英文:
I'm facing an issue when I'm adding java to sql
问题
好的,以下是您要翻译的内容:
嗯,我想用一段 Java 代码来更新一个 SQL 查询,但它不起作用。我不知道我是否在使用正确的方法。
这是我的代码:
String GICA_petrom_filter = "";
if (context.yoda_core_country.equals("ROU")) {
GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}
我可以使用预处理语句吗?不确定它是否高效...
英文:
Well, I want to update an SQL query with a chunk of java code but it doesn't work. I don't know if I'm using the right way to do it.
Here my code :
String GICA_petrom_filter = "";
if (context.yoda_core_country.equals("ROU")) {
GICA_petrom_filter = "AND NASSAS NOT IN (SELECT MAG FROM'" + context.link_GICA_PETROM_Schema + "'.PETROM)";
}
Can I use a prepared statement ? not sure if it's efficient...
答案1
得分: 0
首先,您不应该在SQL中像这样连接字符串,这是一个非常不好的习惯,这应该能帮助您:https://www.baeldung.com/sql-injection
尝试使用查询构建器,或者使用上面链接文章中描述的方法。
然后,在这个部分之后,你缺少一个空格:
AND NASSAS NOT IN (SELECT MAG FROM '"
将其改为:
AND NASSAS NOT IN (SELECT MAG FROM '"
但正如我所说,您不应该使用连接来构建此类查询;)
还要尝试将您在日志中收到的错误发布出来,当您提出问题时,这对于解决您的问题非常有帮助!
英文:
First of all you should not concatenate strings like this in SQL, it is a really bad habit, this should help you https://www.baeldung.com/sql-injection
Try to use query builders, or the methods described if the article linked above
And then you're missing a space after the
> AND NASSAS NOT IN (SELECT MAG FROM'"
change it to :
> AND NASSAS NOT IN (SELECT MAG FROM '"
But as I said, you should not concatenate to build queries like this 
Also try posting the errors you get in the log, when you ask a question, it helps a lot to solve your issues !
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论