模糊查询时用到prepareStatement在SQL语句里的问号怎么写
我用了prepareStatement(sql)来防止SQL注入问题，出入的SQL语句参数全部用?代替的，但是我有用到模糊查询不知道模糊查询的SQL语句的参数怎么用？取代。
我是这么写的，但是查不到结果，那位高手可以指点一下啊，先谢了：
select * from book_info where book_name like '%?%' and book_type like'%?%' and book_author like '%?%' and book_publisher like '%?%'

[解决办法]
要+连接字符串
select * from book_info where book_name like '%'+?+'%' and book_type like'%'+?+'%' and book_author like '%'+?+'%' and book_publisher like '%'+?+'%'

[解决办法]
select * from book_info where book_name like '%"+?+"%' and book_type like'"%+?+"%' and book_author like '%"+?+"%' and book_publisher like '%"+?+"%'
上面这样写就OK了
记得要多结贴！
[解决办法]