java - "Inconsistent datatypes: expected DATE got NUMBER"与 DepartmentsImpl 类

Question

我在实体对象部门中生成此类，并创建名为“department_log”的日志表(department_id number，entry_user number，Entry_date date) 当该方法尝试将已删除的记录输入此表时，会出现此错误:

(inconsistent datatypes: expected DATE got NUMBER)

这是 do_dml 方法代码:

if (operation == DML_DELETE) {
        FacesContext context = FacesContext.getCurrentInstance();
        UserInfo user =
            (UserInfo)context.getExternalContext().getSessionMap().get("userInfo");
        Number deptID = new Number(getDepartmentId());
        Date entryDate = new Date(Date.getCurrentDate());
        Number entryUser = new Number(user.getEmployeeId());
        String sql =
            "insert into departments_log (DEPARTMENT_ID,entry_user,entry_date) values (" +
            deptID + "," + entryUser + "," +
            entryDate + ")";
        PreparedStatement stm =
            getDBTransaction().createPreparedStatement(sql, 1);
        try {
            stm.executeUpdate(sql);
        } catch (SQLException f) {
            System.out.println("delete errore"+f.getMessage()+Date.getCurrentDate());
        }
    }

Answer 1

问题在于您没有正确传递数据:您正在内联值 ( which is a major security risk in itself )，而不是通过查询参数传递它们。

修复方法如下:

String sql = "insert into departments_log (DEPARTMENT_ID,entry_user,entry_date) values (?,?,?)";
PreparedStatement stm = getDBTransaction().createPreparedStatement(sql, 1);
stm.setInt(1, deptID);
stm.setString(2, entryUser.longValue());
stm.setDate(entryDate);

以上只是一个实现的框架。您需要添加日期和数字的 null 检查，并进行其他修改以提高稳健性。

Link to a tutorial on using parameteriszed prepared statements.