日期:2014-05-18  浏览次数:20641 次

怎样过滤
StringBuffer   sql=new   StringBuffer( "from   Goodsinfo   g   where   g.giAcceptstage=:estate "   );
if(goodsid!=null   &&   !equals( " ")   )   {
sql.append( "   and   g.giId= ' "+goodsid+ " ' ");
}
if(starttime!=null   &&     !equals( " "))   {
sql.append( "   and   g.giAccepttime   > = ' "+formatDate.format(starttime)+ " '   ");
}
if(endtime!=null   &&   !equals( " ")){
sql.append( "   and   g.giAccepttime <= ' "+formatDate.format(endtime)+ " ' ");
}
if(arrivestage!=null   &&   !equals( " ")   ){
System.out.println( "arrivestage++++ "+arrivestage);
sql.append( "   and   g.giArrivestage   like   '% "+arrivestage+ "% '   ");
}
当我输入空值的时候,为是么sql语句还是会拼呢?
and   (goodsinfo0_.GI_settlementwise   like   '%% ')   and   (goodsinfo0_.GI_fillman   like   '%% ')
是不是我没有过滤完呢?


------解决方案--------------------
if(goodsid!=null && !equals( " "))
判断条件可以这样写吗

这是我写的测试 编译通不过
public class Test
{
public static void main(String[] args){
String goodsid= " ";
if(goodsid!=null && !equals( " ")){ //exception
System.out.print(goodsid);
}
}
}
//exception
无法从静态上下文中引用非静态 方法 equals(java.lang.Object)
------解决方案--------------------
!goodsid.equals( " ")