0

我正在尝试使用 JoptionPane 更新我的 mysql 表。所以这个想法是先更新 id 然后检查它是否退出,然后请求新值来替换它。

这是该行的来源

else if(ae.getSource()==updateVid){
        String id =JOptionPane.showInputDialog("Enter ID you want to update:");


        try {
            con=DriverManager.getConnection(url,"root","success123");
            stmt = con.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_READ_ONLY);
            int numRows = stmt.executeUpdate("UPDATE FROM films WHERE id='"+id+"'");

            String ids =JOptionPane.showInputDialog("ID:");
            String fn=JOptionPane.showInputDialog("Title:");
            String sn =JOptionPane.showInputDialog("Description:");
            String tn =JOptionPane.showInputDialog("Year:");
            String frn =JOptionPane.showInputDialog("Art:");
            String fifn =JOptionPane.showInputDialog("Duration:");



            rs = stmt.executeQuery("SELECT * FROM films");
            JOptionPane.showMessageDialog(null,"Video has been Rented to the Out","New Rent" ,JOptionPane.OK_OPTION);
            while (rs.next()) {


            }
            rs.close();
            stmt.close();
            con.close();
        }
        catch (SQLException sqle) {
        }
    }
4

1 回答 1

1

使用PreparedStatement而不是Statement因为您的代码容易受到 SQL 注入的影响

我认为这是你需要的:

String updateQuery = "UPDATE films set title = ?,description=?,year=?,art=?,duration=? where id=?";
PreparedStatement ps = con.prepareStatement(updateQuery);

String fn=JOptionPane.showInputDialog("Title:");
String sn =JOptionPane.showInputDialog("Description:");
String tn =JOptionPane.showInputDialog("Year:");
String frn =JOptionPane.showInputDialog("Art:");
String fifn =JOptionPane.showInputDialog("Duration:");

ps.setString(1,fn);
ps.setString(2,sn);
ps.setString(3,tn);
ps.setString(4,frn);
ps.setString(5,fifn);
ps.setString(6,id);
int numRows = ps.executeUpdate();
于 2013-03-24T10:00:21.503 回答