我尝试此代码,这是在mssqlserver中传递值的问题,我将值一页传递到另一页中,听到nrno是值传到另一页,但听到错误是java.sql.SQLException:无效的列名'nrno'。
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Untitled</title>
</head>
<body>
<%@ page import="java.sql.*" %>
<%@ page import="java.io.*" %>
<%
String AppURL = request.getContextPath() ;
String thisFile = AppURL+request.getServletPath() ;
int nrno = 0;
try
{
nrno = Integer.parseInt(request.getParameter("rno"));
}
catch(NumberFormatException ex)
{
nrno = 0;
}
%>
<td>this is in roolno :- <%=nrno%> </td><br>
<%
Class.forName("net.sourceforge.jtds.jdbc.Driver");
Connection conn = DriverManager.getConnection("jdbc:jtds:sqlserver://localhost:1433/sample", "sa", "sa1234");
java.sql.Statement stmt = conn.createStatement();
try
{
int val = stmt.executeUpdate("INSERT student (name,rno) VALUES('nikki',+ nrno)");
out.println("1 row affected");
}
catch (SQLException s)
{
System.out.println("SQL statement is not executed!");
}
stmt.close();
conn.close();
%>
</body>
</html>
最佳答案
您不需要以下物品吗?
int val = stmt.executeUpdate("INSERT student (name,rno) VALUES('nikki'," + nrno + ")");
在上面的示例代码中,您没有插入
nrno的值,而是真正的字符串nrno本身(因为它在双引号内)。展望未来,我将调查PreparedStatements以便您可以执行以下操作:
PreparedStatement pstmt = con.prepareStatement("INSERT student (name,rno) VALUES(?,?)");
pstmt.setString(1, 'nikki');
pstmt.setInt(2, nrno);
并避免像上面这样令人讨厌的引号问题以及可能的SQL注入问题(我意识到上面的内容可能是一个练习或类似的工作,但要意识到是一件好事)。