All geek questions in one place

Executing an SQL Statement in a Java Function

I need to read the SQL statement below from a single property.

update scoreconfig set scorestatus=0 where scoreversion=props.getProperty("scoreversion");

And the value for the evaluation version I have to take it from another properties file.

But when I prepare the instruction in a java function, as shown below:

 final String query = strLine; PreparedStatement ps=con.prepareStatement(query);

where query has

  update scoreconfig set scorestatus = 0 where scoreversion = props.getProperty ("scoreversion");

But I get

  Error: ORA-00911: invalid character

... when I do ps.execute();

+4
source share
1 answer

I assume that props is an instance of Properties or similar. If so, then the props.getProperty("scoreversion") should run at the Java level, not the database. Instead of this:

 String sql = "update scoreconfig set scorestatus=0 where scoreversion=?"; PreparedStatement ps = con.prepareStatement(sql); // If scoreversion is a String: ps.setString(1, props.getProperty("scoreversion")); ResultSet rs = ps.executeQuery();

... or if scoreversion is int, use this instead of the setString line:

 // It scoreversion is an int: ps.setInt(1, Integer.parseInt(props.getProperty("scoreversion")));

... etc., convert as appropriate.

Basically, when you use prepareStatement , do you use ? where the parameters should go, and then you use setXyz on the PreparedStatement instance to set these parameters. (Oddly enough, they start with 1 , not 0 ) Note that even when the parameter is String, you do not put quotation marks around it in SQL, which you pass to prepareStatement ; which are processed for you (along with avoiding this line to prevent SQL injection , so PreparedStatement and setXyz are your friends, you will recognize them well).

+5
source

Source: https://habr.com/ru/post/1382128/

More articles:


All Articles