我正在尝试做出准备好的声明,驱动程序正在按照我假设的方式工作,但唯一的问题是我的查询不再有效。
我正在尝试编写此查询:
SELECT ip_address
FROM log_activity
WHERE created_at
BETWEEN "2017-01-01 00:00:00"
AND DATE_ADD("2017-01-01 00:00:00", INTERVAL 1 HOUR)
GROUP BY ip_address
HAVING COUNT(*) > 200;
但是在插入准备好的语句的参数后,结果如下:
SELECT ip_address
FROM log_activity
WHERE created_at
BETWEEN '\'2017-01-01 00:00:00\''
AND DATE_ADD('\'2017-01-01 00:00:00\'', INTERVAL 1 'hour')
GROUP BY ip_address
HAVING COUNT(*) > 200;
这不再是有效的 SQL。那么如何从参数中删除这些引号或者解决这个问题的好方法是什么?
...
String startDateArg = "'" + args[0].split("=", 2)[1].replace(".", " ") + "'";
String durationArg = args[1].split("=", 2)[1];
int thresholdArg = Integer.parseInt(args[2].split("=", 2)[1]);
String duration = durationArg.equals("hourly") ? "hour" : durationArg.equals("daily") ? "day" : null;
String getUsersOverAPILimitQuery = "" +
"select ip_address " +
"from log_activity " +
"where created_at " +
" between ?" +
" and date_add(?, interval 1 ?) " +
"group by ip_address " +
"having count(*) > ?;";
PreparedStatement preparedStatement = con.prepareStatement(getUsersOverAPILimitQuery);
preparedStatement.setString(1, startDateArg);
preparedStatement.setString(2, startDateArg);
preparedStatement.setString(3, duration);
preparedStatement.setInt(4, thresholdArg);
System.out.println(preparedStatement);
ResultSet getUsersOverAPILimit = preparedStatement.executeQuery();
while (getUsersOverAPILimit.next()) {
String ip_address = getUsersOverAPILimit.getString("ip_address");
System.out.println(ip_address);
}
...
最佳答案
而不是这个:
String startDateArg = "'" + args[0].split("=", 2)[1].replace(".", " ") + "'";
这样做:
String startDateArg = args[0].split("=", 2)[1].replace(".", " ");
无需添加单引号,preparedstatement 会为您完成此操作。
关于Java + JDBC : Prepared statement failing,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53677657/