首先,请你告诉我你使用PreparedStatement的理由,为什么不使用Statement?二者有什么区别?
然后 你用到了PreparedStatement的特性了吗?
接下来我们在探讨这代码该怎么写。下面的代码仅供参考,基本不具有实践意义。
public static void main(String[] args) {
Map params = new HashMap();
param.put("user_name", "小美");
param.put("mobile", "18712345678");
param.put("age", "33");
// 如果传递条件不限于相等,则如下
// param.put("nick_name like=?", "小李");
// param.put("age=?", "33");
query(params);
}
public List query(Map params) throws Exception{
List result=new ArrayList();
Connection conn=DBUtil.getConnection();
StringBuilder sb=new StringBuilder();
sb.append("select * from imooc_goddess");
if(params!=null && params.keySet().size() > 0){
sb.append(" where 1=1");
Set keySet = params.keySet();
for (String key : keySet) {
sb.append(" and "+key+"=?");
// 如果判断条件不是有等于可以如下
// sb.append(" and " + key);
}
}
PreparedStatement ptmt=conn.prepareStatement(sb.toString());
System.out.println(sb.toString());
if(params!=null && params.keySet().size() > 0){
Set keySet = params.keySet();
int index = 0;
for (String key : keySet) {
index++;
Object value = params.get(key);
if(value instanceof String){
ptmt.setString(index, (String)value);
}else if(value instanceof Integer){
ptmt.setInt(index, (Integer)value);
}else if(value instanceof Date){
ptmt.setTimestamp(index, new Timestamp(((Date)value).getTime()));
}else{
//......
}
}
}
ResultSet rs=ptmt.executeQuery();
Goddess g=null;
while(rs.next()){
g=new Goddess();
g.setId(rs.getInt("id"));
g.setUser_name(rs.getString("user_name"));
g.setAge(rs.getInt("age"));
g.setSex(rs.getInt("sex"));
g.setEmail(rs.getString("email"));
g.setMobile(rs.getString("mobile"));
result.add(g);
}
return result;
}