SQLGrammarException:无法执行查询
发布于 2021-02-01 12:32:30
我正在使用Struts2&Hibernate并在使用字符串搜索数据时出现以下错误,test但是在使用数字搜索时对我有用111。我从豆类和豆类中的字符串类型的已定义的属性中获取此值。
下面我提供代码:
public String retrieveRecords()
{
String empId = p.getEmpId();
String paramValue = "";
if(empId !=null)
if(!(empId.isEmpty()))
paramValue =" where b.empId="+empId;
String empName = p.getEmployeeName();
if(empName !=null && empName != "")
{
if(!(empName.isEmpty())){
if(paramValue == "")
paramValue =" where b.employeeName="+empName;
else
paramValue =paramValue + " and b.employeeName="+empName;
}
}
System.out.println("=========paramvalues===="+paramValue);
recList = (List<RequestBean>) session.createQuery("from RequestBean b"+paramValue).list();
request.setAttribute("rec", recList);
System.out.println("got size"+recList);
return SUCCESS;
}
豆类:
public class RequestBean {
private Long id;
private String empId;
private String employeeName;
private String employeeType;
private String personnalNumber;
private String contactNumber;
private String companyName;
private String address;
private String remarks;
private String empStatus = "E";
private Date joiningDate = null;
private Date created;
/************* Getters ************************/
public Long getId() {
return id;
}
public String getEmpId() {
return empId;
}
public String getEmployeeName() {
return employeeName;
}
public String getEmployeeType() {
return employeeType;
}
public String getPersonnalNumber() {
return personnalNumber;
}
public String getContactNumber() {
return contactNumber;
}
public String getCompanyName() {
return companyName;
}
public String getAddress() {
return address;
}
public String getRemarks() {
return remarks;
}
public Date getJoiningDate() {
return joiningDate;
}
public String getEmpStatus() {
return empStatus;
}
public Date getCreated() {
return created;
}
/******************* Setters ***************************/
public void setId(Long id) {
this.id = id;
}
public void setEmpId(String empId) {
this.empId = empId;
}
public void setEmployeeName(String employeeName) {
this.employeeName = employeeName;
}
public void setEmployeeType(String employeeType) {
this.employeeType = employeeType;
}
public void setPersonnalNumber(String personnalNumber) {
this.personnalNumber = personnalNumber;
}
public void setContactNumber(String contactNumber) {
this.contactNumber = contactNumber;
}
public void setCompanyName(String companyName) {
this.companyName = companyName;
}
public void setAddress(String address) {
this.address = address;
}
public void setRemarks(String remarks) {
this.remarks = remarks;
}
public void setJoiningDate(Date joiningDate) {
this.joiningDate = joiningDate;
}
public void setEmpStatus(String empStatus) {
this.empStatus = empStatus;
}
public void setCreated(Date created) {
this.created = created;
}
}
对应:
<hibernate-mapping>
<class name="com.ims.bean.RequestBean" table="EMPDETAILS">
<id name="id" column="id">
<generator class="increment"/>
</id>
<!-- <property name="id" column="id" /> -->
<property name="empId" column="empId"/>
<property name="employeeName" column="empName"/>
<property name="employeeType" column="empType"/>
<property name="personnalNumber" column="personnalNum"/>
<property name="contactNumber" column="contactNo"/>
<property name="companyName" column="empCompanyName"/>
<property name="address" column="address"/>
<property name="remarks" column="remarks"/>
<property name="joiningDate" column="joiningDate"/>
<property name="empStatus" column="empStatus"/>
<property name="created" column="created"/>
</class>
</hibernate-mapping>
错误:
org.hibernate.exception.SQLGrammarException: could not execute query
org.hibernate.exception.SQLStateConverter.convert(SQLStateConverter.java:90)
org.hibernate.exception.JDBCExceptionHelper.convert(JDBCExceptionHelper.java:66)
org.hibernate.loader.Loader.doList(Loader.java:2231)
org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2125)
org.hibernate.loader.Loader.list(Loader.java:2120)
org.hibernate.loader.hql.QueryLoader.list(QueryLoader.java:401)
org.hibernate.hql.ast.QueryTranslatorImpl.list(QueryTranslatorImpl.java:361)
org.hibernate.engine.query.HQLQueryPlan.performList(HQLQueryPlan.java:196)
org.hibernate.impl.SessionImpl.list(SessionImpl.java:1148)
org.hibernate.impl.QueryImpl.list(QueryImpl.java:102)
com.ims.DAO.RequestControllerDAO.retrieveRecords(RequestControllerDAO.java:60)
sun.reflect.GeneratedMethodAccessor76.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
java.lang.reflect.Method.invoke(Unknown Source)
ognl.OgnlRuntime.invokeMethod(OgnlRuntime.java:891)
ognl.OgnlRuntime.callAppropriateMethod(OgnlRuntime.java:1293)
ognl.ObjectMethodAccessor.callMethod(ObjectMethodAccessor.java:68)
com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethodWithDebugInfo(XWorkMethodAccessor.java:117)
com.opensymphony.xwork2.ognl.accessor.XWorkMethodAccessor.callMethod(XWorkMethodAccessor.java:108)
ognl.OgnlRuntime.callMethod(OgnlRuntime.java:1369)
ognl.ASTMethod.getValueBody(ASTMethod.java:90)
ognl.SimpleNode.evaluateGetValueBody(SimpleNode.java:212)
ognl.SimpleNode.getValue(SimpleNode.java:258)
ognl.Ognl.getValue(Ognl.java:494)
ognl.Ognl.getValue(Ognl.java:458)
关注者
0
被浏览
126
1 个回答
-
SQLGrammarException之所以引发,是因为Hibernate生成的SQL查询的SQL语法错误。构建查询的方式是错误的,不应将值(尤其是字符串值)连接到结果查询,因为此类代码容易受到SQL注入攻击的攻击。相反,您可以在查询字符串中使用参数String empId = p.getEmpId(); String paramValue = ""; if (empId !=null && !empId.isEmpty()) paramValue = " where b.empId=:empId"; String empName = p.getEmployeeName(); if (empName !=null && !empName.isEmpty()) { if (paramValue == "") paramValue =" where b.employeeName=:empName"; else paramValue =paramValue + " and b.employeeName=:empName"; } System.out.println("=========paramvalues===="+paramValue); Query query = session.createQuery("from RequestBean b"+paramValue); //now set parameter values if(empId !=null && !empId.isEmpty()) query.setParameter("empId", empId); if(empName !=null && !empName.isEmpty()) query.setParameter("empName", empName); recList = (List<RequestBean>) query.list();
推荐阅读
-
org.hibernate.exception.SQLGrammarException:无法执行语句
2021-02-01 关注 0 浏览96 1答案
-
无法执行SQL查询
2021-05-10 关注 0 浏览67 1答案
-
休眠:无法执行本机批量操作查询
2021-02-01 关注 0 浏览108 1答案
-
org.hibernate.exception.GenericJDBCException:无法执行查询
2021-02-01 关注 0 浏览107 1答案
-
MySQL 错误 2014 的原因无法执行查询而其他无缓冲查询处于活动状态
2021-07-06 关注 0 浏览109 1答案
-
获取org.hibernate.exception.JDBCConnectionException:即使通过JNDI也无法执行查询
2021-02-01 关注 0 浏览86 1答案
-
MySQL错误2014的原因其他未缓冲的查询处于活动状态时无法执行查询
2021-02-02 关注 0 浏览77 1答案
-
结果查看器无法执行项目列表中超过655列的查询
2021-06-15 关注 0 浏览97 1答案
-
Crontab无法执行Python脚本
2021-01-29 关注 0 浏览143 1答案
-
您是否遇到过SQL Server由于引用过多表而无法执行的查询?
2021-04-20 关注 0 浏览134 1答案
