现在的公司经常使用PreparedStatement,防止sql注入,但有时设置的参数就忘记咋看了,做下记录,下次直接翻阅博客
// 代码块
PreparedStatement statement = null;
DruidPooledConnection connection = null;
connection = this.getUCDruidConnection();
String sql="select * from xxxx where xx=? and xx=? and xx=? and xx=? and xxx=? and xxx=? and xxx=? and xxx=? and xxx=?";
statement = connection.prepareStatement(sql);
statement.setInt(1, xxx);
statement.setInt(2, xxx);
打开后就可以看到我们存放的参数:
展开parameters,便可看到设置的值: