我的sql语句为
String Name = "123";
String sql = "SELECT * FROM shops WHERE name="+Name; Statement statement = connection.createStatement(); //然后执行,报错
报错
"Unknown column 'xxx' in 'where clause' "
解决方案:更换Statement 为PreparedStatement,并使用setString(int i,String str)方法。
String sql = "SELECT * FROM shops WHERE name=?"; try { PreparedStatement ps = connection.prepareStatement(sql); ps.setString(1,Name); ResultSet rs = ps.executeQuery();