1. 首页
  2. 问答
  3. 插入到sql server数据库错误

插入到sql server数据库错误

2017-06-02 197 views
-1

我试图插入数据到数据库中,但当单击按钮插入时出现错误。插入到sql server数据库错误

这是错误

com.microsoft.sqlserver.jdbc.SQLServerException: There are more columns in the INSERT 
statement than values specified in the VALUES clause. The number of values in the VALUES 
clause must match the number of columns specified in the INSERT statement.

我想您的帮助,如果你能找出问题。

这是我的插入代码

private void insertActionPerformed(java.awt.event.ActionEvent evt) {          
    // TODO add your handling code here: 
    dbconnection db = new dbconnection(); 
    try { 
     db.connect(); 
     db.stm=db.con.createStatement(); 
     java.sql.Date date1 = new java.sql.Date(jDateChooser1.getDate().getTime()); 
      int result=db.stm.executeUpdate("insert into Blood_Test_Result" +"(DID,D_Name,Weight,HBsAG,HIV,VDRL,HCV,Malaria,Blood_Type,Blood_Status,LTID,LT_Name,Date)" 
        +"values('"+jComboBox2.getSelectedItem().toString()+"'," 
        + "'"+jTextField1.getText()+"','"+jTextField3.getText()+"','"+jComboBox4.getSelectedItem().toString()+"'," 
        + "'"+jComboBox5.getSelectedItem().toString()+"','"+jComboBox6.getSelectedItem().toString()+"'," 
        + "'"+jComboBox7.getSelectedItem().toString()+"','"+jComboBox8.getSelectedItem().toString()+"'" 
        + "'"+jComboBox9.getSelectedItem().toString()+"','"+jComboBox10.getSelectedItem().toString()+"'," 
        + "'"+jComboBox3.getSelectedItem().toString()+"','"+jTextField2.getText()+"','"+date1+"')"); 
     if(result>0) 
     { 
      JOptionPane.showMessageDialog(this, "Data has been saved succesfully");    
     } 
     else 
     { 
      JOptionPane.showMessageDialog(this, "no data has been saved"); 
     } 

    } catch (SQLException ex) { 
     Logger.getLogger(BloodTest.class.getName()).log(Level.SEVERE, null, ex); 
    } 

}

来源

2017-06-02 Yusuf Mohamed

+6

1.所有**停止连接字符串来构建查询。使用预先准备好的语句!** 2.错误信息对于这个问题非常明确......我不知道有什么令人困惑的。你明确地说你想要“INSERT”13列,并且只提供12. – Siyual

+0

你能打印出你想要执行的SQL语句并与我们分享吗? – Mureinik

+1

我的朋友鲍比桌子喜欢这样的代码。 http://bobby-tables.com/ –

回答

4

的错误是明显的,你在使用的13列。

(BTRID,DID,D_Name,Weight,HBsAG,HIV,VDRL,HCV,Malaria,Blood_Type,Blood_Status,LTID,LT_Name)

但你设置值12值:

values(....)

所以一步检查查询步骤,并确保您使用的是正确的列。

我的回答是这个重要的组成部分,不设置你的属性就是这样,而是使用PreparedStatement的,以避免语法错误和SQL注入:

String query = "insert into Blood_Test_Result" + "(BTRID, DID ,D_Name, " 
     + "Weight, HBsAG, HIV, VDRL, HCV, Malaria, Blood_Type, Blood_Status, LTID,LT_Name)" 
     + "values(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; 

try (PreparedStatement insert = connection.prepareStatement(query)) { 

    insert.setString(1, jComboBox2.getSelectedItem().toString()); 
    insert.setString(2, jTextField1.getText()); 
    ... 

    insert.executeUpdate(); 
}

来源

2017-06-02 13:42:31

+0

SORRY,我发布了错误的数据这是实际数据 –

+1

你是什么意思@YusufMohamed? –

+0

请你再看看代码,因为我更新了它。 –

-1

的错误是很清楚的:

你的评论中有更多的列比值!

 (BTRID,DID,D_Name,Weight,HBsAG,HIV,VDRL,HCV,Malaria,Blood_Type,Blood_Status,LTID,LT_Name)

这是13列,你必须

jComboBox2.getSelectedItem().toString()+"'," 
       + "'"+jTextField1.getText()+"','"+jTextField3.getText()+"','"+jComboBox4.getSelectedItem().toString()+"'," 
       + "'"+jComboBox5.getSelectedItem().toString()+"','"+jComboBox6.getSelectedItem().toString()+"'," 
       + "'"+jComboBox7.getSelectedItem().toString()+"','"+jComboBox8.getSelectedItem().toString()+"'" 
       + "'"+jComboBox9.getSelectedItem().toString()+"','"+jComboBox10.getSelectedItem().toString()+"'," 
       + "'"+jComboBox3.getSelectedItem().toString()+"','"+jTextField2.getText()+

只有12个值,以便去除colmun和它(但正确的;-)),它应该工作

来源

2017-06-02 13:44:17 Thomas

+1

这只是持续的sql注入。这需要参数化才能被认为是可行的答案。 –

-1

我解决了这个错误,因为我错过了两列之间的逗号。

private void insertActionPerformed(java.awt.event.ActionEvent evt) {          
    // TODO add your handling code here: 
    dbconnection db = new dbconnection(); 
    try { 
     db.connect(); 
     db.stm=db.con.createStatement(); 
     java.sql.Date date1 = new java.sql.Date(jDateChooser1.getDate().getTime()); 
      int result=db.stm.executeUpdate("insert into Blood_Test_Result" +"(DID,D_Name,Weight,HBsAG,HIV,VDRL,HCV,Malaria,Blood_Type,Blood_Status,LTID,LT_Name,Date)" 
        +"values('"+jComboBox2.getSelectedItem().toString()+"'," 
        + "'"+jTextField1.getText()+"','"+jTextField3.getText()+"','"+jComboBox4.getSelectedItem().toString()+"'," 
        + "'"+jComboBox5.getSelectedItem().toString()+"','"+jComboBox6.getSelectedItem().toString()+"'," 
        + "'"+jComboBox7.getSelectedItem().toString()+"','"+jComboBox8.getSelectedItem().toString()+"'," 
        + "'"+jComboBox9.getSelectedItem().toString()+"','"+jComboBox10.getSelectedItem().toString()+"'," 
        + "'"+jComboBox3.getSelectedItem().toString()+"','"+jTextField2.getText()+"','"+ date1 +"')"); 
     JOptionPane.showMessageDialog(this, "insert successful"); 

    } catch (SQLException ex) { 
     JOptionPane.showMessageDialog(this, ex.getMessage()); 
    } 
    fill(); 
    clear(); 

}

感谢您的帮助

来源

2017-06-02 19:57:58

+1

这不是一个好的解决方案,因为你的代码容易受到SQL注入攻击,这是一个巨大的安全漏洞。按照[YCF_L的建议](https://stackoverflow.com/a/44330401/466862)使用准备好的语句。 –

相关问题

 相关问题