0

我收到了这个 SQL 异常:

  16043 10.8.38.30> 2012-03-06 14:21:00,870 | INFO  | SubThread-10 | DatabaseSender: Executing SQL Statement...; SQL Statement = select ERRORCODE from ERR_MASTER where ErrorDescription='State must be 'pre-installed', 'active', 'inactive' or 'deactive''
  16044 10.8.38.30> 2012-03-06 14:21:00,872 | ERROR | SubThread-10 | Exception caught: E_01_003_0 ORA-00933: SQL command not properly ended
  16045 
  16046 10.8.38.30> 2012-03-06 14:21:00,872 | ERROR | SubThread-10 | SQLState: 42000
  16047 10.8.38.30> 2012-03-06 14:21:00,872 | ERROR | SubThread-10 | Errorcode: 933
  16048 10.8.38.30> 2012-03-06 14:21:00,872 | ERROR | SubThread-10 | Exception Stack:
  16049 10.8.38.30> 2012-03-06 14:21:00,873 | ERROR | SubThread-10 | java.sql.SQLException: ORA-00933: SQL command not properly ended

当然,问题来自ErrorDescription='State must be 'pre-installed', 'active', 'inactive' or 'deactive''在单引号内有单引号字符串。

但是给出下面的代码,遇到上面的异常会不会导致连接泄漏呢?

执行 SQL 的代码:

private String getErrorCode(Connection conn, PreparedStatement ps, ResultSet result, String sErrorDesc) throws Exception {
    String sErrorCode = null;
    StringBuffer sBuffer = new StringBuffer();
    sBuffer.append("SELECT ").append(aaConstants.COL_ERRMASTER_ERRORCODE);
    sBuffer.append(" from ").append(aaConstants.TABLE_ERRMASTER);
    sBuffer.append(" where ").append(aaConstants.COL_ERRMASTER_ERRORDESCRIPTION);
    sBuffer.append(" = '").append(sErrorDesc).append("'");
    try{
        ps = conn.prepareStatement(sBuffer.toString());
        Trace.info("sql : " +sBuffer.toString());       
        result = ps.executeQuery();

        if (result.next())
            sErrorCode = result.getString(aaConstants.COL_ERRMASTER_ERRORCODE);

    }finally{
        aaUtils.cleanUp(null, ps, result);
    }
    if (sErrorCode == null || sErrorCode.equals(""))
        sErrorCode = aaErrorCode.MsgCode_Default_ErrorCode;

    return sErrorCode;
}

上面的方法在这里被调用:

public String getServerExpiredResponse() throws AuthException {
    String retstr="", sessionid="";
    Connection conn = null;
    PreparedStatement ps = null;
    ResultSet result = null;

    if (!loginok) {

        try{
            conn = aaUtils.getDBConnection();
            String session_loginfailure_faultcode = getErrorCode(conn, ps, result, sErrorDesc);
            String session_loginfailure_faultstring = sErrorDesc;

            if (session_loginfailure_faultcode==null) {session_loginfailure_faultcode="";}
            if (session_loginfailure_faultstring==null) {session_loginfailure_faultstring="Failed.";} 
            retstr +=
                "<faultcode>"
                    + session_loginfailure_faultcode
                + "</faultcode>"
                + "<faultstring>"
                    + session_loginfailure_faultstring
                + "</faultstring>";

        } catch (Exception e) {
            throw new AuthException(Trace.stack2string(e));
        }finally{
            aaUtils.cleanUp(conn, ps, result);
        }
    }
    Trace.info("In getServerExpiredResponse " +retstr);
    return retstr;
}

调用getErrorCode()方法中DB连接关闭,由于getErrorCode()中发生异常,getServerExpiredResponse()中连接是否仍然关闭?

您可以看到在 getErrorCode() 内部只有Resultset 和 PreparedStatement 是关闭的。

4

2 回答 2

0

问题Single Quotes出在sql查询中。在sql中,当我们要写引号时,必须写两个引号:' ==>> ''. 要使用Single QuotesSQL Query您必须使用另外两个引用,如下所示:

String sErrorCode = null;
StringBuffer sBuffer = new StringBuffer();
sBuffer.append("SELECT ").append(aaConstants.COL_ERRMASTER_ERRORCODE);
sBuffer.append(" from ").append(aaConstants.TABLE_ERRMASTER);
sBuffer.append(" where ").append(aaConstants.COL_ERRMASTER_ERRORDESCRIPTION);
sBuffer.append(" = '''").append(sErrorDesc).append("'''");

有关更多描述:当您执行 sql 时,如下所示:

select ERRORCODE from ERR_MASTER where ErrorDescription='State must be ''pre-installed'', ''active'', ''inactive'' or ''deactive'''

sql引擎抛出错误:SQL command not properly ended

但是当您执行以下 sql 查询时一切正常:

从 ERR_MASTER 中选择 ERRORCODE,其中 ErrorDescription=''状态必须是 ''pre-installed''、''active''、''inactive'' 或 ''deactive''

有关详细信息,请参阅http://it.toolbox.com/wiki/index.php/How_do_I_escape_single_quotes_in_SQL_queries%3F

于 2012-03-06T07:01:43.090 回答
0

但是给出下面的代码,遇到上面的异常会不会导致连接泄漏呢?

这取决于做什么aaUtils.cleanUp(null, ps, result)。如果它关闭了语句和结果集,那么你不应该得到资源泄漏。

于 2012-03-06T07:34:38.707 回答