怎么在sql语句中使用?来匹配那个like,例如select * from user where name like '%王'
怎么用?换掉呢,我用的sqlserver2000,怎么弄都出不来。
怎么用?换掉呢,我用的sqlserver2000,怎么弄都出不来。
解决方案 »
- Tomcat下 使用Extjs IE页面显示空白?不理解。
- 跪求字符串的问题
- java新手问个jdbc连接oracle的问题,急
- JSP与SERVELT中的传值问题
- struts,hibernate,spring整合问题!大家指点一下
- 关于搭建struts框架的思想!!!!!刚入门的!
- 请指教 金蝶apusic3.0和SQL 2000交互时出现的问题
- jbuilder8+weblogic7 的数据库连接问题(在线等待)
- jboss3连接mysql的问题
- 莫名其妙的错误。。。。。帮我解决一下
- 验证码图片ie下点换张图片不变ff和谷歌都变解决不了(求助)
- 请教:如何在表头增加一个check box?
select * from user where name like ? ps.setString(1,name);就出错,再换了很多都错,希望谁告诉我以下,最好通过调试了的
----------------------------------------------------------------------------------------------------------import java.sql.SQLException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.Statement;
import java.sql.ResultSet;
//import java.*;class CourseAppl {
private Connection conn;
private String url;
private String serverName;
private String portNumber;
private String databaseName;
private String userName;
private String password;
private String sql;
CourseAppl() {
url = "jdbc:microsoft:sqlserver://";
serverName = "localhost";
portNumber = "1433";
databaseName = "test";
userName = "sa";
password = "";
}
private String getConnectionUrl() {
//System.out.println (url + serverName + ":"
// + portNumber + ";databaseName="
//+ databaseName + ";");
return url + serverName + ":"
+ portNumber + ";databaseName="
+ databaseName + ";";
}
private Connection getConnection() {
try {
System.out.println (getConnectionUrl());
Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
//Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDrive");
conn =
DriverManager.getConnection(getConnectionUrl(),userName,password);
if(conn != null) {
System.out.println ("数据库连接成功!");
}
}catch(Exception ce) {
ce.printStackTrace();
System.out.println ("getConnection() 内部错误跟踪:" +
ce.getMessage());
}
return conn;
}
public void display() {
try {
conn = getConnection();
PreparedStatement pstmt =
conn.prepareStatement("update friends set "+
"salary = ? where name like ?");
pstmt.setInt(1,10000);
pstmt.setString(2,"李四");
pstmt.executeUpdate();
System.out.println ("李四的记录已经被更新!!");
Statement stmt = conn.createStatement();
ResultSet rs =
stmt.executeQuery("select * from friends");
if(!rs.next()) {
System.out.println ("空表,没有数据!!");
}else {
System.out.print(rs.getString(1) + "\t");
System.out.print(rs.getString(2) + "\t");
System.out.print(rs.getInt(3) + "\t");
System.out.print(rs.getDate(4) + "\t");
System.out.print(rs.getInt(5) + "\t");
System.out.println ();
while(rs.next()) {
System.out.print(rs.getString(1) + "\t");
System.out.print(rs.getString(2) + "\t");
System.out.print(rs.getInt(3) + "\t");
System.out.print(rs.getDate(4) + "\t");
System.out.print(rs.getInt(5) + "\t");
System.out.println ();
}
}
}catch(SQLException ce) {
System.out.println (ce);
}
}
public static void main(String[] args) {
CourseAppl retObj = new CourseAppl();
retObj.getConnection();
retObj.display();
}
}
对于具有批量更新,导入等使用PrepareStatement接口,效率较高,如insert ,update..具体楼主可以多看看网上关于这两个接口的一些资料哎 我在网上查了下 别人这么说的 难道真的不能用吗?那我怎么处理SQL注入问题啊!!!
microsoft啊!人家是老大,,,唉。
String sql="select * from user where name like ?;ps.setString(1,"'"+name+"'");