我在将Java添加到SQL时遇到了问题。

huangapple go评论85阅读模式
英文:

I'm facing an issue when I'm adding java to sql

问题

好的,以下是您要翻译的内容:

嗯,我想用一段 Java 代码来更新一个 SQL 查询,但它不起作用。我不知道我是否在使用正确的方法。

这是我的代码:

String GICA_petrom_filter = "";

if (context.yoda_core_country.equals("ROU")) {
  GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}

我可以使用预处理语句吗?不确定它是否高效...

英文:

Well, I want to update an SQL query with a chunk of java code but it doesn't work. I don't know if I'm using the right way to do it.

Here my code :

String GICA_petrom_filter = "";

if (context.yoda_core_country.equals("ROU")) {
  GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}

Can I use a prepared statement ? not sure if it's efficient...

答案1

得分: 0

首先,您不应该在SQL中像这样连接字符串,这是一个非常不好的习惯,这应该能帮助您:https://www.baeldung.com/sql-injection

尝试使用查询构建器,或者使用上面链接文章中描述的方法。

然后,在这个部分之后,你缺少一个空格:

AND NASSAS NOT IN (SELECT MAG FROM '"

将其改为:

AND NASSAS NOT IN (SELECT MAG FROM '"

但正如我所说,您不应该使用连接来构建此类查询;)
还要尝试将您在日志中收到的错误发布出来,当您提出问题时,这对于解决您的问题非常有帮助!

英文:

First of all you should not concatenate strings like this in SQL, it is a really bad habit, this should help you https://www.baeldung.com/sql-injection

Try to use query builders, or the methods described if the article linked above

And then you're missing a space after the

> AND NASSAS NOT IN (SELECT MAG FROM'"

change it to :

> AND NASSAS NOT IN (SELECT MAG FROM '"

But as I said, you should not concatenate to build queries like this 我在将Java添加到SQL时遇到了问题。
Also try posting the errors you get in the log, when you ask a question, it helps a lot to solve your issues !

huangapple
  • 本文由 发表于 2020年10月19日 23:31:33
  • 转载请务必保留本文链接:https://go.coder-hub.com/64430515.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定