原帖地址: http://blog.sina.com.cn/s/blog_69ca12330100kun6.html 对有引号的值转換: public static String getSafeSQL(String inStr) { String result = ""; try { inStr = inStr.trim(); char c; int strLen = inStr.length(); for (int i = 0; i < strLen; i++) { c = inStr.charAt(i); switch (c) { case '/'': result = result + "''"; break; case '//': result = result + ""; break; default: result = result + String.valueOf(c); break; } } } catch (Exception e) { return ""; } return result; }