怎么在sql语句中使用?来匹配那个like,例如select * from user where name like '%王'
怎么用?换掉呢,我用的sqlserver2000,怎么弄都出不来。
怎么用?换掉呢,我用的sqlserver2000,怎么弄都出不来。
解决方案 »
- SSH2搭建项目时遇到的问题:谁来帮我解决下:
- Oracle问题:Your username and/or password are invalid.
- Properties
- J2ee求助
- hibernate MSSQL: ..couldn't find any tables.
- a href="userInfo_landOut.htm" class="a1"
- 推荐一款strus代码生成器
- url访问jsf bean
- 谁有Javamail的组件,发一个给我,sun下载好慢,半天还没下完
- 请问,isleaf(),叶子节点是什么意思?
- 验证码图片ie下点换张图片不变ff和谷歌都变解决不了(求助)
- 请教:如何在表头增加一个check box?
select * from user where name like ? ps.setString(1,name);就出错,再换了很多都错,希望谁告诉我以下,最好通过调试了的
----------------------------------------------------------------------------------------------------------import java.sql.SQLException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.Statement;
import java.sql.ResultSet;
//import java.*;class CourseAppl {
private Connection conn;
private String url;
private String serverName;
private String portNumber;
private String databaseName;
private String userName;
private String password;
private String sql;
CourseAppl() {
url = "jdbc:microsoft:sqlserver://";
serverName = "localhost";
portNumber = "1433";
databaseName = "test";
userName = "sa";
password = "";
}
private String getConnectionUrl() {
//System.out.println (url + serverName + ":"
// + portNumber + ";databaseName="
//+ databaseName + ";");
return url + serverName + ":"
+ portNumber + ";databaseName="
+ databaseName + ";";
}
private Connection getConnection() {
try {
System.out.println (getConnectionUrl());
Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
//Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDrive");
conn =
DriverManager.getConnection(getConnectionUrl(),userName,password);
if(conn != null) {
System.out.println ("数据库连接成功!");
}
}catch(Exception ce) {
ce.printStackTrace();
System.out.println ("getConnection() 内部错误跟踪:" +
ce.getMessage());
}
return conn;
}
public void display() {
try {
conn = getConnection();
PreparedStatement pstmt =
conn.prepareStatement("update friends set "+
"salary = ? where name like ?");
pstmt.setInt(1,10000);
pstmt.setString(2,"李四");
pstmt.executeUpdate();
System.out.println ("李四的记录已经被更新!!");
Statement stmt = conn.createStatement();
ResultSet rs =
stmt.executeQuery("select * from friends");
if(!rs.next()) {
System.out.println ("空表,没有数据!!");
}else {
System.out.print(rs.getString(1) + "\t");
System.out.print(rs.getString(2) + "\t");
System.out.print(rs.getInt(3) + "\t");
System.out.print(rs.getDate(4) + "\t");
System.out.print(rs.getInt(5) + "\t");
System.out.println ();
while(rs.next()) {
System.out.print(rs.getString(1) + "\t");
System.out.print(rs.getString(2) + "\t");
System.out.print(rs.getInt(3) + "\t");
System.out.print(rs.getDate(4) + "\t");
System.out.print(rs.getInt(5) + "\t");
System.out.println ();
}
}
}catch(SQLException ce) {
System.out.println (ce);
}
}
public static void main(String[] args) {
CourseAppl retObj = new CourseAppl();
retObj.getConnection();
retObj.display();
}
}
对于具有批量更新,导入等使用PrepareStatement接口,效率较高,如insert ,update..具体楼主可以多看看网上关于这两个接口的一些资料哎 我在网上查了下 别人这么说的 难道真的不能用吗?那我怎么处理SQL注入问题啊!!!
microsoft啊!人家是老大,,,唉。
String sql="select * from user where name like ?;ps.setString(1,"'"+name+"'");