0

我的 Access Database memberID 现在是 M15,我想获取下一个 memberID M16,如何获取并显示在文本字段中?

字符串查询;

query = "INSERT INTO Membership VALUES ('" +memberID_a.getText() + "','" +memberName_a.getText() + "','" + icNo_a.getText()  + "','" + gender_a.getText()  +"','" + birthday_a.getText()  +"','" + telephoneNo_a.getText()  + "','" + mobileNo_a.getText()  + "','" + email_a.getText()  + "','" + address_a.getText()  + "','" + postalCode_a.getText() + "','" + state_a.getText()  + "','" + country_a.getText()  + "','" + memberPoint_a.getText() + "');"; 



try{

        stmtInsert = conn.createStatement(); 
        stmtInsert.executeUpdate(query);

} catch(Exception ex){
            JOptionPane.showMessageDialog(null,"ERROR"+ex.toString(),"ERROR",JOptionPane.ERROR_MESSAGE);
}
4

1 回答 1

0 
query = "INSERT INTO Membership VALUES ('" +memberID_a.getText() + "','" +memberName_a.getText() + "','" + icNo_a.getText()  + "','" + gender_a.getText()  +"','" + birthday_a.getText()  +"','" + telephoneNo_a.getText()  + "','" + mobileNo_a.getText()  + "','" + email_a.getText()  + "','" + address_a.getText()  + "','" + postalCode_a.getText() + "','" + state_a.getText()  + "','" + country_a.getText()  + "','" + memberPoint_a.getText() + "');";

永远不要那样做。

http://en.wikipedia.org/wiki/SQL_injection

改为使用

query = "INSERT INTO Membership VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?)";

每个在哪里?是占位符。

http://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html

无论如何,关于数据库表要意识到的重要一点是,除非您在查询中使用“order by”子句,否则行的顺序是没有意义的。因此,如果您想按 id 列排序,请使用

SELECT * from Membership ORDER BY id;
于 2013-07-08T09:06:03.857 回答