請幫我解決下面的問題。隨着下面的代碼Java SQL例外命令沒有正確結束
if (con == null || con.isClosed()) con = DBBase.getNewConnection();
sb = con.createStatement();
resSet = sb.executeQuery("select * from USERSAGGRS where userid='" +user.getUserid()+ "' AND id='" +aggid+ "' ");
當負載jsp頁面中我得到這個錯誤:的user.getUserid()和/或aggid
java.sql.SQLException: ORA-00933: SQL command not properly ended
最有可能的值的問題。您可以通過打印查詢並在任何Oracle DBMS客戶端中測試它來測試它。
System.out.println("select * from USERSAGGRS where userid='" +user.getUserid()+ "' AND id='" +aggid+ "' ")
OTOH
正確的方法做的是通過使用PreparedStatement
if (con == null || con.isClosed()) con = DBBase.getNewConnection();
String SQL = "select * from USERSAGGRS where userid=? AND id=?"
sb = con.prepareStatement(SQL);
sb.setString(1,user.getUserid());
sb.setString(2,aggid);
resSet = sb.executeQuery();
通過使用PreparedStatement的你也可避免SQLInjections
顯示你的代碼的總節please.so爲以獲得您的計劃的展望 – Vijay