1.转为带参数查询

String sql=""select id from student where name='?';

Connection connect = DriverManager.getConnection("jdbc:mysql://10.82.80.7:3306/haitao", "root", "123456");

PreparedStatement pStmt = connect.prepareStatement( sql);

pStmt.setString(1, name);

pStmt.executeUpdate();

2.将字符串中的单引号转换为两个单引号。