEvent) {
ConnectionClass connectionClass=new ConnectionClass();
Connection connection=connectionClass.getConnection();
PreparedStatement ps;
String sql = "DELETE FROM `cars` WHERE 'Plate Number' = '"+plateNum.getText()+"'";
try {
ps = connection.prepareStatement(sql);
ps.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
}
Alert alert = new Alert(Alert.AlertType.INFORMATION);
alert.setTitle("Database Confirmation");
alert.setHeaderText("Success!");
alert.setContentText("Data Successfully added to Database");
alert.showAndWait();
plateNum.setText("");
dateReserved.setValue(null);
}
}
答案 0 :(得分:0)
在MySQL中,使用'(单引号)字符在SQL查询谓词中指定列名,将其解释为字符串而不是数据库表列。分隔标识符的是`(反引号)字符。
这样的查询:
SELECT * from cars WHERE 'Plate Number' = 'ABC'
从不返回任何行,除非您要比较的字符串本身是“板号”:
SELECT * from cars WHERE 'Plate Number' = 'Plate Number'
在这种情况下,它给出了表的整个行集。 因此,编写查询的正确方法是:
SELECT * from cars WHERE `Plate Number` = 'ABC'
即对于** ** (backtick) character.
In your case in reserveCar`,必须以这种方式指定查询:
String sql = "UPDATE `cars` SET `Reserved`= ? ,`Reserved Date`= ? WHERE `ID` = '"+plateNum.getText()+"'";
并使用deleteCar方法:
String sql = "DELETE FROM `cars` WHERE 'Plate Number' = '"+plateNum.getText()+"'";
要注意的另一重要事项是,为了防止发生诸如SQL注入之类的安全性问题,最好通过强制将用户输入作为参数的内容而不是SQL命令的一部分来使用PreparedStatement 。因此,例如,最好修改deleteCar方法如下:
public void deleteCar(ActionEvent actionEvent) {
ConnectionClass connectionClass=new ConnectionClass();
Connection connection=connectionClass.getConnection();
PreparedStatement ps;
String sql = "DELETE FROM `cars` WHERE `Plate Number` = ? ";
try {
ps = connection.prepareStatement(sql);
stmt.setString(1, plateNum.getText());
ps.executeUpdate();
} catch (SQLException e) {
e.printStackTrace();
}
Alert alert = new Alert(Alert.AlertType.INFORMATION);
alert.setTitle("Database Confirmation");
alert.setHeaderText("Success!");
alert.setContentText("Data Successfully added to Database");
alert.showAndWait();
plateNum.setText("");
dateReserved.setValue(null);
}