5 个解决方案
#1
/**
* Insert channel
*
* @param channel_no channel no..
* @param channel_name channel name
* @param description description
* @param path channel path
* @param html_type html type
* @param igmp_addr_stb
* @param igmp_addr_pc500k
* @param igmp_addr_pc1500k
* @param chi_channel_name
*/
public void insertChannel(String channel_no,String channel_name,String description,
String path,String html_type,String igmp_addr_stb,
String igmp_addr_pc500k,String igmp_addr_pc1500k,String igmp_addr_vlc,
String chi_channel_name,String channel_type)
throws EPGException
{
String sql = "";
try
{
sql = "insert into p_channel " +
"(channel_no,channel_name,description,path," +
"html_type,igmp_addr_stb,igmp_addr_pc500k," +
"igmp_addr_pc1500k,igmp_addr_vlc,chi_channel_name,channel_type)" +
"values(?, ?, ?, ?," +
"?, ?, ?," +
"?, ?, ?, ?)";
/*
channel_no + "," + addquote(channel_name) + "," + addquote(description) + "," + addquote(path) + "," +
addquote(html_type) + "," + addquote(igmp_addr_stb) + "," + addquote(igmp_addr_pc500k) + "," +
addquote(igmp_addr_pc1500k) + "," + addquote(igmp_addr_vlc) + "," + addquote(chi_channel_name) + "," +
addquote(channel_type)+ ")";*/
pstmt = new LoggableStatement(con,sql);
pstmt.setString(1,channel_no);
pstmt.setString(2,channel_name);
pstmt.setString(3,description);
pstmt.setString(4,path);
pstmt.setString(5,html_type);
pstmt.setString(6,igmp_addr_stb);
pstmt.setString(7,igmp_addr_pc500k);
pstmt.setString(8,igmp_addr_pc1500k);
pstmt.setString(9,igmp_addr_vlc);
pstmt.setString(10,chi_channel_name);
pstmt.setString(11,channel_type);
pstmt.executeUpdate();
pstmt.close();
/*
pstmt.executeUpdate();
st = con.createStatement();
st.executeUpdate(sql);*/
//System.out.println(sql);
}
catch(SQLException e)
{
throw new EPGException("Duplicated channel No..Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
catch(Exception e)
{
throw new EPGException("Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
}
* Insert channel
*
* @param channel_no channel no..
* @param channel_name channel name
* @param description description
* @param path channel path
* @param html_type html type
* @param igmp_addr_stb
* @param igmp_addr_pc500k
* @param igmp_addr_pc1500k
* @param chi_channel_name
*/
public void insertChannel(String channel_no,String channel_name,String description,
String path,String html_type,String igmp_addr_stb,
String igmp_addr_pc500k,String igmp_addr_pc1500k,String igmp_addr_vlc,
String chi_channel_name,String channel_type)
throws EPGException
{
String sql = "";
try
{
sql = "insert into p_channel " +
"(channel_no,channel_name,description,path," +
"html_type,igmp_addr_stb,igmp_addr_pc500k," +
"igmp_addr_pc1500k,igmp_addr_vlc,chi_channel_name,channel_type)" +
"values(?, ?, ?, ?," +
"?, ?, ?," +
"?, ?, ?, ?)";
/*
channel_no + "," + addquote(channel_name) + "," + addquote(description) + "," + addquote(path) + "," +
addquote(html_type) + "," + addquote(igmp_addr_stb) + "," + addquote(igmp_addr_pc500k) + "," +
addquote(igmp_addr_pc1500k) + "," + addquote(igmp_addr_vlc) + "," + addquote(chi_channel_name) + "," +
addquote(channel_type)+ ")";*/
pstmt = new LoggableStatement(con,sql);
pstmt.setString(1,channel_no);
pstmt.setString(2,channel_name);
pstmt.setString(3,description);
pstmt.setString(4,path);
pstmt.setString(5,html_type);
pstmt.setString(6,igmp_addr_stb);
pstmt.setString(7,igmp_addr_pc500k);
pstmt.setString(8,igmp_addr_pc1500k);
pstmt.setString(9,igmp_addr_vlc);
pstmt.setString(10,chi_channel_name);
pstmt.setString(11,channel_type);
pstmt.executeUpdate();
pstmt.close();
/*
pstmt.executeUpdate();
st = con.createStatement();
st.executeUpdate(sql);*/
//System.out.println(sql);
}
catch(SQLException e)
{
throw new EPGException("Duplicated channel No..Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
catch(Exception e)
{
throw new EPGException("Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
}
#2
prepare statement无惧任何怪符号,包括双引单引
#3
用转意符"\"
"\'xxx\'"
"\'xxx\'"
#4
同意楼上两位的.
可以先用转义符操作字符串.之后用Prepare statement
可以先用转义符操作字符串.之后用Prepare statement
#5
('no你好'\\\") 把括号之内的字符插进去?
#1
/**
* Insert channel
*
* @param channel_no channel no..
* @param channel_name channel name
* @param description description
* @param path channel path
* @param html_type html type
* @param igmp_addr_stb
* @param igmp_addr_pc500k
* @param igmp_addr_pc1500k
* @param chi_channel_name
*/
public void insertChannel(String channel_no,String channel_name,String description,
String path,String html_type,String igmp_addr_stb,
String igmp_addr_pc500k,String igmp_addr_pc1500k,String igmp_addr_vlc,
String chi_channel_name,String channel_type)
throws EPGException
{
String sql = "";
try
{
sql = "insert into p_channel " +
"(channel_no,channel_name,description,path," +
"html_type,igmp_addr_stb,igmp_addr_pc500k," +
"igmp_addr_pc1500k,igmp_addr_vlc,chi_channel_name,channel_type)" +
"values(?, ?, ?, ?," +
"?, ?, ?," +
"?, ?, ?, ?)";
/*
channel_no + "," + addquote(channel_name) + "," + addquote(description) + "," + addquote(path) + "," +
addquote(html_type) + "," + addquote(igmp_addr_stb) + "," + addquote(igmp_addr_pc500k) + "," +
addquote(igmp_addr_pc1500k) + "," + addquote(igmp_addr_vlc) + "," + addquote(chi_channel_name) + "," +
addquote(channel_type)+ ")";*/
pstmt = new LoggableStatement(con,sql);
pstmt.setString(1,channel_no);
pstmt.setString(2,channel_name);
pstmt.setString(3,description);
pstmt.setString(4,path);
pstmt.setString(5,html_type);
pstmt.setString(6,igmp_addr_stb);
pstmt.setString(7,igmp_addr_pc500k);
pstmt.setString(8,igmp_addr_pc1500k);
pstmt.setString(9,igmp_addr_vlc);
pstmt.setString(10,chi_channel_name);
pstmt.setString(11,channel_type);
pstmt.executeUpdate();
pstmt.close();
/*
pstmt.executeUpdate();
st = con.createStatement();
st.executeUpdate(sql);*/
//System.out.println(sql);
}
catch(SQLException e)
{
throw new EPGException("Duplicated channel No..Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
catch(Exception e)
{
throw new EPGException("Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
}
* Insert channel
*
* @param channel_no channel no..
* @param channel_name channel name
* @param description description
* @param path channel path
* @param html_type html type
* @param igmp_addr_stb
* @param igmp_addr_pc500k
* @param igmp_addr_pc1500k
* @param chi_channel_name
*/
public void insertChannel(String channel_no,String channel_name,String description,
String path,String html_type,String igmp_addr_stb,
String igmp_addr_pc500k,String igmp_addr_pc1500k,String igmp_addr_vlc,
String chi_channel_name,String channel_type)
throws EPGException
{
String sql = "";
try
{
sql = "insert into p_channel " +
"(channel_no,channel_name,description,path," +
"html_type,igmp_addr_stb,igmp_addr_pc500k," +
"igmp_addr_pc1500k,igmp_addr_vlc,chi_channel_name,channel_type)" +
"values(?, ?, ?, ?," +
"?, ?, ?," +
"?, ?, ?, ?)";
/*
channel_no + "," + addquote(channel_name) + "," + addquote(description) + "," + addquote(path) + "," +
addquote(html_type) + "," + addquote(igmp_addr_stb) + "," + addquote(igmp_addr_pc500k) + "," +
addquote(igmp_addr_pc1500k) + "," + addquote(igmp_addr_vlc) + "," + addquote(chi_channel_name) + "," +
addquote(channel_type)+ ")";*/
pstmt = new LoggableStatement(con,sql);
pstmt.setString(1,channel_no);
pstmt.setString(2,channel_name);
pstmt.setString(3,description);
pstmt.setString(4,path);
pstmt.setString(5,html_type);
pstmt.setString(6,igmp_addr_stb);
pstmt.setString(7,igmp_addr_pc500k);
pstmt.setString(8,igmp_addr_pc1500k);
pstmt.setString(9,igmp_addr_vlc);
pstmt.setString(10,chi_channel_name);
pstmt.setString(11,channel_type);
pstmt.executeUpdate();
pstmt.close();
/*
pstmt.executeUpdate();
st = con.createStatement();
st.executeUpdate(sql);*/
//System.out.println(sql);
}
catch(SQLException e)
{
throw new EPGException("Duplicated channel No..Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
catch(Exception e)
{
throw new EPGException("Insert channel in EPGDATA.insertChannel()" +
"SQLSTATMENT" + ((mfutil.LoggableStatement)pstmt).getQueryString() + "\n" + e.getMessage());
}
}
#2
prepare statement无惧任何怪符号,包括双引单引
#3
用转意符"\"
"\'xxx\'"
"\'xxx\'"
#4
同意楼上两位的.
可以先用转义符操作字符串.之后用Prepare statement
可以先用转义符操作字符串.之后用Prepare statement
#5
('no你好'\\\") 把括号之内的字符插进去?