public User findUserByNameAndPassworf(String name, String password) {
try {
conn=ConnectionFactory.getConnection();
System.out.println(conn);
StringBuffer sql=new StringBuffer();
sql.append("select id,name,password from tb_user");
sql.append("where name=? and password=?");
pstm=conn.prepareStatement(sql.toString());
pstm.setString(1, name);
pstm.setString(2, password);
rs=pstm.executeQuery();
User user=null;
if(rs.next())
{
user= new User();
user.setId(rs.getInt("id"));
user.setName(rs.getString("name"));
user.setPassword(rs.getString("password"));
System.out.println(user.getPassword());
}
return user;
} catch (Exception e) {
e.printStackTrace();
return null;
}finally{
ConnectionFactory.close(conn, pstm, rs);
}
}
注释掉sql.append("where name=? and password=?");
pstm.setString(1, name);
pstm.setString(2, password);
异常SQL 命令未正确结束
try {
conn=ConnectionFactory.getConnection();
System.out.println(conn);
StringBuffer sql=new StringBuffer();
sql.append("select id,name,password from tb_user");
sql.append("where name=? and password=?");
pstm=conn.prepareStatement(sql.toString());
pstm.setString(1, name);
pstm.setString(2, password);
rs=pstm.executeQuery();
User user=null;
if(rs.next())
{
user= new User();
user.setId(rs.getInt("id"));
user.setName(rs.getString("name"));
user.setPassword(rs.getString("password"));
System.out.println(user.getPassword());
}
return user;
} catch (Exception e) {
e.printStackTrace();
return null;
}finally{
ConnectionFactory.close(conn, pstm, rs);
}
}
注释掉sql.append("where name=? and password=?");
pstm.setString(1, name);
pstm.setString(2, password);
异常SQL 命令未正确结束
改成
sql.append(" where name=? and password=?");