jdbc

JDBC

什么是JDBC？为什么使用JDBC

1)SUN公司为使Java程序灵活的访问各种不同的关系型数据库提供的规则。

2)为什么使用JDBC？

a)降低Java程序操作数据库的成本

b)使Java程序灵活移植

*9 祥解JDBC连接数据库的各个步骤

1)注册驱动：DriverManager.registerDriver(newcom.mysql.jdbc.Driver());

java.sql.Driver(接口)-com.mysql.jdbc.Driver(实现类)

(首先返回true)boolean acceptsURL(String url)

查询驱动程序是否认为它可以打开到给定 URL 的连接。

(然后)Connection connect(String url, Properties info)

试图创建一个到给定 URL 的数据库连接。

注意：上述代码会向DriverManager注册二次相同的MySQL驱动，其中一次在Driver实现类中

项目中推荐使用以下代码间接注册数据库驱动：

Class.forName("com.mysql.jdbc.Driver");

优点：

a)只注册一次

b)无需导入与具体数据库驱动相关的包

2)获取数据库连接对象：

Connectionconn = DriverManager.getConnection(

"jdbc:mysql://127.0.0.1:3306/mydb2","root","root");

3)关闭流

a)依次按resul->statement->connection顺序关闭

b)在能完成业务的情况下，尽早关闭

*10 JDBC的六个固定步骤

1，注册数据库驱动[利用反射]

2，取得数据库连接对象Connection

3，创建SQL对象

4，执行SQL命令，并返回结果集

5，处理结果集

6，依次关闭结果集

*11 使用JDBC完成CURD操作

insert/update/delete----Statement.executeUpdate(sql)：返回值表示影响记录的行数

select------------------Statement.exeucteQuery():返回值表示符合条件的记录

create------------------ ?

drop-------------------- ?

sql脚本

create table user(

idint primary key auto_increment,

namevarchar(20),

gender varchar(6),

salary float

);

sql表脚本:

create table user(

idint primary key auto_increment,

namevarchar(20),

gender varchar(6),

salary float

);

insert into user(name,gender,salary)values('jack','male',4000);

insert into user(name,gender,salary)values('marry','female',5000);

insert into user(name,gender,salary) values('jim','male',6000);

insert into user(name,gender,salary)values('tom','male',7000);

insert into user(name,gender,salary)values('soso','female',NULL);

insert into user(name,gender,salary)values('haha','female',3500);

insert into user(name,gender,salary)values('hehe','female',4500);

利用db.propeties属性文件配置数据库连接信息

#db.propeties属性文件

driver = com.mysql.jdbc.Driver

url = jdbc:mysql://127.0.0.1:3306/mydb2

user = root

password = root

JdbcUtil工具类

package cn.itcast.web.jdbc;

import java.io.InputStream;

import java.sql.Connection;

import java.sql.DriverManager;

import java.sql.ResultSet;

import java.sql.Statement;

import java.util.Properties;

import org.junit.Test;

//JDBC工具类：关闭流和取得连接

publicfinalclass JdbcUtil {

privatestatic String driver;

privatestatic String url;

privatestatic String user;

privatestatic String password;

//静态块：加载文件

static{

Properties props = new Properties();

//getResourceAsStream()使用类加载器加载配置文件

InputStream is = Demo3.class.getClassLoader().getResourceAsStream("cn/itcast/web/jdbc/db.properties");

try {

props.load(is);

} catch (Exception e) {

e.printStackTrace();

}

driver = props.getProperty("driver");

url = props.getProperty("url");

user = props.getProperty("user");

password = props.getProperty("password");

}

//静态块：注册驱动

static{

try {

Class.forName(driver);

} catch (Exception e) {

e.printStackTrace();

}

//取得连接

publicstatic Connection getMySqlConnection(){

Connection conn = null;

try {

conn = DriverManager.getConnection(url,user,password);

} catch (Exception e) {

e.printStackTrace();

}

return conn;

}

//关闭连接

publicstaticvoid close(ResultSet rs){

if(rs!=null){

try {

rs.close();

} catch (Exception e) {

e.printStackTrace();

}

publicstaticvoid close(Statement stmt){

if(stmt!=null){

try {

stmt.close();

} catch (Exception e) {

e.printStackTrace();

}

publicstaticvoid close(Connection conn){

if(conn!=null){

try {

conn.close();

} catch (Exception e) {

e.printStackTrace();

}

@Test

publicvoid test(){

try{

JdbcUtil.getMySqlConnection();

System.out.println("数据库连接成功");

}catch(Exception e)

{

e.printStackTrace();

System.out.println("数据库连接失败");

}

Statement CURD

package cn.itcast.web.jdbc;

import java.sql.Connection;

import java.sql.ResultSet;

import java.sql.Statement;

import org.junit.Test;

//基于JDBC的CURD操作

public class Crud {

@Test

publicvoid create(){

Connectionconn = null;

Statementstmt = null;

ResultSetrs = null;

Stringsql = "insert into user(name,gender,salary) values('丝丝','女',3000)";

try{

conn= JdbcUtil.getMySqlConnection();

stmt= conn.createStatement();

inti = stmt.executeUpdate(sql);

System.out.println(i>0?"成功":"失败");

}catch (Exception e) {

e.printStackTrace();

}finally{

JdbcUtil.close(rs);

JdbcUtil.close(stmt);

JdbcUtil.close(conn);

}

@Test

publicvoid read(){

Connectionconn = null;

Statementstmt = null;

ResultSetrs = null;

Stringsql = "select * from user where gender='male'";

try{

conn= JdbcUtil.getMySqlConnection();

stmt= conn.createStatement();

rs= stmt.executeQuery(sql);

while(rs.next()){

Stringname = rs.getString("name");

String gender = rs.getString("gender");

System.out.println(name+":"+gender);

}

}catch (Exception e) {

e.printStackTrace();

System.out.println("读取失败");

}finally{

JdbcUtil.close(rs);

JdbcUtil.close(stmt);

JdbcUtil.close(conn);

}

@Test

publicvoid update(){

Connectionconn = null;

Statementstmt = null;

ResultSetrs = null;

Stringsql = "update user set gender='female' where id = 8";

try{

conn= JdbcUtil.getMySqlConnection();

stmt= conn.createStatement();

inti = stmt.executeUpdate(sql);

System.out.println(i>0?"成功":"失败");

}catch (Exception e) {

e.printStackTrace();

}finally{

JdbcUtil.close(rs);

JdbcUtil.close(stmt);

JdbcUtil.close(conn);

}

@Test

publicvoid delete(){

Connectionconn = null;

Statementstmt = null;

ResultSetrs = null;

Stringsql = "delete from user where salary IS NULL";

try{

conn= JdbcUtil.getMySqlConnection();

stmt= conn.createStatement();

inti = stmt.executeUpdate(sql);

System.out.println(i>0?"成功":"失败");

}catch (Exception e) {

e.printStackTrace();

}finally{

JdbcUtil.close(rs);

JdbcUtil.close(stmt);

JdbcUtil.close(conn);

}

@Test

publicvoid read(String name){

Connectionconn = null;

Statementstmt = null;

ResultSetrs = null;

Stringsql = "select * from user where name='"+name+"'";

System.out.println("sql="+sql);

try{

conn= JdbcUtil.getMySqlConnection();

stmt= conn.createStatement();

rs= stmt.executeQuery(sql);

while(rs.next()){

//while(rs!=null)

name= rs.getString("name");

String gender = rs.getString("gender");

System.out.println(name+":"+gender);

}

} catch (Exception e) {

e.printStackTrace();

}finally{

JdbcUtil.close(rs);

JdbcUtil.close(stmt);

JdbcUtil.close(conn);

}

publicvoid createTable(String tableName){

}

publicvoid dropTable(String tableName){

}

publicstatic void main(String[] args) {

Crudcrud = new Crud();

//crud.read("'or true or' ");

crud.createTable("system");

crud.dropTable("system");

crud.read("丝丝");

crud.create();

crud.delete();

crud.update();

crud.read();

}

防止sql注入

1 Statement和PreparedStatement的特点

a)对于创建和删除表或数据库，我们可以使用executeUpdate()，该方法返回0，表示未影向表中任何记录

b)对于创建和删除表或数据库，我们可以使用execute()，该方法返回false，表示创建和删除数据库表

c)除了select操作返回true之除，其它的操作都返回false

d)PreparedStatement有如下的特点：

>>解决SQL注入问题，在绑定参数时，动态检测

>>在发送相同结构的SQL时，较Statement效率有所提升

>>使用？占位符替代真实的绑定值

>>项目中，优先使用PreparedStatement

使用preparedStatementCURD

User Bean:

publicclass User {

privateintid;

private String username;

private String password;

private java.util.Date birthday;

privatefloatsalary;

public User(){}

publicint getId() {

returnid;

}

publicvoid setId(int id) {

this.id = id;

}

public String getUsername() {

returnusername;

}

publicvoid setUsername(String username) {

this.username = username;

}

public String getPassword() {

returnpassword;

}

publicvoid setPassword(String password) {

this.password = password;

}

public java.util.Date getBirthday() {

returnbirthday;

}

publicvoid setBirthday(java.util.Date birthday) {

this.birthday = birthday;

}

publicfloat getSalary() {

returnsalary;

}

publicvoid setSalary(float salary) {

this.salary = salary;

}

curd:

publicclass Crud {

publicvoid create(String name,String gender,float salary){

Connection conn = null;

PreparedStatementpstmt = null;

ResultSet rs = null;

String sql = "insert intouser(name,gender,salary) values(?,?,?)";

try {

conn = JdbcUtil.getMySqlConnection();

pstmt = conn.prepareStatement(sql);

pstmt.setString(1,name);

pstmt.setString(2,gender);

pstmt.setFloat(3,salary);

pstmt.executeUpdate();

} catch (Exception e) {

e.printStackTrace();

}finally{

JdbcUtil.close(rs);

JdbcUtil.close(pstmt);

JdbcUtil.close(conn);

}

publicvoid read(String name){

Connection conn = null;

PreparedStatementpstmt = null;

ResultSet rs = null;

//使用PreparedStement的参数使用占位符替代

String sql = "select *from user where name = ?";

try {

conn = JdbcUtil.getMySqlConnection();

pstmt = conn.prepareStatement(sql);

//能过setXxxx()方法为占位符赋值，

//在赋值的过程中动态检测，预防SQL注入问题的发生

pstmt.setString(1,name);

rs = pstmt.executeQuery();

while(rs.next()){

name = rs.getString("name");

String gender = rs.getString("gender");

System.out.println(name+":"+gender);

}

} catch (Exception e) {

e.printStackTrace();

}finally{

JdbcUtil.close(rs);

//多态原则

JdbcUtil.close(pstmt);

JdbcUtil.close(conn);

}

publicstaticvoid main(String[] args) {

Crud crud = new Crud();

//crud.read(" 'or trueor' ");

//crud.create("tim","male",5000);

}

思维决定出路

发布了41 篇原创文章 · 获赞 5 · 访问量 14万+

私信关注

oracle用戶管理--oracle學習第四天

oracle存儲過程,存儲函數-oracle學習第四天

dbutil框架

oracle觸發器,回收站,導入導出-oracle學習第四天

jstl隔行顯示不同的背景色與ajax隔行顯示不同的顏色

Mac下配置sublime實現LaTeX

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結