UC知道JSP 用pstmt.executeUpdate 修改密码出现问题.
来源:百度知道 编辑:UC知道 时间:2024/06/08 19:16:11
final String DBDRIVER = "com.microsoft.jdbc.sqlserver.SQLServerDriver";
final String DBURL = "jdbc:microsoft:sqlserver://127.0.0.1:1433;databaseName=zdl";
Connection conn = null;
PreparedStatement pstmt = null;
boolean flag = false;
String username = request.getParameter("username");//从上个页面调入的用户名
String pswd = request.getParameter("pswd");//输入的旧密码
String pswd1 = request.getParameter("pswd1");//新密码
String sql = "UPDATE user_info set pswd=='" + pswd1 + "' WHERE username='" + username + "' and pswd='" + pswd + "'";
try {
Class.forName(DBDRIVER);
conn = DriverManager.getConnection(DBURL, "sa", "rodlee");
pstmt = conn.prepareStatement(sql);
pstmt.executeUpdate(sql);
pstmt.close();
co
final String DBURL = "jdbc:microsoft:sqlserver://127.0.0.1:1433;databaseName=zdl";
Connection conn = null;
PreparedStatement pstmt = null;
boolean flag = false;
String username = request.getParameter("username");//从上个页面调入的用户名
String pswd = request.getParameter("pswd");//输入的旧密码
String pswd1 = request.getParameter("pswd1");//新密码
String sql = "UPDATE user_info set pswd=='" + pswd1 + "' WHERE username='" + username + "' and pswd='" + pswd + "'";
try {
Class.forName(DBDRIVER);
conn = DriverManager.getConnection(DBURL, "sa", "rodlee");
pstmt = conn.prepareStatement(sql);
pstmt.executeUpdate(sql);
pstmt.close();
co
String sql = "UPDATE user_info set pswd=='" + pswd1 + "' WHERE username='" + username + "' and pswd='" + pswd + "'";
这句中第一个pwsd后面有两个等号,去掉一个试试.另外建议将程序改进如下.
String sql = "UPDATE user_info set pswd=? WHERE username=? and pswd=?";
try {
Class.forName(DBDRIVER);
conn = DriverManager.getConnection(DBURL, "sa", "rodlee");
pstmt = conn.prepareStatement(sql);
pstmt.setString(1,pwsd1);
pstmt.setString(1,pwsd);
pstmt.setString(1,username);
pstmt.executeUpdate(sql);
这样正确的利用PreparedStatement的预处理功能.