87,910
社区成员
发帖
与我相关
我的任务
分享数据库查询问题,请大家帮忙看看
public static List getSalaryList(double jiaBanFei, double qingJiaFei,
double queQinFei, String year, String month) {
List list = new ArrayList();
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
int year1 = Integer.parseInt(year);
int month1 = Integer.parseInt(month);
boolean has = false;
try {
conn = DB.getConnection();
stmt = conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,
ResultSet.CONCUR_READ_ONLY);
String sql = "select count(*) from salaryinfo where syear='" + year1
+ "' and smonth='" + month1 + "'";//查询这个月的薪资表是否生成
rs = stmt.executeQuery(sql);
if (rs.next()) {
int i = rs.getInt(1);
if (i > 0) {
has = true;
}
}
rs.close();
if (has == false) //生成薪资表
{
}
sql = "select salaryinfo.impId,imployeeinfo.impName,salaryinfo.syear,"
+ "salaryinfo.smonth,salaryinfo.sBase,salaryinfo.sExtra,"
+ "salaryinfo.sHoliday,salaryinfo.sAbsence,salaryinfo.sTotal,"
+ "salaryinfo.sState from salaryinfo,imployeeinfo "
+ "where salaryinfo.impId=imployeeinfo.impId";
rs = stmt.executeQuery(sql);
while (rs.next()) {
String impId1 = rs.getString("impId");
String impName = new String(rs.getString("impName"));
String opyear = rs.getString("syear");
String opmonth = rs.getString("smonth");
double sBase = rs.getDouble("sBase");
double sExtra = rs.getDouble("sExtra");
double sHoliday = rs.getDouble("sHoliday");
double sAbsence = rs.getDouble("sAbsence");
double sTotal = rs.getDouble("sTotal");
int sState = rs.getInt("sState");
SalaryRecord sr = new SalaryRecord(impId1, impName, opyear,
opmonth, sBase, sExtra, sHoliday, sAbsence, sTotal,sState);
list.add(sr);
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
if (conn != null) {
conn.close();
}
if (stmt != null) {
stmt.close();
}
if (rs != null) {
rs.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
return list;
}
红字这我想再写where语句选取符合用户输入的year1和month1的数据,但总是要么显示没数据要么出错,请大家帮我看一下
double queQinFei, String year, String month) {
List list = new ArrayList();
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
int year1 = Integer.parseInt(year);
int month1 = Integer.parseInt(month);
boolean has = false;
try {
conn = DB.getConnection();
stmt = conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,
ResultSet.CONCUR_READ_ONLY);
String sql = "select count(*) from salaryinfo where syear='" + year1
+ "' and smonth='" + month1 + "'";//查询这个月的薪资表是否生成
rs = stmt.executeQuery(sql);
if (rs.next()) {
int i = rs.getInt(1);
if (i > 0) {
has = true;
}
}
rs.close();
if (has == false) //生成薪资表
{
}
sql = "select salaryinfo.impId,imployeeinfo.impName,salaryinfo.syear,"
+ "salaryinfo.smonth,salaryinfo.sBase,salaryinfo.sExtra,"
+ "salaryinfo.sHoliday,salaryinfo.sAbsence,salaryinfo.sTotal,"
+ "salaryinfo.sState from salaryinfo,imployeeinfo "
+ "where salaryinfo.impId=imployeeinfo.impId";
rs = stmt.executeQuery(sql);
while (rs.next()) {
String impId1 = rs.getString("impId");
String impName = new String(rs.getString("impName"));
String opyear = rs.getString("syear");
String opmonth = rs.getString("smonth");
double sBase = rs.getDouble("sBase");
double sExtra = rs.getDouble("sExtra");
double sHoliday = rs.getDouble("sHoliday");
double sAbsence = rs.getDouble("sAbsence");
double sTotal = rs.getDouble("sTotal");
int sState = rs.getInt("sState");
SalaryRecord sr = new SalaryRecord(impId1, impName, opyear,
opmonth, sBase, sExtra, sHoliday, sAbsence, sTotal,sState);
list.add(sr);
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
if (conn != null) {
conn.close();
}
if (stmt != null) {
stmt.close();
}
if (rs != null) {
rs.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
return list;
}
红字这我想再写where语句选取符合用户输入的year1和month1的数据,但总是要么显示没数据要么出错,请大家帮我看一下
...全文
请发表友善的回复…
发表回复
孟子E章 2018-03-20
- 打赏
- 举报
另外,为了数据库不被注入,请采用参数化的sql语句写法。
孟子E章 2018-03-20
- 打赏
- 举报
String sql = "select count(*) from salaryinfo where syear='" + year1
+ "' and smonth='" + month1 + "'";//查询这个月的薪资表是否生成
syear smonth字段类型是字符型还是数字的?数字类型的不要引号
String sql = "select count(*) from salaryinfo where syear=" + year1
+ " and smonth=" + month1
+ "' and smonth='" + month1 + "'";//查询这个月的薪资表是否生成
syear smonth字段类型是字符型还是数字的?数字类型的不要引号
String sql = "select count(*) from salaryinfo where syear=" + year1
+ " and smonth=" + month1
