How to use a variable in preparedstatement for sql query?

前端未结

关注

 2  1798

I am doing a web-application project in eclipse Java EE. Currently, my application returns all values in the database which stores personal information of employees. However, I

相关标签:

2条回答

庸人自扰

2021-01-29 10:25

You need to use parameters in your prepared statement, e.g. as follows:

PreparedStatement ps = con.prepareStatement("select ... where employeeID = ?");
ps.setInt(1, 1234);

Or with a named parameter:

PreparedStatement ps = con.prepareStatement("select ... where employeeID = :employeeId");
ps.setInt("employeeId", 1234);

0 讨论(0)

暖寄归人

2021-01-29 10:46

Pass the value of employeeID from previous Servlet to current Servlet .

Replace id:1243 with placeHolder:  ? .

Then set its value ps.setInt(1,"value that you got from previous servlet");

changes to PersonalInfoOutput.java :

HttpSession session = request.getSession(false);

            if(session != null) { 
                String employeeid = (String)session.getAttribute("employeeid"); 
            }

to :

HttpSession session = request.getSession(false);
 String employeeid="";

            if(session != null) { 
                employeeid = (String)session.getAttribute("employeeid"); 
            }

0 讨论(0)