这个 MySQL/Java 准备语句语法有什么问题?
What is wrong with this MySQL/Java prepared statement syntax?
我构建了一个小程序,用于循环数据库中的密码列表,对它们进行哈希处理,并使用哈希后的密码更新数据库。我已经更改了列的长度,以确保密码不会太长。然后我将其写入我的方法,该方法应该将值写入数据库。
sqlInsert = "UPDATE dealers SET Password = ?, Password2 = ?, PasswordID = ? WHERE DNo = ?";
PreparedStatement statement = connect.prepareStatement(sqlInsert);
statement.setString(1, pw2);
statement.setString(2, pw1);
statement.setString(3, pId);
statement.setString(4, dId);
result = statement.executeUpdate(sqlInsert);
问题是每次我 运行 程序都会出现以下错误:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, Password2 = ?, PasswordID = ? WHERE DNo = ?' at line 1
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, Password2 = ?, PasswordID = ? WHERE DNo = ?' at line 1
at sun.reflect.GeneratedConstructorAccessor7.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorA ccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.Util.getInstance(Util.java:384)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4232)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4164)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2615)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2776)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2832)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1755)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1679)
at com.secureautodata.business.data.KeyGenerator.encInsert(KeyGenerator.java:99)
at com.secureautodata.business.data.KeyGenerator.main(KeyGenerator.java:392)
我已经分解了语法并单独在数据库中进行了尝试,它运行良好,我准备好的语句中是否遗漏了什么?
替换
result = statement.executeUpdate(sqlInsert);
与
result = statement.executeUpdate();
第一个方法在基础 Statement 接口中定义,将在没有绑定参数的情况下执行给定的 SQL 更新字符串。您需要使用 PreparedStatement.
中定义的那个
我构建了一个小程序,用于循环数据库中的密码列表,对它们进行哈希处理,并使用哈希后的密码更新数据库。我已经更改了列的长度,以确保密码不会太长。然后我将其写入我的方法,该方法应该将值写入数据库。
sqlInsert = "UPDATE dealers SET Password = ?, Password2 = ?, PasswordID = ? WHERE DNo = ?";
PreparedStatement statement = connect.prepareStatement(sqlInsert);
statement.setString(1, pw2);
statement.setString(2, pw1);
statement.setString(3, pId);
statement.setString(4, dId);
result = statement.executeUpdate(sqlInsert);
问题是每次我 运行 程序都会出现以下错误:
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, Password2 = ?, PasswordID = ? WHERE DNo = ?' at line 1
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?, Password2 = ?, PasswordID = ? WHERE DNo = ?' at line 1
at sun.reflect.GeneratedConstructorAccessor7.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorA ccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:409)
at com.mysql.jdbc.Util.getInstance(Util.java:384)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4232)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4164)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2615)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2776)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2832)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1755)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1679)
at com.secureautodata.business.data.KeyGenerator.encInsert(KeyGenerator.java:99)
at com.secureautodata.business.data.KeyGenerator.main(KeyGenerator.java:392)
我已经分解了语法并单独在数据库中进行了尝试,它运行良好,我准备好的语句中是否遗漏了什么?
替换
result = statement.executeUpdate(sqlInsert);
与
result = statement.executeUpdate();
第一个方法在基础 Statement 接口中定义,将在没有绑定参数的情况下执行给定的 SQL 更新字符串。您需要使用 PreparedStatement.