jdbc 组合查找+分页

package action;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import page.page;
import page.pageUtils;

import manager.UserManager;
import factory.factory;

public class searchUserAction extends webAction {

 public void execute(HttpServlet servlet, HttpServletRequest request,
 HttpServletResponse response) {
 // 接受当前页参数
 String currentPageStr = request.getParameter("currentPage");
 int currentPage = 0;
 if (currentPageStr == null || "".equals(currentPageStr))
 currentPage = 1;
 else 
 currentPage = Integer.parseInt(currentPageStr);

 Object[] args=new Object[6];
 List argsList = new ArrayList();
 List valueList=new ArrayList();
 //分页：传递的分页查询的条件和值
 String argsListStr = request.getParameter("argsList");
 String argsvalueStr = request.getParameter("valueList");
 //没有传递的分页查询的条件和值，即第一次也是唯一从用户输入获取查询条件和值，
 if ("[]".equals(argsvalueStr) || argsvalueStr == null || "[]".equals(argsListStr)
 || argsListStr == null) {
 String ID = request.getParameter("id");
 String name = request.getParameter("name");
 String address = request.getParameter("address");
 String email = request.getParameter("email");
 String phone = request.getParameter("phone");
 String regTime = request.getParameter("regTime");

 if (ID != null && !"".equals(ID)) {
 argsList.add("id=? ");
 valueList.add(ID);
 }
 if (name != null && !"".equals(name)) {
 argsList.add("name=? ");
 valueList.add(name);
 }
 if (address != null && !"".equals(address)) {
 argsList.add("address=? ");
 valueList.add(address);
 }
 if (email != null && !"".equals(email)) {
 argsList.add("email=? ");
 valueList.add(email);
 }
 if (phone != null && !"".equals(phone)) {
 argsList.add("phone=? ");
 valueList.add(phone);
 }
 if (regTime != null && !"".equals(regTime)) {
 argsList.add("regTime=? ");
 valueList.add(regTime);
 }
 } else {
 //System.out.println(argsvalueStr.substring(1,argsvalueStr.length()-1));
 //System.out.println(argsListStr.substring(1, argsListStr.length()-2));
 String[] argsListStrs = argsListStr.substring(1, argsListStr.length()-1).split(",");
 String[] argsvalueStrs = argsvalueStr.substring(1,argsvalueStr.length()-1).split(",");

 for(int i=0;i<argsvalueStrs.length;i++) {
 System.out.println(argsListStrs[i]+" = "+ argsvalueStrs[i]);
 argsList.add(argsListStrs[i].trim());
 valueList.add(argsvalueStrs[i].trim());
 }
 }
 //因为创建page对象需得到总记录数，这个依赖数据库查询得到
 UserManager userManager = (UserManager) factory.getInstance().getManager("UserManager");

 StringBuffer sbQuery = new StringBuffer();
 StringBuffer sbCount = new StringBuffer();
 sbQuery.append("select id,name,password,phone,email,address,regTime from user");
 sbCount.append("select count(*) from user");
  
 if (argsList.size() != 0) {
 sbCount.append(" where ");
 for (int i = 0; i < argsList.size(); i++) {
 if(i==argsList.size()-1)
 sbCount.append( argsList.get(i));
 else
 sbCount.append( argsList.get(i) + "and ");
 //把查询条件的值由valueList传递给Object[]
 args[i]=valueList.get(i);
 }
 }
 //创建Page对象，sbCount为根据查找条件动态创建的查询总记录数的语句
 page pg = pageUtils.createPage(5, userManager.UserCount(sbCount.toString(), args), currentPage);
 //创建sbQuery动态查询语句，由上面的page对象可以设置出分页LIMIT ？，？语句
 if (argsList.size() != 0) {
 sbQuery.append(" where ");
 for (int i = 0; i < argsList.size() - 1; i++) {
 sbQuery.append(argsList.get(i) + "and ");
 }
 sbQuery.append(argsList.get(argsList.size() - 1) );
 }
 //此处不知道为什么无法将LIMIT的值通过PrepareStatement.setObject(*,pg.getBeginIndex())传递，此处采取显示传送，固隐藏通过地址栏分页值进行SQL注入的威胁
 sbQuery.append(" order by id limit " + pg.getBeginIndex() + ","+ pg.getPageSize());

 List userList = userManager.findUser(sbQuery.toString(), args);
  
 String path = "";
 request.setAttribute("page", pg);
 request.setAttribute("valueList", valueList);
 request.setAttribute("argsList", argsList);
 request.setAttribute("list", userList);
 path = "/user/listUser.jsp";
 super.foward(servlet, request, response, path);
 }
}