您不需要第二次使用queryString,因为您可以用以下方式“告诉” prepareStatement字符串:
pstatement = connection.prepareStatement(queryString);
这是正确的方法:
pstatement = connection.prepareStatement(queryString); pstatement.setString(1, search); rs = pstatement.executeQuery();解决方法
尝试从数据库连接和检索数据时出现此类错误。
方法executeQuery()不能在PreparedStatement或CallableStatement上接受参数。
我的代码是这样的。
String search = request.getParameter('searchstudent');out.println(search);String connectionURL = 'jdbc:sqlserver://localhost:1433;databaseName=Chingdb; integratedSecurity=true;'; Connection connection = null; PreparedStatement pstatement = null; Class.forName('com.microsoft.sqlserver.jdbc.SQLServerDriver'); ResultSet rs = null;int updateQuery = 0;if(request.getParameter('editstudent')!= null){ try {connection = DriverManager.getConnection(connectionURL,'root','root'); String queryString = 'SELECT P_ID,lname,fname,mname FROM stu_info Where lname = ?'; pstatement = connection.prepareStatement(queryString); pstatement.setString(1,search); rs = pstatement.executeQuery(queryString);updateQuery = pstatement.executeUpdate();%><TABLE cellpadding='15' border='1' style='background-color: #ffffcc;'><%while (rs.next()) {%><TR><TD><%=rs.getInt(1)%></TD><TD><%=rs.getString(2)%></TD><TD><%=rs.getString(3)%></TD><TD><%=rs.getString(4)%></TD></TR></TABLE><%rs.close();pstatement.close();connection.close();}} catch(Exception e){ out.println(e); } }