public class ListServlet extends HttpServlet{
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
try {
req.setCharacterEncoding("utf-8");
String command = req.getParameter("command");
System.out.println(command);
String description = req.getParameter("description");
System.out.println(description);
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/micro_message","root","123456");
StringBuilder sql = new StringBuilder("select ID,COMMAND,DESCRIPTION,CONTENT from message where 1=1");
List<String> paramList = new ArrayList<String>();
if(command != null && !"".equals(command.trim())){
sql.append(" and COMMAND='"+command+"' ");
paramList.add(command);
}
if(description != null && !"".equals(description.trim())){
sql.append(" and DESCRIPTION like '%' '"+description+"' '%' ");
paramList.add(description);
}
PreparedStatement ps = con.prepareStatement(sql.toString());
for(int i = 0 ; i < paramList.size(); i ++ ){
ps.setString(i + 1, paramList.get(i));
}
ResultSet rs = ps.executeQuery();
List<Message> messageList = new ArrayList<Message>();
while(rs.next()){
Message message = new Message();
messageList.add(message);
message.setId(rs.getString("ID"));
message.setCommand(rs.getString("COMMAND"));
message.setDescription(rs.getString("DESCRIPTION"));
message.setContent(rs.getString("CONTENT"));
}
req.setAttribute("messageList", messageList);
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
req.getRequestDispatcher("/WEB-INF/jsp/back/list.jsp").forward(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
this.doGet(req, resp);
}
}
sql.append你里面的引号有问题