如何使用JDBC在数据库中插入引用值?

时间:2011-08-21 18:51:31

标签: java sql oracle10g

我正在尝试使用下面的代码将值插入Oracle 10g数据库,但它在执行时出现“Missing Expression”错误。我必须将引用值传递给insert子句,但不知道确切的语法或方法。 请帮我解决这个问题。 谢谢。

学生表: - 

                      Sid       VARCHAR2(200) PRIMARY KEY  CHECK(Sid>0),
                      Pass_word VARCHAR2(10) NOT NULL,
                      S_name    VARCHAR2(20) NOT NULL,
                      G_name    VARCHAR2(20)         ,
                      Branch    VARCHAR2(10) NOT NULL,
                      D_company VARCHAR2(20)         ,
                      B_Percent INT NOT NULL CHECK(B_Percent<100),
                      twelth_percent INT NOT NULL CHECK(twelth_percent<100),
                      tenth_percent INT NOT NULL  CHECK(tenth_percent<100),
                      Certify   VARCHAR2(30),
                      Semester  INT NOT NULL CHECK(Semester<9),
                      D_Birth   DATE NOT NULL,
                      Sex       VARCHAR2(6) NOT NULL

CODE: 

Connection connection = null;

try
{

  // Load the JDBC driver

   String driverName = "sun.jdbc.odbc.JdbcOdbcDriver";

   Class.forName(driverName);

    connection = DriverManager.getConnection("jdbc:odbc:placement","siddharth","sid");

    studentID = StudentID.getText();
    spassword = PasswordField.getPassword();
    studentname = NameField.getText();
    Gname = GuardianField.getText();
    branch = BranchField.getText();
    dcompany = DcompanyField.getText();
    bpercent = BtechField1.getText();
    twelthpercent = TwelthField.getText();
    tenthpercent = TenthField.getText();
    semester = SemesterField.getText();
    certify = CertificationField.getText();
    sex = SexCombo.getActionCommand();
    date =  (Date) DateTextField1.getValue();



    Statement stmt = connection.createStatement();
    stmt.executeUpdate("insert into student " +"(sid,pass_word,s_name,g_name,branch,d_company,b_percent,twelth_percent,tenth_percent,certify,semester,d_birth,sex)"+
                 "values(studentID, spassword,studentname,Gname,branch,dcompany,bpercent,twelthpercent,tenthpercent,certify,semester,date,sex)" );

    stmt.close();
    connection.close();
    }

    catch (ClassNotFoundException e) {
    // Could not find the database driver
      JOptionPane.showMessageDialog(null,e);
    } 
    catch (SQLException e) {
    // Could not connect to the database
      JOptionPane.showMessageDialog(null,e);
     }

2 个答案:

答案 0 :(得分:5)

目前您的SQL语句如下所示:

insert into student (sid, pass_word, ...) values (studentID, spassword, ...)

变量名对SQL本身毫无意义。

您应该使用预备声明。例如,您的SQL应如下所示:

insert into student (sid, pass_word, ...) values (?, ?, ...)

然后你使用:

PreparedStatement stmt = connection.prepareStatement(sql);
stmt.setString(1, studentID);
stmt.setString(2, spassword);

// etc

有关详细信息,请参阅JDBC tutorial on prepared statements

答案 1 :(得分:0)

为了安全起见,您应该使用准备好的陈述。

准备查询字符串

String updateString = "update " + dbName + ".COFFEES " +
                      "set SALES = ? where COF_NAME = ?";

使用此查询创建PrepartedStatement:

updateSales = connnection.prepareStatement(updateString);

填写?持有你价值观的空间持有人:

updateSales.setInt(1, myVariable1);
updateSales.setString(2, myVariable2);

执行查询

updateSales.executeUpdate();
相关问题
最新问题