Pav*_*vol 1 java sql-server prepared-statement
我目前在使用此代码时遇到一些问题:
public User validateUser(String username, String password) {
boolean found = false;
Connection c = DBHelperClass.getConnection();
String query = "Select * from user where username= '?' and password= '?' ";
if (c != null) {
try {
PreparedStatement inserter = c.prepareStatement(query);
inserter.setString(1, username);
inserter.setString(2, password);
System.out.println("help: "+query);
ResultSet resultSet = inserter.executeQuery(query);
while (resultSet.next()) {
this.userId = resultSet.getInt("userId");
this.username = resultSet.getString("usrname");
this.password = resultSet.getString("password");
this.address = resultSet.getString("address");
this.email = resultSet.getString("email");
this.phone = resultSet.getInt("phone");
found = true;
}
} catch (SQLException ex) {
Logger.getLogger(User.class.getName()).log(Level.SEVERE, null, ex);
}
}
return this;
}
我得到的错误是:
java.sql.SQLException:参数索引超出范围(1>参数个数,为0)
从阅读其他答案我尝试改变'?' 标签但未能这样做.
更改
Select * from user where username= '?' and password= '?'
至
Select * from user where username= ? and password= ?
无需添加 '
更新:
并inserter.executeQuery(query);改为inserter.executeQuery();
| 归档时间: |
|
| 查看次数: |
436 次 |
| 最近记录: |