1. 首页
  2. 问答
  3. Java和MySql中的SQL语法错误SELECT查询

Java和MySql中的SQL语法错误SELECT查询

2016-07-25 67 views
1

我正在开发一个具有3个JFrame的基本程序。成功登录后将会打开登录,注册和仪表板。但是,输入用户名和密码并单击登录按钮后,我收到错误消息。Java和MySql中的SQL语法错误SELECT查询

这里的错误:

com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ' password='1234'' at line 1

这里是我的代码:

import java.awt.BorderLayout; 
import java.awt.EventQueue; 

import javax.swing.JFrame; 
import javax.swing.JPanel; 
import javax.swing.border.EmptyBorder; 

import com.mysql.jdbc.Statement; 

import javax.swing.JLabel; 
import javax.swing.JOptionPane; 
import javax.swing.ImageIcon; 
import java.awt.Font; 
import javax.swing.JTextField; 
import javax.swing.JButton; 
import java.awt.event.ActionListener; 
import java.sql.Connection; 
import java.sql.DriverManager; 
import java.sql.ResultSet; 
import java.awt.event.ActionEvent; 

public class Login extends JFrame { 

private JPanel contentPane; 
private JTextField txtUsrName; 
private JTextField txtPAss; 

/** 
* Launch the application. 
*/ 
public static void main(String[] args) { 
    EventQueue.invokeLater(new Runnable() { 
     public void run() { 
      try { 
       Login frame = new Login(); 
       frame.setVisible(true); 
      } catch (Exception e) { 
       e.printStackTrace(); 
      } 
     } 
    }); 
} 

/** 
* Create the frame. 
*/ 
public Login() { 
    setDefaultCloseOperation(JFrame.HIDE_ON_CLOSE); 
    setBounds(100, 100, 450, 348); 
    contentPane = new JPanel(); 
    contentPane.setBorder(new EmptyBorder(5, 5, 5, 5)); 
    setContentPane(contentPane); 
    contentPane.setLayout(null); 

    JLabel lblLogin = new JLabel("Welcome To TechApp"); 
    lblLogin.setFont(new Font("Tekton Pro", Font.PLAIN, 18)); 
    lblLogin.setBounds(135, 19, 163, 28); 
    contentPane.add(lblLogin); 

    JLabel lblUsername = new JLabel("UserName:"); 
    lblUsername.setFont(new Font("Alaska", Font.PLAIN, 15)); 
    lblUsername.setBounds(174, 58, 88, 28); 
    contentPane.add(lblUsername); 

    txtUsrName = new JTextField(); 
    txtUsrName.setBounds(145, 90, 132, 20); 
    contentPane.add(txtUsrName); 
    txtUsrName.setColumns(10); 

    JLabel lblPassword = new JLabel("Password:"); 
    lblPassword.setFont(new Font("Alaska", Font.PLAIN, 15)); 
    lblPassword.setBounds(182, 118, 95, 46); 
    contentPane.add(lblPassword); 

    txtPAss = new JTextField(); 
    txtPAss.setColumns(10); 
    txtPAss.setBounds(145, 156, 132, 20); 
    contentPane.add(txtPAss); 

    JButton btnNewButton = new JButton("login"); 
    btnNewButton.addActionListener(new ActionListener() { 
     public void actionPerformed(ActionEvent e) { 


      String _username = txtUsrName.getText(); 
      String _password = txtPAss.getText(); 
      String url = "jdbc:mysql://127.0.0.1:3306/javabase"; 
      String user = "java"; 
      String passw = "password"; 

      try{ 
       // 1.Get a connection To Database 
       Connection myConn = DriverManager.getConnection(url, user, passw); 

       // 2.Create a statement 
       Statement myStmt = (Statement) myConn.createStatement(); 

       // 3.Execute SQL Query 
       String sql = "SELECT userame, password FROM registration WHERE userame='"+_username+"', password='"+_password+"' "; 
       ResultSet result = myStmt.executeQuery(sql); 
       //myStmt.executeUpdate(sql); 

       int count = 0; 
       while(result.next()){ 
        count = count + 1; 
       } 
       if(count == 1){ 
        Dashboard frame = new Dashboard(); 
        frame.setVisible(true); 
       } 
       else if(count > 1){ 
        JOptionPane.showMessageDialog(null, "Duplicate User! Access Denied!"); 
       } 
       else{ 
        JOptionPane.showMessageDialog(null, "User Not Found!"); 
       } 


      } 
      catch(Exception ex) 
      { 
       ex.printStackTrace(); 
      } 





     } 
    }); 
    btnNewButton.setBounds(169, 202, 89, 49); 
    contentPane.add(btnNewButton); 

    JButton btnRegister = new JButton("Register"); 
    btnRegister.addActionListener(new ActionListener() { 
     public void actionPerformed(ActionEvent e) { 
      Main frame = new Main(); 
      frame.setVisible(true); 
     } 
    }); 
    btnRegister.setBounds(168, 264, 89, 23); 
    contentPane.add(btnRegister); 

    JLabel lblNewLabel = new JLabel(""); 
    lblNewLabel.setFont(new Font("Alaska", Font.PLAIN, 16)); 
    lblNewLabel.setIcon(new ImageIcon("D:\\ExploitGate\\MAS-9831-Offwhite2.jpg")); 
    lblNewLabel.setBounds(0, 0, 434, 310); 
    contentPane.add(lblNewLabel); 
} 
}

我搜索了计算器论坛,并进行给出可能的解决方案here 任何人都可以请指导我如何处理这个错误? 在此先感谢:)

来源

2016-07-25 Mohammad Abbas

+0

我认为你需要使用'密码= ' “+ _ +密码”' ' “';而不是'密码='” + _password +“'”;' - 注意“密码”值末尾缺少关闭的“”字符。 – Castaglia

回答

1

您在WHERE子句之间使用逗号,而不是AND

String sql =“SELECT userame,password FROM registered WHERE userame ='”+ _ username +“'AND password ='”+ _ password +“'”;

来源

2016-07-25 18:56:09

+0

非常感谢:)它解决了这个问题。 –

+0

非常欢迎。 –

3

上述所有的代码基本上是无用的。这是一个SQL语法错误,这意味着它的这一行:

... WHERE userame='"+_username+"', password='"+_password+"' "; 
           ^---

你不使用,分离where条款参数。您使用布尔操作。 andor等..

并注意你容易受到sql injection attacks

来源

2016-07-25 18:56:36

+0

非常感谢:)它解决了这个问题。 –

+0

是的,我知道,我刚学过Java中的数据库连接。所以现在我将重点放在安全性方面。感谢tho :) –

相关问题

 相关问题