ssm，insert时出现的问题，其他配置感觉没错啊，update能成功，求大佬帮助啊

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.jdbc.UncategorizedSQLException:

Error updating database. Cause: java.sql.SQLException: sql injection violation, error COMMENT : insert into comment (m_id, c_createtime,

  publisher, c_detail)
  values (?, ?, 
  ?, ?)

SQL: insert into comment (m_id, c_createtime, publisher, c_detail) values (?, ?, ?, ?)

Cause: java.sql.SQLException: sql injection violation, error COMMENT : insert into comment (m_id, c_createtime,

  publisher, c_detail)
  values (?, ?, 
  ?, ?)

; uncategorized SQLException for SQL []; SQL state [null]; error code [0]; sql injection violation, error COMMENT : insert into comment (m_id, c_createtime,
publisher, c_detail)
values (?, ?,
?, ?); nested exception is java.sql.SQLException: sql injection violation, error COMMENT : insert into comment (m_id, c_createtime,
publisher, c_detail)
values (?, ?,
?, ?)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:973)
org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:863)
javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

root cause

这时xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >















select *
from comment,user
where m_id = #{cId,jdbcType=INTEGER}
and comment.publisher = user.id


delete from comment
where c_id = #{cId,jdbcType=INTEGER}


insert into comment (c_id, m_id, c_createtime,
publisher, c_detail)
values (#{cId,jdbcType=INTEGER}, #{mId,jdbcType=INTEGER}, #{cCreatetime,jdbcType=TIMESTAMP},
#{publisher.id,jdbcType=INTEGER}, #{cDetail,jdbcType=LONGVARCHAR});


insert into comment


m_id,


c_createtime,


publisher,


c_detail,




#{mId,jdbcType=INTEGER},


#{cCreatetime,jdbcType=TIMESTAMP},


#{publisher.id,jdbcType=INTEGER},


#{cDetail,jdbcType=LONGVARCHAR},




update comment


c_createtime = #{cCreatetime,jdbcType=TIMESTAMP},


comment.publisher = #{publisher.id},


c_detail = #{cDetail,jdbcType=LONGVARCHAR},


where c_id = #{cId,jdbcType=INTEGER}

是sql写错了吧

insert into comment values(?,?,?,?);

试了么？

如果确认其他配置没粗哟的话，建议确认一下comment 表的主键生成方式。因为，如果insert语句中指定了主键的值而该值和主键生成方式冲突，那么会出现错误

insert into comment (m_id, c_createtime,
publisher, c_detail)
values (#{mId,jdbcType=INTEGER}, #{cCreatetime,jdbcType=TIMESTAMP},
#{publishid,jdbcType=INTEGER}, #{cDetail,jdbcType=LONGVARCHAR})

感觉没错啊

insert into comment (m_id, c_createtime,
publisher, c_detail)
values (#{mId,jdbcType=INTEGER}, #{cCreatetime,jdbcType=TIMESTAMP},
#{publishid,jdbcType=INTEGER}, #{cDetail,jdbcType=LONGVARCHAR})

最后加个 ;

有完整的代码没。这样看不出问题，有可能是其他地方错误

mysql comment 是关键字吧

你没有commit吧？

看不到你完整的代码，sql是写在xml中了吧，你用的是<update不是<inster标签吧

数据库可能插入时和表结构有冲突吧？

insert into_ comment _ (m_id, c_createtime, publisher, c_detail) ....

comment是MySQL关键字

楼上说的对，commont是MySQL中添加注释的关键字。不要作为表名称使用