Java Mysql 准备语句语法问题
Java Mysql Prepared statement syntax issue
我在准备好的语句中收到 SQL 代码的语法错误。我已经阅读了网站上的其他答案,但我无法解决这个问题。我的代码如下
private boolean validate_login(String username,String password) {
try{
Class.forName("com.mysql.jdbc.Driver"); // MySQL database connection
String url = "jdbc:mysql://localhost/db_webstore";
String user = "root";
String pw = "Password";
String SQL = "select * from tbl-users where Tbl-UsersUserName=? and Tbl-UsersPassword=?";
Connection conn = DriverManager.getConnection(url, user, pw);
PreparedStatement pst;
pst = conn.prepareStatement(SQL);
pst.setString(1, username);
pst.setString(2, password);
ResultSet rs = pst.executeQuery();
if(rs.next())
return true;
else
return false;
}
catch(Exception e){
e.printStackTrace();
return false;
}
}
报错信息如下
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-users where Tbl-UsersYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-users where Tbl-Users
有人可以提供一些建议吗?提前致谢
您的查询中可能遗漏了一些点。 Table 和列名需要用点分隔。此外,table 名称需要被引用,因为 - 不允许出现在未加引号的标识符中(参见 here):
String SQL = "select * from `Tbl-Users`"
+ " where `Tbl-Users`.UserName=?"
+ " and `Tbl-Users`.Password=?";
更新:
- 将 link 添加到 MySQL 有关有效标识符的文档
- 引用 table 名称使用 `
您应该在数据库连接中包含端口号(3306 代表 MySQL)
因此,您的代码应更正如下
private boolean validate_login(String username,String password) {
try{
Class.forName("com.mysql.jdbc.Driver"); // MySQL database connection
String url = "jdbc:mysql://localhost:3306/db_webstore";
String user = "root";
String pw = "Password";
String SQL = "select * from tbl-users where Tbl-UsersUserName=? and Tbl-UsersPassword=?";
Connection conn = DriverManager.getConnection(url, user, pw);
PreparedStatement pst;
pst = conn.prepareStatement(SQL);
pst.setString(1, username);
pst.setString(2, password);
ResultSet rs = pst.executeQuery();
if(rs.next())
return true;
else
return false;
}
catch(Exception e){
e.printStackTrace();
return false;
}
}
我在准备好的语句中收到 SQL 代码的语法错误。我已经阅读了网站上的其他答案,但我无法解决这个问题。我的代码如下
private boolean validate_login(String username,String password) {
try{
Class.forName("com.mysql.jdbc.Driver"); // MySQL database connection
String url = "jdbc:mysql://localhost/db_webstore";
String user = "root";
String pw = "Password";
String SQL = "select * from tbl-users where Tbl-UsersUserName=? and Tbl-UsersPassword=?";
Connection conn = DriverManager.getConnection(url, user, pw);
PreparedStatement pst;
pst = conn.prepareStatement(SQL);
pst.setString(1, username);
pst.setString(2, password);
ResultSet rs = pst.executeQuery();
if(rs.next())
return true;
else
return false;
}
catch(Exception e){
e.printStackTrace();
return false;
}
}
报错信息如下
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-users where Tbl-UsersYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-users where Tbl-Users
有人可以提供一些建议吗?提前致谢
您的查询中可能遗漏了一些点。 Table 和列名需要用点分隔。此外,table 名称需要被引用,因为 - 不允许出现在未加引号的标识符中(参见 here):
String SQL = "select * from `Tbl-Users`"
+ " where `Tbl-Users`.UserName=?"
+ " and `Tbl-Users`.Password=?";
更新:
- 将 link 添加到 MySQL 有关有效标识符的文档
- 引用 table 名称使用 `
您应该在数据库连接中包含端口号(3306 代表 MySQL)
因此,您的代码应更正如下
private boolean validate_login(String username,String password) {
try{
Class.forName("com.mysql.jdbc.Driver"); // MySQL database connection
String url = "jdbc:mysql://localhost:3306/db_webstore";
String user = "root";
String pw = "Password";
String SQL = "select * from tbl-users where Tbl-UsersUserName=? and Tbl-UsersPassword=?";
Connection conn = DriverManager.getConnection(url, user, pw);
PreparedStatement pst;
pst = conn.prepareStatement(SQL);
pst.setString(1, username);
pst.setString(2, password);
ResultSet rs = pst.executeQuery();
if(rs.next())
return true;
else
return false;
}
catch(Exception e){
e.printStackTrace();
return false;
}
}