最近弄的一个jsp项目,使用了c3p0来连接到oracle上,其中oracle通过透明网关直连sqlserver,sql的处理是使用最原始的jdbc然后拼串,在处理查询时遇到了一些问题,如下:
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = '?' and userpass\" = '?'";这样经过PreparedStatement处理后报无效列索引错误。
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = ? and userpass\" = ?";这样没有报错,但是查不到结果。
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = 'zhangzhihua' and userpass\" = '1'";这样可以出来结果,但是登录验证不可以这样写啊
有哪位大哥遇见过这样的问题吗?给讲讲吧。
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = '?' and userpass\" = '?'";这样经过PreparedStatement处理后报无效列索引错误。
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = ? and userpass\" = ?";这样没有报错,但是查不到结果。
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = 'zhangzhihua' and userpass\" = '1'";这样可以出来结果,但是登录验证不可以这样写啊
有哪位大哥遇见过这样的问题吗?给讲讲吧。
sql可以这么拼写:
String username = ...;
String userpass = ...;
sql = "select \"empname\", \"empid\", \"empno\", \"username\", \"userpass\", \"empstatus\", \"empcate\" from t_fly_flyer@okfoc where \"username\" = '" + username + "' and userpass\" = '" + userpass + "'";
谢谢~~,这样弄然后把sql执行时传的对象设为空就拿到了结果