我在JavaBean有个从数据库中模糊查询的方法
其中查询语句是
n是一个字符串Statement st=con.createStatement();
ResultSet rs=st.executeQuery(
"select * from info where name like '%"+n+"%'");能查出我想要的结果集
而换成PreparedStatement ps=con.prepareStatement(
"select * from info where name like ?");
String t="%"+n+"%";
ps.setString(1,t);
ResultSet rs=ps.executeQuery();却查不出
其中查询语句是
n是一个字符串Statement st=con.createStatement();
ResultSet rs=st.executeQuery(
"select * from info where name like '%"+n+"%'");能查出我想要的结果集
而换成PreparedStatement ps=con.prepareStatement(
"select * from info where name like ?");
String t="%"+n+"%";
ps.setString(1,t);
ResultSet rs=ps.executeQuery();却查不出
ResultSet rs=st.executeQuery(
"select * from info where name like '%n%'");
就可以了
String t="'%"+n+"'%";
ResultSet rs=st.executeQuery("select * from info where name like " + t);
能不能用预处理(PreparedStatement)做到
拼串会带来很多不必要的麻烦