如果想用参数的话,最好用PreparedStatement或CallableStatement,
下面给你示范一个:
<%@page contentType="text/html;charset=gb2312"%>
<%!
java.sql.Connection sqlconn=null;
java.sql.PreparedStatement pstmt=null;
java.sql.ResultSet res=null;
%>
<%
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver").newInstance();
sqlconn=java.sql.DriverManager.getConnection("jdbc:odbc:db");
pstmt=sqlconn.prepareStatement("select a,b from DBT where a=?");
pstmt.setString(1,"a理");
res=pstmt.executeQuery();
%>
<html>
<head>
<title>jdbc-odbc test!</title>
</head>
<body>
<table border="5" cellspacing="1" cellpadding="1" align="center">
<tr>
<td>姓名</td>
<td>年龄</td>
</tr>
<%while(res.next()){%>
<tr>
<td><%=res.getString("a")%></td>
<td><%=res.getString("b")%></td>
</tr>
<%}%>
</table>
<a href="http://202.202.35.151">返回</a>
</body>
</html>
<%
try{
sqlconn.close();
pstmt.close();
res.close();
}
catch(java.sql.SQLException ex)
{
out.println("出现异常,如下:<br>"+ex.getMessage());;
};
%>
下面给你示范一个:
<%@page contentType="text/html;charset=gb2312"%>
<%!
java.sql.Connection sqlconn=null;
java.sql.PreparedStatement pstmt=null;
java.sql.ResultSet res=null;
%>
<%
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver").newInstance();
sqlconn=java.sql.DriverManager.getConnection("jdbc:odbc:db");
pstmt=sqlconn.prepareStatement("select a,b from DBT where a=?");
pstmt.setString(1,"a理");
res=pstmt.executeQuery();
%>
<html>
<head>
<title>jdbc-odbc test!</title>
</head>
<body>
<table border="5" cellspacing="1" cellpadding="1" align="center">
<tr>
<td>姓名</td>
<td>年龄</td>
</tr>
<%while(res.next()){%>
<tr>
<td><%=res.getString("a")%></td>
<td><%=res.getString("b")%></td>
</tr>
<%}%>
</table>
<a href="http://202.202.35.151">返回</a>
</body>
</html>
<%
try{
sqlconn.close();
pstmt.close();
res.close();
}
catch(java.sql.SQLException ex)
{
out.println("出现异常,如下:<br>"+ex.getMessage());;
};
%>
sql="SELECT * FROM stu WHERE name='"+temp1+"' and password='"+temp2+"'";