为什么从 Java 代码更新信息到 SQL 数据库时会出现错误?
Why is an error arising in updating info into SQL Database from Java code?
我正在编写系统注册页面的代码。单击按钮后,系统将检查用户是否年满 14 岁。如果为真,系统应将所有输入的数据保存到 SQL 数据库中。
private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {
// TODO add your handling code here:
int age = Integer.parseInt(Age_Input.getText());
String firstname = FirstName_Input.getText();
String surname = Surname_Input.getText();
String email = Email_Input.getText();
String userid = UserID_InputSignUp.getText();
char[] pass = Password_InputSignUp.getPassword();
if (age<14) {
JOptionPane.showMessageDialog(null,"Sorry, You need to be at least 14 years to use this software... ");
new Login_Page().setVisible(true);
this.setVisible(false);
} else {
try {
Class.forName("com.mysql.cj.jdbc.Driver");
Connection connect = (Connection) DriverManager.getConnection("jdbc:mysql://localhost:3306/user_info", "root", "nerdswonka");
Statement stmt = connect.createStatement();
String query1 = "INSERT INTO user_info(user_id, password, firstname, lastname, emailid, age) VALUES('"+userid+"', "+Arrays.toString(pass)+", '"+firstname+"', '"+surname+"', '"+email+"', "+age+");";
stmt.executeUpdate(query1);
JOptionPane.showMessageDialog(null, "Account Creation succesful!");
stmt.close();
connect.close();
} catch (Exception e) {
JOptionPane.showMessageDialog(null, "Error in connecting to SQL Database");
}
new Login_Page().setVisible(true);
this.setVisible(false);
}
}
代码没有将任何内容更新到数据库中,只是在异常(错误)出现后显示 JOptionPane。可以对代码进行哪些编辑,以便将值存储到 SQL?
失败的直接原因可能是您的 INSERT 语句包含以下未被单引号括起来的字符串:
Arrays.toString(pass)
但是,你应该完全放弃你目前的方法,而是使用准备好的语句:
String sql = "INSERT INTO user_info (user_id, password, firstname, lastname, emailid, age) " +
"VALUES (?, ?, ?, ?, ?, ?)";
try (Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/user_info", "root", "nerdswonka");
PreparedStatement ps = conn.prepareStatement(sql)) {
ps.setString(1, userid);
ps.setString(2, Arrays.toString(pass));
ps.setString(3, firstname);
ps.setString(4, surname);
ps.setString(5, email);
ps.setInt(6, age);
int row = ps.executeUpdate();
System.out.println(row); // rows inserted (should be 1)
}
catch (SQLException e) {
System.err.format("SQL State: %s\n%s", e.getSQLState(), e.getMessage());
}
catch (Exception e) {
e.printStackTrace();
}
}
准备好的语句做很多事情,其中之一是处理有关如何在 SQL 查询中正确转义文字数据的混乱细节。在这种情况下,它们使您不必担心在插入的 Java 字符串周围放置单引号。语句还可以防止诸如 SQL 注入之类的不良事件发生。
您没有在 catch 块中打印异常。您可以使用 e.printStackTrace();首先打印异常。
我正在编写系统注册页面的代码。单击按钮后,系统将检查用户是否年满 14 岁。如果为真,系统应将所有输入的数据保存到 SQL 数据库中。
private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {
// TODO add your handling code here:
int age = Integer.parseInt(Age_Input.getText());
String firstname = FirstName_Input.getText();
String surname = Surname_Input.getText();
String email = Email_Input.getText();
String userid = UserID_InputSignUp.getText();
char[] pass = Password_InputSignUp.getPassword();
if (age<14) {
JOptionPane.showMessageDialog(null,"Sorry, You need to be at least 14 years to use this software... ");
new Login_Page().setVisible(true);
this.setVisible(false);
} else {
try {
Class.forName("com.mysql.cj.jdbc.Driver");
Connection connect = (Connection) DriverManager.getConnection("jdbc:mysql://localhost:3306/user_info", "root", "nerdswonka");
Statement stmt = connect.createStatement();
String query1 = "INSERT INTO user_info(user_id, password, firstname, lastname, emailid, age) VALUES('"+userid+"', "+Arrays.toString(pass)+", '"+firstname+"', '"+surname+"', '"+email+"', "+age+");";
stmt.executeUpdate(query1);
JOptionPane.showMessageDialog(null, "Account Creation succesful!");
stmt.close();
connect.close();
} catch (Exception e) {
JOptionPane.showMessageDialog(null, "Error in connecting to SQL Database");
}
new Login_Page().setVisible(true);
this.setVisible(false);
}
}
代码没有将任何内容更新到数据库中,只是在异常(错误)出现后显示 JOptionPane。可以对代码进行哪些编辑,以便将值存储到 SQL?
失败的直接原因可能是您的 INSERT 语句包含以下未被单引号括起来的字符串:
Arrays.toString(pass)
但是,你应该完全放弃你目前的方法,而是使用准备好的语句:
String sql = "INSERT INTO user_info (user_id, password, firstname, lastname, emailid, age) " +
"VALUES (?, ?, ?, ?, ?, ?)";
try (Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/user_info", "root", "nerdswonka");
PreparedStatement ps = conn.prepareStatement(sql)) {
ps.setString(1, userid);
ps.setString(2, Arrays.toString(pass));
ps.setString(3, firstname);
ps.setString(4, surname);
ps.setString(5, email);
ps.setInt(6, age);
int row = ps.executeUpdate();
System.out.println(row); // rows inserted (should be 1)
}
catch (SQLException e) {
System.err.format("SQL State: %s\n%s", e.getSQLState(), e.getMessage());
}
catch (Exception e) {
e.printStackTrace();
}
}
准备好的语句做很多事情,其中之一是处理有关如何在 SQL 查询中正确转义文字数据的混乱细节。在这种情况下,它们使您不必担心在插入的 Java 字符串周围放置单引号。语句还可以防止诸如 SQL 注入之类的不良事件发生。
您没有在 catch 块中打印异常。您可以使用 e.printStackTrace();首先打印异常。