数据库插入 [英] Database insertion
问题描述
if(lines.size() >= 5){
String Actor = it.next();
String Bio = it.next();
String More_Bio = it.next();
String Reason = it.next();
String Fact = it.next();
if ( it.hasNext()== true &&it.next().startsWith("Actor : ") )
{
// for quotes
Actor = Actor.replace("'", "''");
// remove comment
Actor = Actor.replace("Actor: ", " ");
System.out.println(Actor);
}
if ( it.hasNext()== true &&it.next().startsWith("Bio: ") )
{
Bio = Bio.replace("'", "''");
Bio = Bio.replace("Bio: ", "");
System.out.println(Bio);
}
if (it.hasNext()== true &&it.next().startsWith("More_Bio: "))
{
More_Bio = More_Bio.replace("'", "''");
More_Bio = More_Bio.replace("More_Bio: ", "");
System.out.println(More_Bio);
}
if (it.hasNext()== true &&it.next().startsWith("Reason: ") )
{
Reason = Reason.replace("'", "''");
Reason = Reason.replace("Reason: ", "");
System.out.println(Reason);
}
if (it.hasNext()== true &&it.next().startsWith("Fact: ") )
{
Fact =Fact.replace("'", "''");
Fact =Fact.replace("Fact: ", "");
System.out.println(Fact);
}
Statement statement = con.createStatement();
statement.executeUpdate("INSERT INTO Tiffany (Actor, Bio, More_Bio, Reason,Fact) values('"+Actor+"','"+Bio+"','"+More_Bio+"','"+Reason+"','"+Fact+"')");
从
读取的文件演员:Zac Efron
File that is read from Actor : Zac Efron
生物:他出生在加利福尼亚的圣路易斯奥比斯波,并在阿罗约格兰德附近上升。在Summerland(2004)的几集中担任主演后,他加入了普通的演员扮演女孩疯狂卡梅伦·贝尔。 Efron还主演了几个飞行员,如Carl Laemke(2003)(电视)和Triple Play(2004)(电视)的大宽世界。
Bio : He was born in San Luis Obispo, California, and raised nearby in Arroyo Grande, After guest-starring in several episodes of "Summerland" (2004), he joined the regular cast as girl-crazy Cameron Bale. Efron also starred in several pilots such as The Big Wide World of Carl Laemke (2003) (TV) and Triple Play (2004) (TV).
More_Bio:Efron毕业Arroyo Grande高中。2006年6月,Efron最喜欢的运动包括高尔夫,滑雪,攀岩和滑雪板运动。他最近在海滩上度过了Summerland之后加入冲浪。
More_Bio : Efron graduated Arroyo Grande High School in June 2006. Efron's favorite sports include golf, skiing, rock climbing, and snowboarding. He recently added surfing after spending days on the beach for "Summerland."
原因:我对这个华丽,漂亮,有天赋的演员很喜欢,因为我在高中音乐剧和发胶上首次见到他,更热。他是好莱坞热门的王子。
Reason : I had a crush on this gorgeous, nice, talented actor since I'd first seen him in "High School Musical" and "Hairspray," and he's even hotter now. He's the reigning prince of hot in Hollywood.
事实:Zac最珍贵的财产是他的亲笔签名的棒球收藏,他是巨大的旧金山巨人球迷。
Fact : Zac's most prized possession is his autographed baseball collection and he is s a huge San Francisco Giants fan.
演员:Taylor Lautner
Actor : Taylor Lautner
个人简介:Taylor Daniel Lautner出生在父亲,Deborah和Daniel Lautner的密歇根州大急流城。他和妹妹Makena在一个位于密歇根州哈德逊维尔市的一个优秀的罗马天主教家庭养育。
Bio : Taylor Daniel Lautner was born in Grand Rapids, Michigan to parents, Deborah and Daniel Lautner. He, and younger sister Makena, were raised in a well-mannered, Roman Catholic household in Hudsonville, Michigan.
More_Bio:然而,除了他对武术的热爱,泰勒迅速发展了一个爱情,在七岁的时候,他的武术教练,谁参与表演业务,鼓励他在一个汉堡王商业的小外观试奏。
More_Bio : However, in addition to his love for martial arts, Taylor quickly developed a love for acting at the age of seven years old when his martial arts instructor, who was involved in show business, encouraged him to audition for a small appearance in a Burger King commercial.
原因:这是一个浑身青春的偶像!我喜欢他作为雅克布·黑在暮光之城系列!他是我见过的最好看的人之一。我很兴奋,当我推特他,他回答了一次!
Reason : This is one hunky teen idol! I loved him as Jacob Black in the "Twilight" series! He is one of the best-looking guys I've ever seen. I was so excited when I tweeted him and he replied back once!
事实:他在大一新生和大二时候的足球。他是德国人,法国人,荷兰人和美洲原住民(特别是渥太华和波塔瓦托西)血统。我的天啊!我们都喜欢乐队的国王。
Fact : He played football during his freshman and sophomore year of high school. He is of German, French, Dutch, and Native American (specifically Ottawa and Potawatomi) descent. Omg! And we both like the band Kings of Leon.
我正在尝试上面的文件到数据库。但是这是我运行它时出现的错误。
I am trying the file above into a database. But this is the error I get when i run it.
Exception in thread "main" com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's favorite sports include golf, skiing, rock climbing, and snowboarding.
He rece' at line 1
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:406)
at com.mysql.jdbc.Util.getInstance(Util.java:381)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1030)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:956)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3491)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3423)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1936)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2060)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2536)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1564)
at com.mysql.jdbc.StatementImpl.executeUpdate(StatementImpl.java:1485)
at TiffanyWriter.main(TiffanyWriter.java:109)
推荐答案
您应该使用 PreparedStatement ,因为它会阻止 SQL注入攻击。 @John Moses发布了一个教程,使用Java官方文档中的PreparedStatement,这里是另一个很好的链接: MySQL和Java JDBC - 教程。
You should use PreparedStatement primarily because it prevents SQL injection attacks. @John Moses has posted a tutorial to use PreparedStatement from the Java official documentation, here is another good link: MySQL and Java JDBC - Tutorial.
将您的代码移动到PreparedStatement,应该是这样:
Moving your code to PreparedStatement, it should be like this:
PreparedStatement ps = con.prepareStatement("INSERT INTO Tiffany(Actor, Bio, More_Bio, Reason, Fact) VALUES (?, ?, ?, ?, ?) ");
ps.setString(1, Actor);
ps.setString(2, Bio);
ps.setString(3, More_Bio);
ps.setString(4, Reason);
ps.setString(5, Fact);
ps.executeUpdate();
使用后不要忘记关闭资源:
Don't forget to close your resources after use them:
ps.close();
con.close();
这篇关于数据库插入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
