logo标签列表

prepared statement语法错误

javamysqlprepared-statement
10

我最近在使用Java PreparedStatements时遇到了这个问题。我有以下的代码:

String selectSql1
        = "SELECT `value` FROM `sampling_numbers` WHERE `value` < (?)" ;
    ResultSet rs1 = con.select1(selectSql1,randNum);

select1方法所在的位置。

    public ResultSet select1(String sql, int randNum) {
    try {
        this.stmt = con.prepareStatement(sql);
        stmt.setInt(1, randNum);
        return this.stmt.executeQuery(sql);
    } catch (SQLException e) {
        e.printStackTrace();
        return null;
    }
}

然而,它一直抛出这个错误:

com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '?)' at line 1
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
    at com.mysql.jdbc.Util.handleNewInstance(Util.java:411)
    at com.mysql.jdbc.Util.getInstance(Util.java:386)
    at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1054)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4237)
    at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:4169)
    at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2617)
    at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2778)
    at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2828)
    at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2777)
    at com.mysql.jdbc.StatementImpl.executeQuery(StatementImpl.java:1651)
    at util.P_DBCon.select1(P_DBCon.java:59)
    at app.RandomNumberGenerator.main(RandomNumberGenerator.java:60)

    Exception in thread "main" java.lang.NullPointerException
    at app.RandomNumberGenerator.main(RandomNumberGenerator.java:64)

当我采用“...value < " + randNum”这种天真的方式时,不会出现这个问题,但是我想采用这种方式。

非常感谢任何帮助。

更新

我尝试了社区提供的各种建议,比如

String selectSql1
        = "SELECT `value` FROM `sampling_numbers` WHERE value < ?" ;

String selectSql1
        = "SELECT value FROM sampling_numbers WHERE value < ?" ;

仍然出现错误信息。

你能否将 SQL 语句中的所有 ` 去掉,以及问号周围的括号也去掉吗?可能像这样:selectSql1 = "SELECT value FROM sampling_numbers WHERE value < ?" - Juned Ahsan
1
为什么你在周围使用括号? - Scary Wombat
@JunedAhsan,我尝试了你的变化,仍然出现错误。 - bryan.blackbee
@JunedAhsan:占位符“?”周围的括号不是错误。看起来OP是从别处发布了错误信息。 - Ravinder Reddy
@bryansis2010,你的第二个SQL字符串应该是有效的,请清理你的项目并重新构建。 - Abhishek Nayak
2个回答
19
您的问题的解决方案实际上非常简单,您调用了Statement.executeQuery(String)而不是PreparedStatement.executeQuery()
this.stmt = con.prepareStatement(sql); // Prepares the Statement.
stmt.setInt(1, randNum);               // Binds the parameter.
// return this.stmt.executeQuery(sql); // calls Statement#executeQuery
return this.stmt.executeQuery();       // calls your set-up PreparedStatement
正是我所需要的。谢谢!也感谢您的解释。 - bryan.blackbee
0
public ResultSet select1(String sql, int randNum) {
    try {
        this.stmt = con.prepareStatement(sql);
        stmt.setInt(1, randNum);
        return this.stmt.executeQuery();
    } catch (SQLException e) {
        e.printStackTrace();
        return null;
    }
}

请参考下面的代码

PreparedStatement statement =  con.prepareStatement("SELECT EMP_ID,EMP_PWD FROM employee " +
                    "WHERE EMP_ID = '"+param1+"'");
            ResultSet result = statement.executeQuery();
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接