public static void update (Products aProduct)
{
Statement aStatement=null;
String strSQL="UPDATE Products SET";
strSQL+=" ProductName="+"'"+aProduct.getProductName()+"'"+",";
strSQL+=" SupplierID="+aProduct.getSupplierID()+",";
strSQL+=" CategoryID="+aProduct.getCateGoryID()+",";
strSQL+=" QuantityPerUnit="+"'"+aProduct.getQuantityPerUnit()+"'"+",";
strSQL+=" UnitPrice="+aProduct.getUnitPrice()+",";
strSQL+=" UnitsInStock="+aProduct.getUnitsInStock()+",";
strSQL+=" UnitsOnOrder="+aProduct.getUnitsOnOrder()+",";
strSQL+=" ReorderLevel="+aProduct.getReorderLevel()+",";
strSQL+=" Discontinued="+(aProduct.getDiscontinued()?1:0);
strSQL+=" WHERE ProductID="+aProduct.getProductID();
try
{
getDBConnection();
aStatement=aConnection.createStatement();
aStatement.executeUpdate(strSQL);
}
catch(SQLException e)
{
JOptionPane.showMessageDialog(null, e.getMessage(),"Error",JOptionPane.ERROR_MESSAGE);
}
finally
{
closeStatement(aStatement);
closeConnection();
System.out.println(strSQL);
}
}
现在的问题是我想更新数据库里的ProductName="a'b",其中包含"'"单引号无法插入,数据库报错。请问有什么就简单的办法完整特殊字符的转义。
{
Statement aStatement=null;
String strSQL="UPDATE Products SET";
strSQL+=" ProductName="+"'"+aProduct.getProductName()+"'"+",";
strSQL+=" SupplierID="+aProduct.getSupplierID()+",";
strSQL+=" CategoryID="+aProduct.getCateGoryID()+",";
strSQL+=" QuantityPerUnit="+"'"+aProduct.getQuantityPerUnit()+"'"+",";
strSQL+=" UnitPrice="+aProduct.getUnitPrice()+",";
strSQL+=" UnitsInStock="+aProduct.getUnitsInStock()+",";
strSQL+=" UnitsOnOrder="+aProduct.getUnitsOnOrder()+",";
strSQL+=" ReorderLevel="+aProduct.getReorderLevel()+",";
strSQL+=" Discontinued="+(aProduct.getDiscontinued()?1:0);
strSQL+=" WHERE ProductID="+aProduct.getProductID();
try
{
getDBConnection();
aStatement=aConnection.createStatement();
aStatement.executeUpdate(strSQL);
}
catch(SQLException e)
{
JOptionPane.showMessageDialog(null, e.getMessage(),"Error",JOptionPane.ERROR_MESSAGE);
}
finally
{
closeStatement(aStatement);
closeConnection();
System.out.println(strSQL);
}
}
现在的问题是我想更新数据库里的ProductName="a'b",其中包含"'"单引号无法插入,数据库报错。请问有什么就简单的办法完整特殊字符的转义。
public static void update (Products aProduct)
{
PreparedStatement aStatement=null; String strSQL="UPDATE Products SET";
strSQL+=" ProductName=?,";
strSQL+=" SupplierID=?,";
strSQL+=" CategoryID=?,";
strSQL+=" QuantityPerUnit=?,";
strSQL+=" UnitPrice=?,";
strSQL+=" UnitsInStock=?,";
strSQL+=" UnitsOnOrder=?,";
strSQL+=" ReorderLevel=?,";
strSQL+=" Discontinued=?";
strSQL+=" WHERE ProductID=?";
try
{
getDBConnection();
aStatement=aConnection.preparedStatement(strSQL);
int parameterIndex=1;
aStatement.setString(parameterIndex, aProduct.getProductName());
parameterIndex++;
aStatement.setInt(parameterIndex, aProduct.getSupplierID());
parameterIndex++;
aStatement.setInt(parameterIndex, aProduct.getCateGoryID());
parameterIndex++;
aStatement.setString(parameterIndex, aProduct.getQuantityPerUnit());
parameterIndex++;
aStatement.setDouble(parameterIndex, aProduct.getUnitPrice());
parameterIndex++;
aStatement.setInt(parameterIndex, aProduct.getUnitsInStock());
parameterIndex++;
aStatement.setInt(parameterIndex, aProduct.getUnitsOnOrder());
parameterIndex++;
aStatement.setInt(parameterIndex, aProduct.getReorderLevel());
parameterIndex++;
aStatement.setInt(parameterIndex, (aProduct.getDiscontinued()?1:0));
parameterIndex++;
aStatement.setInt(parameterIndex, aProduct.getProductID());
parameterIndex++;
aStatement.executeUpdate();
}
catch(SQLException e)
{
JOptionPane.showMessageDialog(null, e.getMessage(),"Error",JOptionPane.ERROR_MESSAGE);
}
finally
{
closeStatement(aStatement);
closeConnection();
System.out.println(strSQL);
}
}