Appending a string to a SQL table

stmt="SELECT * FROM people_?"

stmt.setString(1, year);开发者_Go百科

The table names that I am trying to call are based on year (people_2009, people_2010, etc....), I have the year set to a java variable. I know the code above wont work, because it would put quotes around the year, but is there a way to append the string on the table name, or any other way to go about this?

You could just do.

stmt="SELECT * FROM people_" + year;

Which should work fine. Just ensure you properly verify that year variable before appending it, or you might end up with an SQL injection problem. If year is of type int, then no verification would be needed to stop sql injection, but you might want to verify the range to ensure the table exists.

This should work:

String stmt = "SELECT * FROM people_" + year;