当ID为数组形式时,如何从SQL检索值

时间:2021-10-24 13:07:50

The function below will pick the highest value and it will display value which are in column place1(in table placeseen) as output based on the ID.So far I only can get the highest value but not the value in place1. I don't know what's wrong with my coding because the output is always shows empty.

下面的函数将选择最高值,它将显示列place1(在表placeseen中)的值作为基于ID的输出。到目前为止,我只能获得最高值,但不能获得place1中的值。我不知道我的编码有什么问题,因为输出总是显示为空。

   private void pick_highest_value_here_and_display(ArrayList<Double> value) throws Exception {
            // TODO Auto-generated method stub
            double aa[]=value.stream().mapToDouble(v -> v.doubleValue()).toArray();
            double highest=aa[0+1];
            for(int i=0;i<aa.length;i++)
            {
                if(aa[i]>highest){
                    highest=aa[i];
                    String sql ="Select* from placeseen where ID =aa[i]";
                    DatabaseConnection db = new DatabaseConnection();
                    Connection  conn =db.getConnection();
                    PreparedStatement  ps = conn.prepareStatement(sql);
                    ResultSet rs = ps.executeQuery();
                    if (rs.next()) 
                    {  
                    String aaa;
                    aaa=rs.getString("place1");
                    System.out.println(aaa);
                    }
                    ps.close();
                    rs.close();
                    conn.close();
                }

            }

            System.out.println(highest);
        }

2 个解决方案

#1

0  

You can try this

你可以试试这个

// as you are using preparedStatement you can use ? and then set value for it to prevent sql injection
String sql = "Select * from placeseen where ID = ?";
DatabaseConnection db = new DatabaseConnection();
Connection conn = db.getConnection();
PreparedStatement ps = conn.prepareStatement(sql);
ps.setDouble(1, aa[i]);  // 1 represent first attribute represented by ?

System.out.println(ps); // this will print query in console

ResultSet rs = ps.executeQuery();
if (rs.next()) {
    System.out.println("Inside rs.next()");  // for debug purpose
    String aaa;
    aaa=rs.getString("place1");
    System.out.println(aaa);
}
// remaining code

#2

1  

instead of

  String sql ="Select * from placeseen where ID =aa[i]";//aa[i] taking a value

use 

  String sql ="Select place1 from placeseen where ID =?";
  PreparedStatement ps = conn.prepareStatement(sql);
  ps.setDouble(1, aa[i]);

passing aa[i] variable value .

传递aa [i]变量值。

Avoid sql injection

避免sql注入

#1

0  

You can try this

你可以试试这个

// as you are using preparedStatement you can use ? and then set value for it to prevent sql injection
String sql = "Select * from placeseen where ID = ?";
DatabaseConnection db = new DatabaseConnection();
Connection conn = db.getConnection();
PreparedStatement ps = conn.prepareStatement(sql);
ps.setDouble(1, aa[i]);  // 1 represent first attribute represented by ?

System.out.println(ps); // this will print query in console

ResultSet rs = ps.executeQuery();
if (rs.next()) {
    System.out.println("Inside rs.next()");  // for debug purpose
    String aaa;
    aaa=rs.getString("place1");
    System.out.println(aaa);
}
// remaining code

#2

1  

instead of

  String sql ="Select * from placeseen where ID =aa[i]";//aa[i] taking a value

use 

  String sql ="Select place1 from placeseen where ID =?";
  PreparedStatement ps = conn.prepareStatement(sql);
  ps.setDouble(1, aa[i]);

passing aa[i] variable value .

传递aa [i]变量值。

Avoid sql injection

避免sql注入

标签:

相关文章