Java MYSQL准备语句错误:检查语法在“?”附近使用在第1行 [英] Java MYSQL Prepared Statement Error: Check syntax to use near '?' at line 1
本文介绍了Java MYSQL准备语句错误:检查语法在“?”附近使用在第1行的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用java mysql库但是我在使用预准备语句时遇到了问题。我不确定我错过了什么。下面是我在尝试使用预准备语句时遇到的MYSQL错误。
I am trying to use the java mysql library but I am having issues using a prepared statement. I am not sure what I am missing. Below is what I have with the MYSQL error attempting to use the prepared statement.
String query = "SELECT id, clicks FROM mailer.links WHERE campaign_id=?";
try {
preparedStatement = connect.prepareStatement(query);
preparedStatement.setInt(1, campaignId);
preparedStatement.execute();
Statement st = connect.createStatement();
// execute the query, and get a java resultset
ResultSet rs = st.executeQuery(query);
我收到以下错误:
com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException:
You have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '?' at line 1
如果我执行campaign_id =+ campaignId,它是有效的,但SQL注入是等待发生的。
It works if I do "campaign_id=" + campaignId , but is a SQL injection waiting to happen.
推荐答案
试试这个
ResultSet rs = preparedStatement.executeQuery();
这篇关于Java MYSQL准备语句错误:检查语法在“?”附近使用在第1行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文