public CradInfo GetUserLogin(String CardNumber,int CardPassWord){
String sql=String.format("select * from CardInfo where CardNumber='%s' and CardPassWord='%s'",CardNumber,CardPassWord);
CradInfo card=null;
ResultSet rs=Connect.ExecuteSelect(sql);
try {
if(rs.next()){
card=new CradInfo();
card.setCradNumber(rs.getString("cradNumber"));
card.setCardForUserId(rs.getInt("cardForUserId"));
card.setCardForBankId(rs.getInt("cardForBankId"));
card.setCardPassWord(rs.getInt("cardPassWord"));
card.setCardMoney(rs.getInt("cardMoney"));
card.setCardAddTime(rs.getString("cardAddTime"));
card.setCardForTypeId(rs.getInt("cardForTypeId"));
return card;
}else{
return null;
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println(e.getMessage());
return null;
}
}这是我写的一个方法 是jsp链接oracle 但是我觉得String sql=String.format("select * from CardInfo where CardNumber='%s' and CardPassWord='%s'",CardNumber,CardPassWord);写得有错 我不知道怎么写sql语句
String sql=String.format("select * from CardInfo where CardNumber='%s' and CardPassWord='%s'",CardNumber,CardPassWord);
CradInfo card=null;
ResultSet rs=Connect.ExecuteSelect(sql);
try {
if(rs.next()){
card=new CradInfo();
card.setCradNumber(rs.getString("cradNumber"));
card.setCardForUserId(rs.getInt("cardForUserId"));
card.setCardForBankId(rs.getInt("cardForBankId"));
card.setCardPassWord(rs.getInt("cardPassWord"));
card.setCardMoney(rs.getInt("cardMoney"));
card.setCardAddTime(rs.getString("cardAddTime"));
card.setCardForTypeId(rs.getInt("cardForTypeId"));
return card;
}else{
return null;
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println(e.getMessage());
return null;
}
}这是我写的一个方法 是jsp链接oracle 但是我觉得String sql=String.format("select * from CardInfo where CardNumber='%s' and CardPassWord='%s'",CardNumber,CardPassWord);写得有错 我不知道怎么写sql语句
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货