sql拼接单引号的处理

示例：

若没有变量很简单：

String sql = "SELECT * FROM user WHERE name= 'Jack' and password = '123456' ";

若有变量进行动态拼接，写法如下：

String sql = "SELECT * FROM user WHERE name= '"+name+"' and password = '"+password+"' ";

步骤：

SELECT * FROM user WHERE name= '' and password = '' ;

先在'' 中添加 ""

SELECT * FROM user WHERE name= '""' and password = '""' ;

然后在 " " 中添加两个+号，然后在 ++ 中添加 要动态传入的字符串，然后把语句 复制到 String sql = **" "**; 中的引号中

String sql = "SELECT * FROM user WHERE name= '"+name+"' and password = '"+password+"' ";