-----------代码来自某ASP木马-----------
Function GetFileSize(size)
Dim FileSize
FileSize=size / 1024
FileSize=FormatNumber(FileSize,2)
If FileSize < 1024 and FileSize > 1 then
GetFileSize="<font color=red>"& FileSize & "</font> KB"
ElseIf FileSize >1024 then
GetFileSize="<font color=red>"& FormatNumber(FileSize / 1024,2) & "</font> MB"
Else
GetFileSize="<font color=red>"& Size & "</font> Bytes"
End If
End Function
----------------------------------------
ACTION的代码:showuser.do
String username = null;
username = request.getParameter("username");
Service service = new Service();
service.findByUsername(username);
得到参数后调用service,service层直接交给了Dao层,dao的代码:
public Object findByUsername(String username)
{
JdbcTemplate jt=new JdbcTemplate();
String sql = "select * from Users where username='"+username"'";
List list = jt.query(sql);
...................
}
public Object findByUsername(String username)
{
JdbcTemplate jt=new JdbcTemplate();
String sql = "select * from Users where username=?";
List list = jt.query(sql,new Object[1]{username});
...................
}