在这个INSERT ROW语句(java)中,我做错了什么?

huangapple go评论82阅读模式
英文:

What am I doing wrong in this INSERT ROW statement (java)

问题

我正在尝试使用一个语句,在用户在文本字段中输入姓名和ID号后,将一行插入表中。然而,当我尝试运行程序时,我一直在收到错误消息,而且我实际上是从我的Java书中精确复制了INSERT语句的格式。请参见以下内容:

String insertStudentStatement = "INSERT INTO Students " +
                              "(StudentId, StudentName) " +
                              "VALUES ('" + 
                              studentId + "', '" + 
                              studentName + "')";

我知道我可能在VALUES的引号使用上有问题?以下是我一直收到的错误消息:

CourseSystem.java:323: error: unclosed character literal
"VALUES ('" +
^
CourseSystem.java:325: error: not a statement
studentName + "')";

英文:

I am trying to use a statement that will insert a row in a table once the user types a name and ID number into a text field. However I keep getting an error when trying to run the program and I literally copied the exact format from my Java book for the INSERT statement. See below:

            String insertStudentStatement = "INSERT INTO Students " +
                                      "(StudentId, StudentName) " +
                                      "VALUES ("' + 
                                      studentId + "', " + 
                                      studentName + "')";

I know I must have the quotes wrong for the VALUES?? Here is the error I keep getting:

CourseSystem.java:323: error: unclosed character literal
"VALUES ("' +
^
CourseSystem.java:325: error: not a statement
studentName + "')";
^

答案1

得分: 3

The translated code part is as follows:

String insertStudentStatement = "INSERT INTO Students " +
                              "(StudentId, StudentName) " +
                              "VALUES ('" + studentId + "', '" + 
                              studentName + "')";

Please note that this translation assumes StudentId is a text type and not numeric.

英文:
String insertStudentStatement = "INSERT INTO Students " +
                                  "(StudentId, StudentName) " +
                                  "VALUES ('" + studentId + "', '" + 
                                  studentName + "')";

I think this should give the correct syntax assuming StudentId is a text type and not numeric.

Please also consider the other responses suggesting PreparedStatements with parameters. This reduces SQL injection risks and manages quotes out of the box.

答案2

得分: 1

只要确保括号和引号使用正确。记住在SQL中,字符串值需要使用单引号(')括起来,但数字不需要。所以对于你的数值:

String insertStudentStatement = "INSERT INTO Students (StudentId, StudentName) "
    + "VALUES ('" + StudentId + "', '" + StudentName + "')";

你应该考虑使用PreparedStatement来构建你的查询。使用占位符("?")并通过调用setter方法替换它们的适当值。

英文:

Just make sure you have your brackets and quotes right. Remember you need single (') quotations around String values for SQL but you don't need any around numbers. So for your values:

String insertStudentStatement = "INSERT INTO Students (StudentId, StudentName) "
    + "VALUES ('" + StudentId + "', '" + StudentName + "')"; 

You should consider using PreparedStatements to build your queries instead. Using place holders ("?") and replacing them with the appropriate values by calling setters.

答案3

得分: 0

以下是已翻译的代码部分:

String insertStudentStatement = "INSERT INTO Students (StudentId, StudentName) VALUES ('"
                              + studentId
                              + "', '"
                              + studentName
                              + "')";
英文:

Scrambled and missing quotes, try this format for clarity:

String insertStudentStatement = "INSERT INTO Students (StudentId, StudentName) VALUES ('"
                              + studentId
                              + "', '"
                              + studentName
                              + "')";

huangapple
  • 本文由 发表于 2020年8月12日 23:19:43
  • 转载请务必保留本文链接:https://go.coder-hub.com/63379662.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定