当用户输入与 cUsername 和 cPassword 匹配时,我希望显示所有字段。对此进行测试时,我的 SQL 语法出现错误(靠近 cPassword 之类的位置)。有人可以提出这个问题吗?请注意我还没有经历过 SQL 注入(inject)...
public Car getLogin(String searchUser, String searchPass) {
Car foundCar1 = new Car();
try {
Class.forName("com.mysql.jdbc.Driver");
Connection conn = DriverManager.getConnection(url + dbName, userName, password);
statement = conn.createStatement();
resultSet = statement.executeQuery("select * from eflow.registration where cUsername like '" + searchUser
+ "' AND where cPassword like '" + searchPass + "'");
while (resultSet.next()) {
foundCar1 = new Car(resultSet.getInt("cID"), resultSet.getString("cLicense"),
resultSet.getInt("cJourneys"), resultSet.getString("cUsername"),
resultSet.getString("cPassword").toString());
}
conn.close();
} catch (Exception e) {
e.printStackTrace();
}
return foundCar1;
}
最佳答案
除了您的错误之外,这里还有一些有问题的事情。该错误是由多个where 子句引起的。通过更改来修复此问题:
AND 其中 cPassword like 到 AND cPassword like
我看到的另一件事是 like 应该与通配符结合使用,因此您可能需要更改:
resultSet = statement.executeQuery("select * from eflow.registration where cUsername like '" + searchUser
+ "' AND where cPassword like '" + searchPass + "'");
至:
resultSet = statement.executeQuery("select * from eflow.registration where cUsername like '%" + searchUser
+ "%' AND cPassword like '%" + searchPass + "%'");
除非您正在寻找完全匹配,在这种情况下我会删除 like 并使用“=”代替。
关于java - 通过搜索两列从数据库返回数据,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43073524/