如果我理解您的问题,那么您就使用了问题
Statement.executeQuery(String)。我可以肯定您打算使用
PreparedStatement.executeQuery(),
// Let us select all the records and display them.ResultSet rs = stmt.executeQuery(sql); // <-- adding sql here makes it use the // Statement version.
你想用
// Let us select all the records and display them.ResultSet rs = stmt.executeQuery(); // <-- use the version from PreparedStatement
