1.转为带参数查询
String sql=""select id from student where name='?';
Connection connect = DriverManager.getConnection("jdbc:mysql://10.82.80.7:3306/haitao", "root", "123456");
PreparedStatement pStmt = connect.prepareStatement( sql);
pStmt.setString(1, name);
pStmt.executeUpdate();
2.将字符串中的单引号转换为两个单引号。