JDBC statement与preparedStatement

最新推荐文章于 2021-08-25 14:38:01 发布

weixin_34062329

最新推荐文章于 2021-08-25 14:38:01 发布

阅读量58

点赞数

原文链接：http://blog.51cto.com/alanxu59/1283393

版权

1、 Statement

StringBuffer SQL = new StringBuffer("select * from user where ");
String sign = "";
if(user.getID() > 0){
SQL.append("ID = '" + user.getID()+"'");
sign = " and ";
}
if(user.getName() != null){
SQL.append(sign+"name = '" + user.getName()+"'");
}
rs = stat.executeQuery(SQL.toString());

2、PreparedStatement

User u = new User();
String sql = "select * from user where ID = ? or name = ?";
PreparedStatement ps = con.prepareStatement(sql);
ps.setLong(1, user.getID());
ps.setString(2, user.getName());
ps.execute();
rs = ps.getResultSet();

转载于:https://blog.51cto.com/alanxu59/1283393