SQL INSERT系统日期进入表 [英] SQL INSERT system date into table

查看:582
本文介绍了SQL INSERT系统日期进入表的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我创建了一个名为myTable的表,其中一列名为CURRENT_DATE,其数据类型为DATE。当我以编程方式更新我的表时,我还想在CURRENT_DATE字段中放置时间戳或系统日期。我正在做的部分内容如下所示,但它不起作用。我认为这很容易,但是......你能帮忙吗?

I have created a table called "myTable" with a column called CURRENT_DATE and it's data type is "DATE". When I programatically update my table, I also want to place a timestamp or system date in the CURRENT_DATE field. A portion of what I am doing is shown below, but it is not working. I would think this would be easy, but... Can you help?

//System date is captured for placement in the CURRENT_DATE field in myTable
 java.util.Date currentDate = new java.util.Date();
...
stmt.executeQuery("INSERT INTO myTable (NAME, CURRENT_DATE) VALUES (' " + userName + " ', ' " + currentDate + " ')  ");


推荐答案

你真的应该这样做作为准备好的声明使用参数,它使事情变得更容易,并削减了一些非常简单的SQL注入威胁。

You really should be doing this as a prepared statement using parameters, it makes things a lot easier and cuts out a few very simple SQL injection threats.

Connection con = ...;
PreparedStatement statement = con.prepareStatement("INSERT INTO myTable (NAME, CURRENT_DATE) VALUES ( ?, ?)");
statement.setString(1, userName);
statement.setDate(2, currentDate );
statement.execute();

有很多关于如何正确使用预准备语句的信息。例如: http://www.jdbc-tutorial.com/jdbc-prepared- statements.htm

There is plenty of info on how to use prepared statements properly. For example: http://www.jdbc-tutorial.com/jdbc-prepared-statements.htm

这篇关于SQL INSERT系统日期进入表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆