Java 日期到 MySql 日期时间

发布于 2024-12-17 17:49:29 字数 986 浏览 0 评论 0原文

每个身体。我收到此错误: 您的 SQL 语法有错误;检查手册 对应你的MySQL服务器版本为右 第 1 行 '14:37:41)' 附近使用的语法 对于这段代码,

       public String addName() {
    // TODO Auto-generated method stub
    try {
        java.util.Date dt = new java.util.Date();
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(
                "yyyy-MM-dd HH:mm:ss");

        String currentTime = sdf.format(dt);



        String name = "RandomName";

        Connection connect = DriverManager.getConnection(
                "jdbc:mysql://localhost", "ericman", "ericman");
        Statement stat = (Statement) connect.createStatement();
        String insert = "INSERT INTO `bookcatalog`.`puch` (`name`, `time`) VALUES ('"
                + name + "', " + currentTime + ")";
        stat.executeUpdate(insert);

    } catch (Exception e) {
        System.out.println(e);
    }
    return "Name Updated";
}

任何关于为什么会发生这种情况的建议,我都会吸收结构化语言,这样你就知道:)

every body. I am getting this error:
You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right
syntax to use near '14:37:41)' at line 1

for this piece of code

       public String addName() {
    // TODO Auto-generated method stub
    try {
        java.util.Date dt = new java.util.Date();
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat(
                "yyyy-MM-dd HH:mm:ss");

        String currentTime = sdf.format(dt);



        String name = "RandomName";

        Connection connect = DriverManager.getConnection(
                "jdbc:mysql://localhost", "ericman", "ericman");
        Statement stat = (Statement) connect.createStatement();
        String insert = "INSERT INTO `bookcatalog`.`puch` (`name`, `time`) VALUES ('"
                + name + "', " + currentTime + ")";
        stat.executeUpdate(insert);

    } catch (Exception e) {
        System.out.println(e);
    }
    return "Name Updated";
}

Any suggestion of why this happening, I suck on structured language just so you know :)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(5

欢烬 2024-12-24 17:49:29

使用PreparedStatement。

String insert = "INSERT INTO `bookcatalog`.`puch` (`name`, `time`) VALUES (?,?)";
PreparedStatement ps=connect.prepareStatement(insert);
ps.setString(1,name);
ps.setTimeStamp(2,TimeStamp.valueOf(currentTime));
ps.executeUpdate();

Use PreparedStatement.

String insert = "INSERT INTO `bookcatalog`.`puch` (`name`, `time`) VALUES (?,?)";
PreparedStatement ps=connect.prepareStatement(insert);
ps.setString(1,name);
ps.setTimeStamp(2,TimeStamp.valueOf(currentTime));
ps.executeUpdate();
草莓酥 2024-12-24 17:49:29

您在插入语句中的 currentTime 周围缺少 ' 字符。

然而,您确实应该使用准备好的语句来处理此类事情,以防止 SQL 注入攻击。

You are missing ' characters around your currentTime in the insert statement.

However, you really should be using a prepared statement for such things, to guard against SQL injection attacks.

绝不服输 2024-12-24 17:49:29

尝试通过 str_to_date

Try convert string to date by str_to_date

幽蝶幻影 2024-12-24 17:49:29

您是否需要使用引号将日期/时间封装在 INSERT 语句中,就像使用 name 参数一样?

Do you need to encapsulate the date/time in your INSERT statement with inverted commas, like you do with the name argument?

少女的英雄梦 2024-12-24 17:49:29

啊。为什么不使用PreparedStatement 来代替呢?

PreparedStatement stmt = connect.prepareStatement("INSERT INTO bookcatalog.puch(name, time) values ?,?");
stmt.setString(1, name);
stmt.setTimestamp(2, dt);
stmt.execute();

它干净得多。

ugh. Why don't you use a PreparedStatement instead?

PreparedStatement stmt = connect.prepareStatement("INSERT INTO bookcatalog.puch(name, time) values ?,?");
stmt.setString(1, name);
stmt.setTimestamp(2, dt);
stmt.execute();

It's far cleaner.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文