我有一個Prepared Statements的方法。當我使用set string/int/etc方法添加參數時,它會顯示我java.sql.SQLException: Parameter index out of range (3 > number of parameters, which is 0).
並且在控制檯中,我收到了這樣的查詢select*from users where users.enabled = true AND users.weight <= ? AND users.gender LIKE ?
。它不會取代我的?
元素。 這是我的方法!請幫助!無法向Prepared Statement添加參數。 JAVA。 Spring MVC
@SuppressWarnings("unchecked")
@Override
public List<Users> listUsersSort(int weight, String gender, String place, int ageTo, String currentUser) {
System.out.println(weight+gender+place+ageTo+currentUser);
Connection dbConnection = null;
PreparedStatement preparedStatement = null;
Session session=null;
int iterator=0;
List<Users> usersList =null;
String selectSQL="select users.username, users.checkusr, users.password, users.name, users.enabled, users.surname, users.email, users.gender, users.age, users.weight, users.height, users.sport, users.place, users.photo from users where users.enabled = true";
System.out.println(selectSQL);
Connection con=getConnection();
try {
preparedStatement = con.prepareStatement(selectSQL);
} catch (SQLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
//String query = ";
if (weight<40 == false) {
String weightParam = " AND users.weight <= ?";
selectSQL=selectSQL.concat(weightParam);
System.out.println(selectSQL);
// query = query.concat(weightParam);
try {
iterator+=1;
System.out.println(iterator);
preparedStatement.setInt(iterator, weight);
} catch (SQLException e) {
System.out.println("second catch block");
e.printStackTrace();
}
System.out.println(selectSQL);
}
if (gender.isEmpty() == false) {
String genderParam = " AND users.gender LIKE '?'";
selectSQL=selectSQL.concat(genderParam);
try {
iterator+=1;
preparedStatement.setString(iterator, gender);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//String genderParam = " AND users.gender LIKE " + "'" + gender + "'";
//query = query.concat(genderParam);
System.out.println(selectSQL);
}
if (place.isEmpty() == false) {
String placeParam = " AND users.place LIKE '?'";
selectSQL=selectSQL.concat(placeParam);
try {
iterator+=1;
preparedStatement.setString(iterator, place);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//query = query.concat(placeParam);
System.out.println(selectSQL);
}
if (ageTo<40 == false) {
String age = " AND users.age <= ?";
selectSQL=selectSQL.concat(age);
try {
iterator+=1;
preparedStatement.setInt(iterator, ageTo);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//query = query.concat(age);
System.out.println(selectSQL);
}
String withoutUser=" AND users.username NOT LIKE '?'";
//query=query.concat(withoutUser);
selectSQL=selectSQL.concat(withoutUser);
try {
iterator+=1;
preparedStatement.setString(iterator, currentUser);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
ResultSet rs=null;
try {
rs = preparedStatement.executeQuery();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
while (rs.next()) {
String username = rs.getString("username");
System.out.println("username : " + username);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return usersList;
}
你是做'preparedStatement時= con.prepareStatement(selectSQL);'你修改你的'通過連接'weightParam'等 – user2004685