我对如何防止 SQL 注入感到困惑,我在网上查看过。我是使用存储过程,还是创建变量,我完全迷失了。
\n\n Try\n connection.Open()\n \xe2\x80\x99we got here so our connection to the db is sound\n chosen = cboBooks.SelectedIndex\n id = customerList(cboCustomers.SelectedIndex)\n isbn = isbnList(cboBooks.SelectedIndex)\n If number <= qty Then\n Dim sql As String\n sql = "INSERT INTO purchase(customer_id, ISBN, store_id, quantity)\n VALUES(" & id & ", " & isbn & ", 1, " & number & ");"\n Dim cmd As New SqlCommand(sql, connection)\n Dim rows As Integer\n rows = cmd.ExecuteNonQuery()\n If rows >= 1 Then\n \xe2\x80\x99now update the …尝试将项目添加到列表并打印它们,它编译,但我得到一个运行时错误,其中堆栈溢出错误.这是错误打印出来的:
Exception in thread "main" java.lang.StackOverflowError
at List.<init>(List.java:5)
at List.<init>(List.java:9)
at List.<init>(List.java:9) <----- this line is repeated quite a few times
这是我的代码,包含添加和打印列表的方法.
public class List {
private AthleteNode front;
public List(){
front = null;
}
public List athletes = new List();
//add athlete to the end of the list
public void add(Athlete a){
AthleteNode node = new AthleteNode (a);
AthleteNode current; //temp node to iterate over the list
if(front == null)
front = node;//adds the first element
else{
current = …