英文:
Why am I getting a java.sql.SQLException near "@" in my JDBC SQLite database?
问题
以下是您要翻译的内容:
我正试图在我的SQLite数据库中更新数值。我的代码如下:
for(Cookie ck:cookie) {
if (ck.getName().equals("email")) {
s=ck.getValue();
System.out.println(s);
for(Cookie ce:cookie) {
if(ce.getName().equals("name")) {
System.out.println(ce.getValue());
i=PS.executeUpdate("UPDATE Details "+"SET name="+ce.getValue()+" WHERE email="+s);
}
else if (ce.getName().equals("age")) {
System.out.println(ce.getValue());
i=PS.executeUpdate("UPDATE Details "+"SET age="+ce.getValue()+" WHERE email="+s);
}
}
break;
}
}
在这里,我试图通过使用Cookies
来获取name、age和email,并将这些值更新到数据库中。然后,当我输入数据时,我会收到以下错误(假设邮箱为:abc@gmail.com):
java.sql.SQLException: near "@gmail": syntax error
at org.sqlite.NativeDB.throwex(NativeDB.java:210)
at org.sqlite.NativeDB._exec(Native Method)
at org.sqlite.Stmt.executeUpdate(Stmt.java:152)
at abhishek.Modify.doGet(Modify.java:44)...
英文:
I am trying to update values in my SQLite Database. My code is as follows:
for(Cookie ck:cookie) {
if (ck.getName().equals("email")) {
s=ck.getValue();
System.out.println(s);
for(Cookie ce:cookie) {
if(ce.getName().equals("name")) {
System.out.println(ce.getValue());
i=PS.executeUpdate("UPDATE Details "+"SET name="+ce.getValue()+" WHERE email="+s);
}
else if (ce.getName().equals("age")) {
System.out.println(ce.getValue());
i=PS.executeUpdate("UPDATE Details "+"SET age="+ce.getValue()+" WHERE email="+s);
}
}
break;
}
}
Here, I am trying to fetch the name, age and email with the help of Cookies
and updating those values in the database. Then when I enter the inputs, I get this error (suppose the email is: abc@gmail.com):
java.sql.SQLException: near "@gmail": syntax error
at org.sqlite.NativeDB.throwex(NativeDB.java:210)
at org.sqlite.NativeDB._exec(Native Method)
at org.sqlite.Stmt.executeUpdate(Stmt.java:152)
at abhishek.Modify.doGet(Modify.java:44)...
答案1
得分: 0
i = PS.executeUpdate("UPDATE Details SET name='" + ce.getValue() + "' WHERE email='" + s + "'")
...
i = PS.executeUpdate("UPDATE Details SET age=" + ce.getValue() + " WHERE email='" + s + "'")
BTW learn about prepared statements to prevent sql-injection
英文:
You have to add single quotes around strings in sql.
i=PS.executeUpdate("UPDATE Details "+"SET name='"+ce.getValue()+"' WHERE email='"+s+"'");
...
i=PS.executeUpdate("UPDATE Details "+"SET age="+ce.getValue()+" WHERE email='"+s+"'")
BTW learn about prepared statements to prevent sql-injection
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论