使用 jdbc 的 SQL 语法错误

Question

我不知道这部分的错误是什么，请帮忙

这是我的代码

public void addEmploye(Employe employe, Service service) throws SQLException{
    int id_service = getServiceId(service);
    if(nbrPersonnes(employe.getCin())!=0)
        System.out.println("Employe deja existant verifier le cin");
    else{
     String SQL = "insert into Employe(post) "
            + "values ("
            + "'"+employe.getPost()+"')"

            + "insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_employe,id_service)"
            + "values('"+employe.getCin()+"',"
            + "'"+employe.getNom()+"',"
            + "'"+employe.getPrenom()+"',"
            + "'"+employe.getAdresse()+"',"
            + "'"+employe.getTel()+"',"
            + "'"+employe.getEmail()+"',"
            + "'"+employe.getPassword()+"',"
            + "0,"
            + " SELECT LAST_INSERT_ID() FROM `Personne`,"
            +id_service+")";
     if(id_service!=0)
         try {
             stmt = con.createStatement();  
             rs = stmt.executeUpdate(SQL);
        } catch (SQLException e) {
            System.out.println("addEmploye "+e.toString());
        }
    }
}

这是错误

    addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1
addEmploye com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'insert into Personne(cin,nom,prenom,adresse,tel,email,password,id_directeur,id_e' at line 1

我的团队伙伴为 MSSQL 编写了这段代码，但我现在想在 Mysql SGBD 下使用它我发现这个问题有任何建议

Answer 1

一条 SQL 语句只能包含一条语句，您的代码正在尝试执行 insert into Employe(post) values (...)insert into Personne(...。

这必须分成两条SQL命令，分别执行：insert into Employe(post) values (...)和insert into Personne(...。您可以使用相同的Statement 实例，但executeUpdate 必须调用两次。

并表明使用 Jamal H 建议的 PreparedStatement。

Answer 2

您必须在那条长 SQL 语句中的某处出现错误，或者您传递的参数之一包含弄乱语句的内容。

您永远不应该将这种方法用于 SQL 插入。使用准备好的语句：Prepared Statements

Prepared statements 使代码更清晰，并防止 SQL 注入之类的事情。实现它，您应该能够修复您的插入语句