java 如何从用户输入 JTextField 将值插入 MySql 表
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14019164/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to insert value into MySql table from user input JTextField
提问by user1907971
I've tried to insert value into a table from user input in JTextField. The code runs with an error:
我试图从 JTextField 中的用户输入将值插入表中。代码运行时出现错误:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax
你的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册以获取正确的语法
Can anyone help me solve this problem? Thanks!
谁能帮我解决这个问题?谢谢!
Here is my code.
这是我的代码。
import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.BorderLayout;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.swing.JButton;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JTextField;
class InputRoute
{
JTextField text1;
JTextField text2;
JTextField text3;
String c;
Float d;
public void inputRoute()
{
Connection conn = null;
String url = "jdbc:mysql://localhost:3306/";
String dbName = "YarraTram";
String driver = "com.mysql.jdbc.Driver";
String userName = "root";
String password = "abc123";
try
{
Class.forName(driver).newInstance();
conn = DriverManager.getConnection(url + dbName, userName, password);
PreparedStatement statement = conn.prepareStatement("INSERT INTO ('route', 'price') VALUES ('"+c+"', '"+d+"')");
statement.executeQuery();
}
catch (Exception e)
{
e.printStackTrace();
}
}
public void createAndShowGUI()
{
final JFrame frame = new JFrame("Yarra Tram Route Finder(New Route)");
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
frame.setLayout(new FlowLayout());
JLabel label1 = new JLabel("From: ");
JLabel label2 = new JLabel("To: ");
JLabel label3 = new JLabel("Price: ");
text1 = new JTextField(20);
text2 = new JTextField(20);
text3 = new JTextField(20);
JButton button1 = new JButton("Add");
JButton button2 = new JButton("Close");
frame.add(label1, BorderLayout.WEST);
frame.add(text1, BorderLayout.EAST);
frame.add(label2, BorderLayout.WEST);
frame.add(text2, BorderLayout.EAST);
frame.add(label3, BorderLayout.WEST);
frame.add(text3, BorderLayout.EAST);
frame.add(button1);
frame.add(button2);
button2.addActionListener(new ActionListener()
{
@Override
public void actionPerformed(ActionEvent e)
{
String a = text1.getText();
String b = text2.getText();
d = Float.parseFloat(text3.getText());
c = a + " - " + b;
inputRoute();
}
});
button2.addActionListener(new ActionListener()
{
@Override
public void actionPerformed(ActionEvent e)
{
frame.dispose();
}
});
frame.setSize( 500,120 );
frame.setLocationRelativeTo( null );
frame.pack();
frame.setVisible(true);
}
}
Here is my MySQL table
这是我的 MySQL 表
CREATE TABLE `route` (
`rid` int(11) NOT NULL AUTO_INCREMENT,
`route` varchar(100) ,
`price` decimal(5,2) ,
PRIMARY KEY (`rid`)
)
回答by Mahmoud Gamal
First, you are missing the table name in:
首先,您缺少表名:
... ("INSERT INTO ('route', 'price') VALUES ...
/\
here
second, you shouldn't use the colons 'with columns' names. Use the backtick instead like so:
其次,您不应该使用'带有列名称的冒号。像这样使用反引号:
... ("INSERT INTO `route` (`route`, `price`) VALUES ...
The colons are used to pass literal values.
冒号用于传递文字值。
回答by user527
INSERT INTO "table_name" ("column1", "column2", ...)
VALUES ("value1", "value2", ...)
回答by Vallabh Patade
You are missing the table name in your SQL query. You need not to put the column names in single quotes. Only non-numeric values need to be place in single quotes.
您在 SQL 查询中缺少表名。您不需要将列名放在单引号中。只有非数字值需要放在单引号中。
As you are going with prepared statement then why your not setting the parameters by using PreparedStatement#setParamater(). By this current code I don't think if you taking PreparedStatement's full advantage. Prepared statements have their own set of advantages.
First of all it help to avoid SQL injection and then improves Query performance. You can google the further details.
当您使用准备好的语句时,为什么不使用PreparedStatement#setParamater(). 通过当前的代码,我认为您不会充分利用 PreparedStatement 的优势。准备好的语句有其自身的优点。首先它有助于避免 SQL 注入,然后提高 Query 性能。你可以谷歌谷歌进一步的细节。
String c = <your_route>;
float d = <your_price>;
PreparedStatement statement = conn.prepareStatement("INSERT INTO TABLE_NAME('route', 'price') VALUES (?, ?)");
statement.setString(1,c);
statement.setFloat(2,d);
statement.executeQuery();
回答by Fahim Parkar
Point 1
第 1 点
You are missing table name
您缺少表名
PreparedStatement statement = conn.prepareStatement("INSERT INTO tableName ('route', 'price') VALUES ('"+c+"', '"+d+"')");
^^^^^^^^^
Point 2
第 2 点
The way you are dealing with prepared statement is not right way. Always have like below.
您处理准备好的语句的方式不是正确的方式。总是有像下面。
PreparedStatement statement = conn.prepareStatement("INSERT INTO tableName (route, price) VALUES (?, ?)");
statement.setString(1, c);
statement.setFloat(2, d);
Point 3
第 3 点
Also I think 'route', 'price'will not work. I feel you wanted to use `(backtick) instead of single quote '
我也认为'route', 'price'行不通。我觉得你想使用`(反引号)而不是单引号'
So, your final statement should be
所以,你的最终声明应该是
PreparedStatement statement = conn.prepareStatement("INSERT INTO tableName
(route, price) VALUES (?, ?)");
statement.setString(1, c);
statement.setFloat(2, d);
