怎样过滤
StringBuffer sql=new StringBuffer( "from Goodsinfo g where g.giAcceptstage=:estate " );
if(goodsid!=null && !equals( " ") ) {
sql.append( " and g.giId= ' "+goodsid+ " ' ");
}
if(starttime!=null && !equals( " ")) {
sql.append( " and g.giAccepttime > = ' "+formatDate.format(starttime)+ " ' ");
}
if(endtime!=null && !equals( " ")){
sql.append( " and g.giAccepttime <= ' "+formatDate.format(endtime)+ " ' ");
}
if(arrivestage!=null && !equals( " ") ){
System.out.println( "arrivestage++++ "+arrivestage);
sql.append( " and g.giArrivestage like '% "+arrivestage+ "% ' ");
}
当我输入空值的时候,为是么sql语句还是会拼呢?
and (goodsinfo0_.GI_settlementwise like '%% ') and (goodsinfo0_.GI_fillman like '%% ')
是不是我没有过滤完呢?
[解决办法]
if(goodsid!=null && !equals( " "))
判断条件可以这样写吗
这是我写的测试 编译通不过
public class Test
{
public static void main(String[] args){
String goodsid= " ";
if(goodsid!=null && !equals( " ")){ //exception
System.out.print(goodsid);
}
}
}
//exception
无法从静态上下文中引用非静态 方法 equals(java.lang.Object)
[解决办法]
!goodsid.equals( " ")
