servlet中怎么写sql语句
日期:2014-05-17 浏览次数:20743 次
servlet中如何写sql语句?
代码是这样的:
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("GBK");
response.setContentType("text/html;charset=GBK");
response.setCharacterEncoding("GBK");
String username = (String)request.getSession().getAttribute("user");
String unitname = request.getParameter("units");
String sql1="select * from student_sch where uname="+username+" and unitname="+unitname+" order by unitname asc,snumber asc";
String sql2="select * from student_org where uname="+username+" and unitname="+unitname+" order by unitname asc,identityId asc";
ResultSet rs = null;
try {
openDB();
stmt = conn.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
if(isSchool(request, response)){
rs = stmt.executeQuery(sql1);
}else{
rs = stmt.executeQuery(sql2);
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
if(rs!=null && !rs.next()){
request.setAttribute("unitStuString", "empty");
}else{
request.setAttribute("unitStuResultSet", rs);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
request.getRequestDispatcher("main/chargeManage/stuList_View.jsp").forward(request, response);
}
字符编码没问题,也不管username和unitname是不是取到值了,只是那两个sql语句写的不对,是不是不能用+连接?这种情况下的sql语句应该怎么写啊?
我用的是mysql5.5
错误提示是com.mysql.jdbc.exceptions.jdbc4.MYSQLSyntaxErrorException: Unknown column '一堆乱码打不出来' in 'where clause'。
拜谢了!!
------解决方案--------------------
String sql1="select * from student_sch where uname="+username+" and unitname="+unitname+" order by unitname asc,snumber asc";
==》
String sql1="select * from student_sch where uname='"+username+"' and unitname='"+unitname+"' order by unitname asc,snumber asc";
sql2也类似
代码是这样的:
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("GBK");
response.setContentType("text/html;charset=GBK");
response.setCharacterEncoding("GBK");
String username = (String)request.getSession().getAttribute("user");
String unitname = request.getParameter("units");
String sql1="select * from student_sch where uname="+username+" and unitname="+unitname+" order by unitname asc,snumber asc";
String sql2="select * from student_org where uname="+username+" and unitname="+unitname+" order by unitname asc,identityId asc";
ResultSet rs = null;
try {
openDB();
stmt = conn.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
if(isSchool(request, response)){
rs = stmt.executeQuery(sql1);
}else{
rs = stmt.executeQuery(sql2);
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
if(rs!=null && !rs.next()){
request.setAttribute("unitStuString", "empty");
}else{
request.setAttribute("unitStuResultSet", rs);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
request.getRequestDispatcher("main/chargeManage/stuList_View.jsp").forward(request, response);
}
字符编码没问题,也不管username和unitname是不是取到值了,只是那两个sql语句写的不对,是不是不能用+连接?这种情况下的sql语句应该怎么写啊?
我用的是mysql5.5
错误提示是com.mysql.jdbc.exceptions.jdbc4.MYSQLSyntaxErrorException: Unknown column '一堆乱码打不出来' in 'where clause'。
拜谢了!!
------解决方案--------------------
String sql1="select * from student_sch where uname="+username+" and unitname="+unitname+" order by unitname asc,snumber asc";
==》
String sql1="select * from student_sch where uname='"+username+"' and unitname='"+unitname+"' order by unitname asc,snumber asc";
sql2也类似
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
