在使用 StringBuilder拼接sql字符串时,要注意最好append前后有空格,避免因为空格而浪费时间
String sql = "select count(*) from tab_route where 1=1 ";
StringBuilder sbu =new StringBuilder( sql );
List param =new ArrayList( );
if(cid!=0){
sbu.append( "and cid = ? " );//错误在这
param.add( cid );
}
System.out.println(rname );
if(rname!=null){
sbu.append( "and rname like ?");
param.add( "%"+rname+"%" );
}
sql =sbu.toString();
System.out.println(sql ); //此时形成的字符串是, select count(*) from tab_route where 1=1and cid = ? and rname like ?
这样的错误很难找到,所以需要有好的编程习惯