-1

在 JDBC 中工作时,我不断收到令牌的语法令牌错误hoursWorkedToday,即使它是一个合法变量,并且hoursWorked是一个列名。类型也匹配。

projectUpdate.executeUpdate("INSERT INTO projectLog (hoursWorked, weyerhaeuserWork, sudokuWork,websiteWork, scriptWork," +
                    "tropeWork) VALUES ("hoursWorkedToday +",'"+internWork+"','"+sudokuWork+"', '"+websiteWork+"' ,'"+scriptWork+"' ,'"+tropeWork+"')");

再次出现错误hoursWorkedToday,不知道为什么......语法与我运行的其他查询匹配,例如......

workoutUpdate.executeUpdate("INSERT INTO workoutLog (workedOut, milesRan, comments) VALUES (1,"+miles+" ,"+
                    workoutComments+"')");
4

3 回答 3

2

VALUES ("hoursWorkedToday在语法上不正确。你缺少一个+符号。

我强烈建议您使用PreparedStatements 而不是自己组装 SQL 字符串。PreparedStatements 更快(数据库驱动程序将编译和重用它们),更易于使用,并保护您免受 SQL 注入。

您可以使用 PreparedStatement 替换您的查询,如下所示:

PreparedStatement p = connection.prepareStatement("INSERT INTO projectLog(hoursWorked, weyerhaeuserWork, sudokuWork,websiteWork, scriptWork, tropeWork) VALUES (?, ?, ?, ?, ?, ?)");
p.setInt(1, hoursWorkedToday);
...
p.execute();
于 2013-05-12T03:15:46.687 回答
0

projectUpdate.executeUpdate("INSERT INTO projectLog (hoursWorked, weyerhaeuserWork, sudokuWork,websiteWork, scriptWork," + "tropeWork) VALUES ('"+hoursWorkedToday+"','"+internWork+"','"+sudokuWork+"', '"+ websiteWork+"' ,'"+scriptWork+"' ,'"+tropeWork+"')");

不确定,但它有效,但您可以尝试。您没有在 hoursWorkedToday+ 中添加 ''

于 2013-05-12T03:14:56.640 回答
0

您错过了结束报价和 hoursWorkedToday 之间的加号:

projectUpdate.executeUpdate("INSERT INTO projectLog (hoursWorked, weyerhaeuserWork, sudokuWork,websiteWork, scriptWork," +
"tropeWork) VALUES (" + hoursWorkedToday +",'"+internWork+"','"+sudokuWork+"', '"+websiteWork+"' ,'"+scriptWork+"' ,'"+tropeWork+"')");
--                    ^ here
于 2013-05-12T03:15:02.093 回答