java - 如何将输入数据添加到 SQL 值？

问题描述

我们想创建一个医疗信息系统。在这个系统中，我们必须购买药品。当用户购买药品时，他/她必须输入购买药品的条形码编号和编号。我们要获取要服用的药物数量并将此值添加到 SQL 表中。但是我们有一个错误。

com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '10013''where Barcode='10013'' at line 1

SQL 表

这是我的代码： BuyMedicine.java

...

BarcodeField = new JTextField();
    BarcodeField.setBounds(130, 26, 294, 21);
    contentPane.add(BarcodeField);
    BarcodeField.setColumns(10);

    NumberField = new JTextField();
    NumberField.setBounds(130, 86, 294, 21);
    contentPane.add(NumberField);
    NumberField.setColumns(100);

    JButton btnBuy = new JButton("Buy");
    btnBuy.addActionListener(new ActionListener() {
        public void actionPerformed(ActionEvent arg0) {
            try {
                Class.forName("com.mysql.jdbc.Driver");
                Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/test", "root","");
                Statement stmt = con.createStatement();
                String x = "Select Stock from medicinelist where Barcode='" + BarcodeField.getText()+"'";
                PreparedStatement preparedStmt2 = con.prepareStatement(x);
                preparedStmt2.execute();
                String sql = "Update medicinelist set Stock='" +Integer.parseInt(NumberField.getText())+x
                +"'where Barcode='"+ BarcodeField.getText()+"'";
                PreparedStatement preparedStmt = con.prepareStatement(sql);
                preparedStmt.executeUpdate();


                JOptionPane.showMessageDialog(null, "Done!!!");


                con.close();

            }catch(Exception e) { System.out.print(e);}
        }

});

...

标签： javamysqljframe