为了确保查询的安全性,在幕后发生了很多事情,例如转义了特殊字符,否则这些特殊字符将允许更改语句(如果您想了解更多,可以使用Google SQL注入)This is the whole message I receive:And this is the code:String user = textField.getText().trim();String age = textField_3.getText().trim();String school = textField_4.getText().trim();String password = String.valueOf(passwordField.getPassword());String password1 = String.valueOf(passwordField_1.getPassword());if(password.equals(password1)){Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/users","root","1234");PreparedStatement st = con.prepareStatement("insert into user ('user','age','school','password') values ('"+user+"','"+age+"','"+school+"','"+password+"')");int rs = st.executeUpdate();JOptionPane.showMessageDialog(frame, "Data Saved Successfully");Any ideas? 解决方案 The point of prepared statements is, among others, to not concatenate your queries yourself.You want to do the following://first you "prepare" your statement (where the '?' acts as a kind of placeholder)PreparedStatement st = con.prepareStatement("insert into user (user,age,school,password) values (?,?,?,?);");//now you bind the data to your parametersst.setString(1, user);...//and then you can execute itst.executeUpdate()For more details see the official tutorial.There are a couple of things happening behind the scenes that make the query safe, like escaping special characters that would otherwise allow altering the statement (google SQL injections if you want to know more) 这篇关于com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException插入mysql错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持! 上岸,阿里云!