我有以下针对每个产生的订单项调用的函数。有谁知道如何加快速度?
private String getDetails(String doc){
String table="";
java.sql.ResultSet rs = qw.DBquery("select " +
"id,LineType, QtyTotal, ManufacturerPartNumber, Description, UnitCost,UnitPrice " +
"From DocumentItems " +
"where DocID="+doc+" order by linenumber " +
"");
table+= "<table class=inner><thead><colgroup><col id='col1'><col id='col2'><col id='col3'><col id='col4'><col id='col5'></colgroup>" +
"<tr class='enetBlue'><th>Qty</th><th>Part Num</th><th>Description</th><th>Unit Cost</th><th>Unit Price</th></tr></thead>" +
"<tbody>";
try{
int odd = 0;
while(rs.next()){
int lineType = rs.getInt("LineType");
int qty = rs.getInt("QtyTotal");
String part = rs.getString("ManufacturerPartNumber");
String desc = rs.getString("Description");
float cost = rs.getFloat("UnitCost");
float price = rs.getFloat("UnitPrice");
String id = rs.getString("id");
String clas="";
if (odd==0) odd=1; else odd=0;
clas="red";
if (lineType==2) clas="yellow";
if (lineType==3) clas="yellow";
if (lineType==4) clas="yellow";
if (qty==0) clas="yellow";
java.sql.ResultSet rs2 = mas.DBquery("select itemkey from timitem where itemid = '"+part+"'");
while (rs2.next())
{
if (odd==1) clas="odd";
if (odd==0) clas="even";
}
table+="<tr class='"+clas+"'><td>"+qty+"</td>\n"+
"<td>"+part+"</td>\n"+
"<td>"+desc+"</td>\n"+
"<td>"+cost+"</td>\n"+
"<td>"+price+"</td></tr>\n";
//if clas=red | means item is not found in MAS, gear for insert.
if (clas=="red") {
table+="<tr ><td colspan=5><table border=1><tr><td colspan=2>\n";
//get unit measure key
try {
table+="<form name=masinsert"+id+" method=get action=MASInsert>\n";
table+="<input type=hidden name=\"partnumber"+id+"\" value=\""+part+"\">\n";
table+="<input type=hidden name=\"itemcost"+id+"\" value=\""+cost+"\">\n";
table+="<input type=hidden name=\"itemlistprice"+id+"\" value=\""+price+"\">\n";
table+="<input type=hidden name=\"itemdescription"+id+"\" value=\""+desc+"\">\n";
table+="</td><tr>\n";
java.sql.ResultSet rsUM = mas.DBquery("select * from tciUnitMeasure where companyid like 'ENS' ");
table+="<tr bgcolor=#990033><td align=left valign=top>Unit Measure</td><td align=left valign=top><select name=\"UnitMeasKey\">";
while(rsUM.next())
{
table+="<option value=\"" + rsUM.getString("UnitMeasKey") + "\">" + rsUM.getString("UnitMeasID") + "</option>\n";
}//end while rs1
table+="</select></td></tr>\n";
//build ItemClass options from mas: Puchase ProductLine
java.sql.ResultSet rsPP = mas.DBquery("select * from timPurchProdLine where companyID = 'ENS'");
int k = 0;
table+= "<tr bgcolor=#990033><td align=left valign=top>Purchase Product Line</td><td align=left valign=top><select name=\"PurchProdLine\">\n";
while(rsPP.next())
{
table+="<option value=\"" + rsPP.getString("PurchProdLineKey") + "\">" + rsPP.getString("Description") + "</option>\n";
}//end while rsPP
table+="</select></td></tr>\n";
//build item classkey options
java.sql.ResultSet rsIC = mas.DBquery("select * from timItemClass where companyID = 'ENS' order by itemclassname desc");
table+= "<tr bgcolor=#990033><td align=left valign=top>Item Class :</td><td align=left valign=top><select name=\"itemclasskey\">\n";
while(rsIC.next())
{
table+="<option value=\"" + rsIC.getString("itemclasskey") + "\">" + rsIC.getString("ItemClassName") + "</option>\n";
}//end while rs1
table+="</select></td></tr>";
table+="<tr><td colspan=2><input id='m"+id+"' type=\"button\" onclick=\"masinsert('"+ id +"')\" value=\"Add to MAS\"></td></tr>";
table+="</table>\n";
}catch(Exception e){} //end try
table+="</form>\n";
table+="</td></tr>";
}//end if clas=red
}//end while
}catch(java.sql.SQLException e){
e.printStackTrace();}
table+="</tbody></table>";
return table;
}
提前致谢
最佳答案
使用预编译的参数化PreparedStatment,而不是每次都使用String级联来构建它。这还将解决以下事实:您当前的代码(如果doc是用户输入的变量)容易受到SQL Injection攻击。