日期:2014-05-18  浏览次数:20632 次

如何将Java中的变量引入SQL中?
int   yearfr   =   Integer.parseInt(request.getParameter( "StartYear "));
              int   monthfr   =   Integer.parseInt(request.getParameter( "StartMonth "));
              int   yearto   =   Integer.parseInt(request.getParameter( "EndMonth "));
              int   monthto   =   Integer.parseInt(request.getParameter( "EndMonth "));
              float   fee   =   Float.parseFloat(request.getParameter( "Fee "));
              String   operator   =   (String)session.getAttribute( "UserCode ");
              Date   nowDate   =   new   Date(System.currentTimeMillis());

String   sql1     =   "   insert   into   social.grant4(personid,yearfr,monthfr,yearto,monthto,fee,operator,opertime) ";
                              sql1   +=   "   select   s.personid,@yearfr,@monthfr,@yearto,@monthto,@fee,@operator,@nowDate ";
                              sql1   +=   "   from   social.soclogin   s,social.paysoc   p,sqdta.community   c,sqdta.street   t ";
                              sql1   +=   "   where   s.personid=p.personid   and   p.ispay= '1 '   and   s.livcomm   =   c.commid   and   c.streetid   =   t.streetid   and   t.branchid= ' "+strBranchID+ " ' ";

这样引用好像不行

------解决方案--------------------
------------ lz 这个意思麽?
int yearfr = Integer.parseInt(request.getParameter( "StartYear "));
int monthfr = Integer.parseInt(request.getParameter( "StartMonth "));
int yearto = Integer.parseInt(request.getParameter( "EndMonth "));
int monthto = Integer.parseInt(request.getParameter( "EndMonth "));
float fee = Float.parseFloat(request.getParameter( "Fee "));
String operator = (String)session.getAttribute( "UserCode ");
Date nowDate = new Date(System.currentTimeMillis());

String sql1 = " insert into social.grant4(personid,yearfr,monthfr,yearto,monthto,fee,operator,opertime) ";
sql1 += " select s.personid, "+yearfr+ ", "+monthfr+ ", "+yearto+ ", "+monthto+ ", "+fee+ ", "+operator+ ", "+nowDate;
sql1 += " from social.soclogin s,social.paysoc p,sqdta.community c,sqdta.street t ";
sql1 += " where s.personid=p.personid and p.ispay= '1 ' and s.livcomm = c.commid and c.streetid = t.streetid and t.branchid= ' "+strBranchID+ " ' ";