PrepareStatement的用法在Mysql中很重要,也用的很多,在sql语句中存在in,like等词时用法稍微复杂一些,说明一下:
in 用法
public boolean transferBetweenGroup(String groupId, String[] userIds) {
boolean result = false;
String sql ;
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
conn = dataSource.getConnection();
StringBuffer buffer = new StringBuffer();
for (int i = 0; i < userIds.length; i++)
{
buffer.append("?, ");
}
buffer.deleteCharAt(buffer.length() - 1);
buffer.deleteCharAt(buffer.length() - 1);
sql = "update motro_user set owner = ? where id in (" + buffer.toString() +") ";
pstmt = conn.prepareStatement(sql);
pstmt.setInt(1, Integer.valueOf(groupId));
for (int i = 0; i < userIds.length; i++)
{
pstmt.setInt(i + 2, Integer.valueOf(userIds[i]));
}
pstmt.execute();
result = true;
} catch (Exception e) {
// TODO: handle exception
e.printStackTrace();
}
finally{
close(conn,pstmt,rs);
}
return result;
}
like 用法
String expr = "select * from table where url like ?";
pstmt = con.prepareStatement(expr);
String a="a";
pstmt.setString(1, "%"+a+"%");//自动添加单引号 (包装后的参数)
pstmt.execute();