英文:
Java getString from resultSet cuts off string at first space or takes substring inside of ''
问题
我有一个Servlet,用于查询MySQL数据库,然后在表中显示数据。我有一个名为"type"的列,它是一个字符串。当我使用以下代码时:
rs.getString("type")
在不使用输入项的情况下,我可以获得完整的字符串(rs是resultSet)。但是当我执行以下操作时:
<input name="class" type="text" value=<%=rs.getString("type")%>>
如果字符串中有空格,例如'ABC DEF',那么它的值只会是'ABC'。或者,如果字符串是'1' ABC',那么值只有'1'。
如何使整个值都在value中显示?
英文:
I have a servlet that queries a mysql db and then displays the data in a table. I have a column that is called type and it is a string. When I do
rs.getString("type")
without using a input item I get the full string (rs is the resultSet). But when I do this:
<input name="class" type="text" value=<%=rs.getString("type")%>>
If the string has a space i.e. 'ABC DEF' then it will only have a value of 'ABC'. Or if the string is ''1' ABC' then the value is only '1'.
How can I get the full value to be in the value?
答案1
得分: 1
我相信你的问题类似于 https://stackoverflow.com/questions/20832989/getstring-from-resultset-with-spaces 中提出的问题。你可以尝试将 rs.getString() 的结果存储在一个变量中,并在你的 HTML 中带上引号进行显示。例如,如果返回的字符串是 'ABC DEF',那么它会看起来像:
<input name="class" type="text" value=ABC DEF>
正确的做法应该是:
<input name="class" type="text" value="ABC DEF">
然而,你的代码在很大程度上容易受到 SQL 注入的攻击。请查看我提供的链接,其中有关于如何更完整地回答你问题的信息。
英文:
I believe your question is similar to the one asked in https://stackoverflow.com/questions/20832989/getstring-from-resultset-with-spaces. You should perhaps try storing the result of rs.getString() in a variable and display it with quotes in your HTML. For example, if the string returned is 'ABC DEF', then it'd look like:
<input name="class" type="text" value=ABC DEF>
The proper way to do this would be
<input name="class" type="text" value="ABC DEF">
Your code is however very vulnerable to SQL injection. Please check the link I provided for a more complete answer to your question.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论