????????дJ(rèn)DBC??????????????????SQL????к?????????????е???????????????仰???mysql??????в?????????????????????????????????PreparedStatement???????????Щ??????????????????????????????????????????????涯????????????????б?????????????????????????????????SQL???д??????У???????????????????????????"????????????????

package oop.hu.ytu.dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import oop.hg.ytu.beans.LoginBean;
import oop.hg.ytu.utils.JdbcUtils;

/**
 * ??????????????
 * ??author Administrator
 *
 */
public class LoginDomain {
 public LoginBean ??String tableName??String username??{
  Connection con = null;
  PreparedStatement pt = null;
  ResultSet rs = null;
  LoginBean bean = new LoginBean????;
 
  try {
   username = """+username+""";
   con = JdbcUtils.getConnection????;
   String sql = " name??password "+tableName+" where name="+username+"";
   pt = con.prepareStatement??sql??;
  // pt.setString??1?? tableName??;
  // pt.setString??2?? u??;
   rs = pt.executeQuery????;
   while??rs.next??????{
    bean.setUsername??rs.getString??"name"????;
    bean.setPassword??rs.getString??"password"????;
   }
  } catch ??Exception e?? {
   throw new RuntimeException??e??;
  }finally{
   JdbcUtils.free??rs?? pt?? con??;
  }
  return bean;
 }
}

username = """+username+""";??仰?????????????????????????

<pre name="code" class="java" style="background-color: rgb??255?? 255?? 255??; ">String sql = " name??password "+tableName+" where name="+username+"";

??????仰???????????????PreparedStatement??????????????????????????????????????????У???????????????????????????????????????????????????????????