我想使用WHERE子句选择SQL数据,但是我不知道如何使用它。
我期望的SQL查询:SELECT * FROM OLSUSER WHERE user=login_user;
这是我的带有Java Sciptlet标签的HttpSession
<%
HttpSession sessions = request.getSession(false);
String login_user = (String) sessions.getAttribute("l_user");
String login_role = (String) sessions.getAttribute("l_role");
%>
这是带有Sciptlet标记的SQL选择
<%
try {
Class.forName("org.apache.derby.jdbc.ClientDriver");
Connection con = (Connection) DriverManager.getConnection(
"jdbc:derby://localhost:1527/sample", "app", "app");
Statement st = con.createStatement();
ResultSet rs = st.executeQuery("select * from OLSOrder");
%><table border=1 align=center style="text-align: center">
<tbody>
<tr>
//table data
答案 0 :(得分:0)
您可以使用 PreparedStatement 在select查询中传递值。例如:-
<%
HttpSession sessions = request.getSession(false);
String login_user = (String) sessions.getAttribute("l_user");
String login_role = (String) sessions.getAttribute("l_role");
try {
Class.forName("org.apache.derby.jdbc.ClientDriver");
Connection con = (Connection) DriverManager.getConnection(
"jdbc:derby://localhost:1527/sample", "app", "app");
//passing your query in preparestatement using (?)
PreparedStatement ps = con.prepareStatement("select * from OLSUSER where user=?");
//putting value for placeholder (?)
ps.setString(1,login_user);
ResultSet resultset= ps.executeQuery();
%>
<!--printing table-->
<table align="center" cellpadding="2" cellspacing="2" border="1">
<tr bgcolor="#d9ac26">
<th>Columnname</th>
<th>Columnname </th>
<!--print same as above-->
</tr>
<% while(resultset.next()){ %>
<tr>
<td><%=resultset.getString("yourcolumnname")%> </td>
<td><%=resultset.getString("yourcolumnname")%> </td>
<!--print same as above-->
</tr>
<% } %>
</table>