JAVA给SQL语句传参方式主要有两种:
1.字符串“ ‘"+变量+"’ ”方式(最外边是单引号,里面是双引号)
2.占位符“?”方式
值得注意的是两种传参方式对sql内置函数传参也同样适用
下面给出试例:
ResultSet resultset=null;
//创建一个PreparedStatement对象
PreparedStatement stmt=null;
//1.字符串方式
int id=1234;
String sql ="SELECT * FROM TABLE WHERE ID='"+id+"' ";
stmt=connection.prepareStatement(sql);
//给函数传参
//Timestamp time = new Timestamp(System.currentTimeMillis());
//String sql="SELECT * FROM TABLE WHERE DATEDIFF(DAY,adatetime,'"+time+"')=1";
//stmt=connection.prepareStatement(sql);
//2.占位符方式
String id="1234";
String sql ="SELECT * FROM TABLE WHERE ID=?";
stmt=connection.prepareStatement(sql);
stmt.setString(1,id); //这里的1是指第1个占位符也就是问号,多个传参以此类推
//给函数传参
//Timestamp time = new Timestamp(System.currentTimeMillis());
//String sql="SELECT * FROM TABLE WHERE DATEDIFF(DAY,adatetime,?)=1";
//stmt=connection.prepareStatement(sql);
//stmt.setTimestamp(1,time);
resultset=stmt.executeQuery();