不知道大家在拼接字符串的时候是怎么做的?是不是采用,或:?
这样做有的时候不很安全,因为你不能确保你传入的字符串中没有这几个字符,那怎么做能保证万无一失呢?
arcII码为0x01,0x02的字符是键盘所不能输入的,因为用这个能保证万无一失。
public String GetEnterpriseInfo(String code) {
Connection cn = null;
PreparedStatement stm = null;
ResultSet rs = null;
String s = "";
byte b1[] = {0x02};
byte b2[] = {0x01};
String str1 = new String(b1);
String str2 = new String(b2);
try {
cn = DBUtil.getConn();
String sql = "select station_id,station_desc from t_cfg_station_info where area_id like '%"+code+"%'";
stm = cn.prepareStatement(sql);
rs = stm.executeQuery();
while(rs.next()){
s += rs.getString(1)+str1+rs.getString(2)+str2;
}
} catch (Exception e) {
e.printStackTrace();
} finally {
DBUtil.close(rs, stm, cn);
}
return s;
}