0

收到以下 jsp 代码的错误:

 <%@ page import ="java.sql.*" %>
<%@ page import ="javax.sql.*" %>
<%
String user=request.getParameter("userid"); 
session.putValue("userid",user); 
String pwd=request.getParameter("pwd"); 
String fname=request.getParameter("fname"); 
String lname=request.getParameter("lname"); 
String email=request.getParameter("email"); 
Class.forName("com.mysql.jdbc.Driver"); 
java.sql.Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/test",
"root","123"); 
Statement st= con.createStatement(); 
ResultSet rs; 
int i=st.executeUpdate("insert into users values ('"+user+"','"+pwd+"','"+fname+"',
'"+lname+"','"+email+"')"); 


%>

我得到的错误如下:

org.apache.jasper.JasperException: Unable to compile class for JSP: 

An error occurred at line: 15 in the jsp file: /db/reg.jsp
String literal is not properly closed by a double-quote
12: "root","123"); 
13: Statement st= con.createStatement(); 
14: ResultSet rs; 
15: int i=st.executeUpdate("insert into users values ('"+user+"','"+pwd+"','"+fname+"',
16: '"+lname+"','"+email+"')"); 
17: 
18: 


Stacktrace:
    org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:102)
    org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:331)
    org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:469)
    org.apache.jasper.compiler.Compiler.compile(Compiler.java:378)
    org.apache.jasper.compiler.Compiler.compile(Compiler.java:353)
    org.apache.jasper.compiler.Compiler.compile(Compiler.java:340)
    org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:646)
    org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:357)
    org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
    org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:722)

我不知道这里出了什么问题。我是jsp新手,所以请帮我做一个简单的解释。端口号、用户名密码和其他对 jsp 文件正确的内容。还有什么我忽略的。请帮我纠正错误。

4

3 回答 3

1

Firstly , don't use scriptlets in JSP file, you can have this logic in Servlet or some DAO class.

Next thing , the below line should be a single line :

java.sql.Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/test","root","123");

Even put this in a single line :

int i=st.executeUpdate("insert into users values ('"+user+"','"+pwd+"','"+fname+"','"+lname+"','"+email+"')");

Better construct a query string with placeholders and use PreparedStatement and set each value . It will prevent all these String formatting issues as well as from SQL Injection.

String query = "insert into users values (?,?,?,?,?,?)";
PreparedStatement statement = connection.prepareStatement(query);
statement.setString(user);
.............
.............
int updateSuccessful = statement.executeUpdate();
于 2013-07-30T09:38:44.650 回答
0

怀疑String格式,试试这个:

java.sql.Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/"+
"test","root","123");
于 2013-07-30T09:39:10.373 回答
0

您必须包含带双引号的字符串文字->“。我无法运行代码,但您的错误在您的 sql 语句中。术语“插入用户值”被解释为字符串。

于 2013-07-30T09:39:17.770 回答