我有一个愚蠢的问题无法解决。我正在学习Java,而且我是新手。我的案例是:
//将一个人广告到数据库
public static void aggiungiPersona(int id, String nome, String cognome, int anni, String sesso,
String indirizzo, String numTel, String email) {
try {
// create query
String query = String.join("", "insert into persone (id, nome, cognome, anni, sesso, indirizzo, numTel, email) VALUES (",
Integer.toString(id), ", '",
nome, "', '",
cognome, "', ",
Integer.toString(anni), ", '",
sesso, "', '",
indirizzo, "', '",
numTel, "', '",
email, "', ",
")"
);
我知道问题出在引号或双引号里,但在哪里呢?
您应该在这里使用一个准备好的语句,它可以处理文字值的正确转义:
String sql = "INSERT INTO persone (id, nome, cognome, anni, sesso, indirizzo, numTel, email) ";
sql += "VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, Integer.toString(id)); // use ps.setInt(1, id) if id be integer column
ps.setString(2, nome);
ps.setString(3, cognome);
ps.setString(4, Integer.toString(anni)); // use ps.setInt(4, anni) for anni integer column
ps.setString(5, sesso);
ps.setString(6, indirizzo);
ps.setString(7, numTel);
ps.setString(8, email);
int row = ps.executeUpdate();
System.out.println(row);