import java.sql.Statement;
import java.sql.ResultSet;
import javax.servlet.http.HttpServletRequest;
public class myInjection {
Statement statement=new Statement();//这边为什么报错
public void testMethod(HttpServletRequest request){
StringBuffer sqlStatement=
new StringBuffer(
"select * from employee where userid=");
String id=request.getParameter("userid");
if(id!=null)
sqlStatement.append(id);
else
sqlStatement.append("");
ResultSet results=statement.executeQuery(sqlStatement.toString());
}
}
------解决方案--------------------
Statement?对象不是new出来的,是通过Connection.createStatement()方法创建的, java.sql.Statement是接口,你怎么new。。
代码一般这样:
Connection cc=DriverManager.getConnection("", "", "");
Statement st=cc.createStatement();