String[] names = new String[]{'name1','name2','name3'};
StringBuffer buffer = new StringBuffer();
buffer.append(names[0]).append(",").append(names[1]).append(",").append(names[2]);
String sql = "select e.* from employee e where e.name in (?)";
rs = pstmt.excuteQuery(sql);
pstmt.setString(1,buffer.toString());
上面的sql会被翻译成:select e.* from employee e where e.namme in {name1,name2,name3}
这{name1,name2,name3}会被当成一个变量,即一串字符,逗号也是字符的一部分,
所以它会到数据库中查是否有name为'name1,name2,name3'的记录
正确代码:
String[] names = new String[]{'name1','name2','name3'};
String sql = "select e.* from employee e where e.name in (?,?,?)";
rs = pstmt.excuteQuery(sql);
pstmt.setString(1,names[0]);
pstmt.setString(2,names[1]);
pstmt.setString(3,names[2]);
上面的sql会被翻译成:select e.* from employee e where e.namme in (name1,name2,name3)
它会到数据库中查是否有name为'name1','name2'或者为'name3'的记录