PreparedStament sql预处理对象
PreparedStament pst =null;
String sql =" SELECT `userName`,`password` FROM `news_user` WHERE `userName` = ? AND `password` = ? " ;
Object[] pars ={user.getName(),user.getPwd()};
pst = connection.prepareStatement(sql);
for(int i =0;i<pars.length;i++;){
pst.setObject(i+1,parms[i]) //?占位符的初始下标为1,所以为了对应,i+1
}
int count = pst.excuteUpdate(); //执行失败返回-1 成功 有多少条返回多少条
Session
session创建:request.getsession()
赋值 :session.setAttribute("","")
获取: session.getAttribute("","")