1. 首頁
  2. 問答
  3. 在java中設置一個SQL計數作爲變量

在java中設置一個SQL計數作爲變量

2015-12-09 54 views
1 
ResultSet rs = stm.executeQuery("SELECT count(*) FROM `hs` WHERE `username` ='"+c.playerName+"' LIMIT 1"); 
int rows = 0; 

try 
{ 
    rs.last(); 
    rows = rs.getRow(); 
    rs.beforeFirst(); 
} 
catch(Exception ex) 
{ 
    ex.printStackTrace(); 
    return false; 
} 

if(rows > 0) 
{ 
    query("UPDATE `hs` SET `overall_lvl` = '"+overallLVL+"',`overall_xp` = '"+overallXP+"',`attack_lvl` = '"+c.playerLevel[0]+"',`attack_xp` = '"+c.playerXP[0]+"',`defence_lvl` = '"+c.playerLevel[1]+"',`defence_xp` = '"+c.playerXP[1]+"',`strength_lvl` = '"+c.playerLevel[2]+"',`strength_xp` = '"+c.playerXP[2]+"',`ranged_lvl` = '"+c.playerLevel[3]+"',`ranged_xp` = '"+c.playerXP[3]+"',`prayer_lvl` = '"+c.playerLevel[4]+"',`prayer_xp` = '"+c.playerXP[4]+"',`magic_lvl` = '"+c.playerLevel[5]+"',`magic_xp` = '"+c.playerXP[5]+"',`cooking_lvl` = '"+c.playerLevel[6]+"',`cooking_xp` = '"+c.playerXP[6]+"',`woodcutting_lvl` = '"+c.playerLevel[7]+"',`woodcutting_xp` = '"+c.playerXP[7]+"',`fletching_lvl` = '"+c.playerLevel[8]+"',`fletching_xp` = '"+c.playerXP[8]+"',`fishing_lvl` = '"+c.playerLevel[9]+"',`fishing_xp` = '"+c.playerXP[9]+"',`firemaking_lvl` = '"+c.playerLevel[10]+"',`firemaking_xp` = '"+c.playerXP[10]+"',`crafting_lvl` = '"+c.playerLevel[11]+"',`crafting_xp` = '"+c.playerXP[11]+"',`smithing_lvl` = '"+c.playerLevel[12]+"',`smithing_xp` = '"+c.playerXP[12]+"',`mining_lvl` = '"+c.playerLevel[13]+"',`mining_xp` = '"+c.playerXP[13]+"',`herblore_lvl` = '"+c.playerLevel[14]+"',`herblore_xp` = '"+c.playerXP[14]+"',`agility_lvl` = '"+c.playerLevel[15]+"',`agility_xp` = '"+c.playerXP[15]+"',`thieving_lvl` = '"+c.playerLevel[16]+"',`thieving_xp` = '"+c.playerXP[16]+"',`slayer_lvl` = '"+c.playerLevel[17]+"',`slayer_xp` = '"+c.playerXP[17]+"',`farming_lvl` = '"+c.playerLevel[18]+"',`farming_xp` = '"+c.playerXP[18]+"',`runecrafting_lvl` = '"+c.playerLevel[19]+"',`runecrafting_xp` = '"+c.playerXP[19]+"',WHERE `username` = '"+c.playerName+"'"); 
} 
else 
{ 
    query("INSERT INTO `hs` SET `username` = '"+c.playerName+"', `overall_lvl` = '"+overallLVL+"',`overall_xp` = '"+overallXP+"',`attack_lvl` = '"+c.playerLevel[0]+"',`attack_xp` = '"+c.playerXP[0]+"',`defence_lvl` = '"+c.playerLevel[1]+"',`defence_xp` = '"+c.playerXP[1]+"',`strength_lvl` = '"+c.playerLevel[2]+"',`strength_xp` = '"+c.playerXP[2]+"',`ranged_lvl` = '"+c.playerLevel[3]+"',`ranged_xp` = '"+c.playerXP[3]+"',`prayer_lvl` = '"+c.playerLevel[4]+"',`prayer_xp` = '"+c.playerXP[4]+"',`magic_lvl` = '"+c.playerLevel[5]+"',`magic_xp` = '"+c.playerXP[5]+"',`cooking_lvl` = '"+c.playerLevel[6]+"',`cooking_xp` = '"+c.playerXP[6]+"',`woodcutting_lvl` = '"+c.playerLevel[7]+"',`woodcutting_xp` = '"+c.playerXP[7]+"',`fletching_lvl` = '"+c.playerLevel[8]+"',`fletching_xp` = '"+c.playerXP[8]+"',`fishing_lvl` = '"+c.playerLevel[9]+"',`fishing_xp` = '"+c.playerXP[9]+"',`firemaking_lvl` = '"+c.playerLevel[10]+"',`firemaking_xp` = '"+c.playerXP[10]+"',`crafting_lvl` = '"+c.playerLevel[11]+"',`crafting_xp` = '"+c.playerXP[11]+"',`smithing_lvl` = '"+c.playerLevel[12]+"',`smithing_xp` = '"+c.playerXP[12]+"',`mining_lvl` = '"+c.playerLevel[13]+"',`mining_xp` = '"+c.playerXP[13]+"',`herblore_lvl` = '"+c.playerLevel[14]+"',`herblore_xp` = '"+c.playerXP[14]+"',`agility_lvl` = '"+c.playerLevel[15]+"',`agility_xp` = '"+c.playerXP[15]+"',`thieving_lvl` = '"+c.playerLevel[16]+"',`thieving_xp` = '"+c.playerXP[16]+"',`slayer_lvl` = '"+c.playerLevel[17]+"',`slayer_xp` = '"+c.playerXP[17]+"',`farming_lvl` = '"+c.playerLevel[18]+"',`farming_xp` = '"+c.playerXP[18]+"',`runecrafting_lvl` = '"+c.playerLevel[19]+"',`runecrafting_xp` = '"+c.playerXP[19]+"'"); 

}

當我運行它時,它只會執行插入操作,在第二次運行時它將不會再次執行。我相信這是關於不正確變成int的行。我能做些什麼來正確設置它?在java中設置一個SQL計數作爲變量

來源

2015-12-09 Jarred Slyestcat

+2

請學習如何使用參數,不要使用字符串連接,因爲https://en.wikipedia.org/wiki/SQL_injection – Betlista

回答

0

選擇計數查詢始終返回1行

您需要獲取計數值並測試該值是否大於0。

正確的代碼應該是類似以下內容:

long rows = 0; 
try { 
    if (rs.next()) { 
     rows = rs.getLong(1); 
    } 
    if (rows > 0) { 
     // Query for update 
    } else { 
     // Query for insert 
    } 
    ....

額外的小費:不使用Statement。改爲使用PreparedStament,它解決與SQL注入的問題,是簡單從一個程序員點讀

來源

2015-12-09 08:28:30

+0

所以我想'getRow()'的使用在這裏只是一個錯誤? –

+0

對不起,應該是很長的,用相關的方法getLong(1) –

1

不知道你爲什麼做last()getRow()那裏 - 「默認」得到一個唯一的結果的方式從您的COUNT(*)會是這樣的:

int rows = 0; 
try { 
    //Check if there is a row - the if you could leave out in this case. 
    if(rs.next()) { 
    //Get the int as position 1 in the result - that's your count(*) 
    rows = rs.getInt(1); 
    }

也請考慮關閉Statement S和ResultSet秒。否則,您會創建資源泄漏。

此外,您應該檢查到PreparedStatement,它的用途是爲了防止代碼中的SQL注入。

來源

2015-12-09 08:29:11 Jan

0

我建議改變查詢

SELECT count(*) cnt FROM

然後用

rs.getInt("cnt"); // do something

來源

2015-12-09 08:32:01 Betlista

2

你的代碼應該是:(!)

int rows; // No need to initialize 
try (PreparedStatement stmt = conn.prepareStatement("SELECT count(*)" + 
                " FROM `hs`" + 
                " WHERE `username` = ?")) { // No need for LIMIT 1 
    stmt.setString(1, c.playerName); // This prevents syntax errors and SQL Injection issues 
    try (ResultSet rs = stmt.executeQuery()) { 
     rs.next(); // SELECT count(*) always returns exactly 1 row 
     rows = rs.getInt(1); // Get value of first column 
    } 
}

請使用PreparedStatement爲您INSERT和UPDATE語句。

來源

2015-12-09 08:34:23 Andreas

相關問題

 相關問題