爪哇 - 从字符串

我试图将字符串传递到具有新行SQL语句删除不可打印的字符，所以把我的错误：爪哇 - 从字符串

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE nric = 'S3456789A\n'' at line 1

，所以我做一个去除换行符

nric = nric.replace("\n","");

它然后把我的错误：

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE nric = 'S3456789A'' at line 1

事情是，当我做了一个System.out.println，撇号没有出现，它只是S3456789A而不是S3456789A'。我如何删除撇号？

代码：

获取数据，并从Android的发布：

ArrayList<NameValuePair> postParameters = new ArrayList<NameValuePair>(); 
postParameters.add(new BasicNameValuePair("nric",nric)); 
response = CustomHttpClient.executeHttpPost("http://172.27.176.181:8080/SRD/SaveLocation", postParameters);

的必要组成部分，从servlet的SaveLocation：

从用户实体类

String nric = request.getParameter("nric"); 
    nric = nric.replace("\n", ""); 
User elder = new User(); 
    elder.setNric(nric); 
    try { 
     if(elder.retrieveUserWithNric()) 
     {

retrieveUserWithNric：

public boolean retrieveUserWithNric() throws SQLException 
{ 
    boolean success = false; 
    ResultSet rs = null; 
    try { 
     Context ctx = new InitialContext(); 
     ds = (DataSource)ctx.lookup("java:comp/env/jdbc/srd"); 
     } catch (NamingException e) { 
      System.out.println("User: Naming Exception"); 
     e.printStackTrace(); 
     } 
    Connection conn = ds.getConnection(); 

    PreparedStatement pstmt = null; 
    String dbQuery = "SELECT * FROM User WHERE nric = ?"; 
    System.out.println("retrieveUserwithNric nric is "+nric); 
    try { 
     pstmt = conn.prepareStatement(dbQuery); 
     pstmt.setString(1, nric); 
     rs = pstmt.executeQuery(); 
    } catch (SQLException e1) { 
     // TODO Auto-generated catch block 
     e1.printStackTrace(); 
    } 
    try { 
     if (rs.next()) { 
      id = rs.getInt("id"); 
      nric = rs.getString("nric"); 
      password = rs.getString("password"); 
      salt = rs.getString("salt"); 
      name = rs.getString("name"); 
      mobileNo = rs.getInt("mobile_no"); 
      address = rs.getString("address"); 
      postal = rs.getInt("postal_code"); 
      relativeElderly = rs.getString("relative_elderly"); 
      role = rs.getString("role"); 
      organization = rs.getString("organization"); 
      elderlyList = rs.getString("elderly_list"); 
      // image = rs.getBlob("image"); 
      success = true; 
     } 
     else 
     { 
      System.out.println("rs does not have next"); 
     } 
    } catch (Exception e) { 
     e.printStackTrace(); 
    } 
    System.out.println("name is "+name); 
    System.out.println("role is "+role); 
    conn.close(); 
    return success; 
}

来源

2012-07-17 consprice

你的sql是什么？ – jeschafe 2012-07-17 05:45:37

你可以请你张贴你的代码吗？ – jaychapani 2012-07-17 05:46:58

@jeschafe mysql 5.1 – consprice 2012-07-17 05:48:12

撇号不在那里。该错误消息包含在撇号中，将其删除：

WHERE nric = 'S3456789A'

其他内容导致此错误。

来源

2012-07-17 05:44:22

刚刚看到您的答案，并意识到没有撇号。谢谢 – consprice 2012-07-17 05:57:46

这是PreparedStatement，不需要单引号... – 2012-07-17 05:58:06

@consprice：你的查询中出现了什么问题？我只是好奇... – 2012-07-17 06:02:33

爪哇 - 从字符串

回答

相关问题