JDBC
1.下载jar包
-
下载地址:mvnrepository
-
搜索jar包
-
下载对应的版本
2.导入包
项目的根目录下新建lib目录,将下载好的包复制进去,最后右击lib目录->Add as Library...
3.编写代码
package com.sanduo.lesson01; import java.sql.*; // 第一个jdbc程序 public class JdbcFirstDemo { public static void main(String[] args) throws ClassNotFoundException, SQLException { //1. 加载驱动 //DriverManager.registerDriver(new com.mysql.jdbc.Driver()); Class.forName("com.mysql.jdbc.Driver"); //反射实现 //2. 用户信息url // useUnicode=true&characterEncoding=utf8&useSSL=true String url = "jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&useSSL=true"; String username = "root"; String password = "root"; //3. 连接成功,数据库对象 Connection 代表数据库 Connection connection = DriverManager.getConnection(url, username, password); //4. 执行SQL的对象 Statement 执行SQL Statement statement = connection.createStatement(); //5. 执行SQL的对象去执行SQL String sql = "select * from `user`"; ResultSet resultSet = statement.executeQuery(sql);// 回返的结果集 if(!resultSet.next()){ System.out.println("暂无数据"); } while (resultSet.next()){ System.out.println("id="+resultSet.getObject("id")); System.out.println("name="+resultSet.getObject("name")); System.out.println("age="+resultSet.getObject("age")); System.out.println("password="+resultSet.getObject("password")); } //6. 释放连接 resultSet.close(); statement.close(); connection.close(); } }
4.分析代码
DriverManager
//DriverManager.registerDriver(new com.mysql.jdbc.Driver()); Class.forName("com.mysql.jdbc.Driver"); //反射实现 //Connection 代表数据库 // 数据库设置自动提交 // 事务提交 // 事务回滚 connection.rollback(); connection.commit(); connection.setAutoCommit(); Connection connection = DriverManager.getConnection(url, username, password);
URL
String url = "jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&useSSL=true"; // mysql --3306 //协议:mysql://主机地址:端口号/数据库名?参数1&参数2&参数3 // oralce -- 1521 //jdbc:oralce:thin:@主机地址:localhost:sid
Statement 执行SQL的对象 PrepareStatement 执行SQL的对象
String sql = "select * from `user`"; statement.executeQuery();// 查询操作返回结果集 statement.executeUpdate();// 执行任何SQL statement.execute();//更新、插入、删除都是这个,返回受影响的行数
ResultSet 查询的结果集:封装了所有的查询结果
获得指定的数据类型
resultSet.getObject();// 在不知道列类型的时候使用 // 如果知道列类型就指定使用了 resultSet.getString(); resultSet.getInt(); resultSet.getFloat(); resultSet.getDouble(); resultSet.getDate();
遍历,指针
resultSet.beforeFirst();//移动最前面 resultSet.afterLast();//移动到最后面 resultSet.next();//移动到下一个数据 resultSet.previous();//移动到上一个数据 resultSet.absolute(row);//移动到指定行
释放资源
//6. 释放连接 resultSet.close(); statement.close(); connection.close();
5.提取工具类
1.src 目录下新建db.properties文件
driver=com.mysql.jdbc.Driver url=jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&useSSL=true username=root password=123456
2.创建工具类 JdbcUtils,代码如下
package com.sanduo.lesson02.utils; import java.io.InputStream; import java.sql.*; import java.util.Properties; public class JdbcUtils { private static String driver = null; private static String url = null; private static String username = null; private static String password = null; static { try { InputStream in = JdbcUtils.class.getClassLoader().getResourceAsStream("db.properties"); Properties properties = new Properties(); properties.load(in); driver = properties.getProperty("driver"); url = properties.getProperty("url"); username = properties.getProperty("username"); password = properties.getProperty("password"); // 驱动只用加载一次 Class.forName(driver); } catch (Exception e) { e.printStackTrace(); } } // 获取连接 public static Connection getConnection() throws SQLException { return DriverManager.getConnection(url, username, password); } // 释放连接资源 public static void release(Connection conn, Statement st, ResultSet rs) { if (rs != null) { try { rs.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } if (st != null) { try { st.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } if (conn != null) { try { conn.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } } }
新增数据
package com.sanduo.lesson02; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class TestInsert { public static void main(String[] args) { Connection conn = null; Statement st = null; ResultSet rs = null; try { //获取数据库连接 conn = JdbcUtils.getConnection(); // 获得sql的执行对象 st = conn.createStatement(); String sql = "INSERT INTO `users` (id,`name`,`password`,`desc`,`email`) VALUES(40,'XXXX','123456','DDDDD','1052543176@QQ.COM')"; int i = st.executeUpdate(sql); if(i>0){ System.out.println("插入成功"); } } catch (SQLException e) { e.printStackTrace(); } finally { JdbcUtils.release(conn,st,rs); } } }
更新数据
package com.sanduo.lesson02; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class TestUpdate { public static void main(String[] args) { Connection conn = null; Statement st = null; ResultSet rs = null; try { //获取数据库连接 conn = JdbcUtils.getConnection(); // 获得sql的执行对象 st = conn.createStatement(); String sql = "update `users` set name='sanduo' WHERE `id`= 40"; int i = st.executeUpdate(sql); if(i>0){ System.out.println("修改成功"); }else{ System.out.println("修改失败"); } } catch (SQLException e) { e.printStackTrace(); } finally { JdbcUtils.release(conn,st,rs); } } }
删除数据
package com.sanduo.lesson02; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class TestDelete { public static void main(String[] args) { Connection conn = null; Statement st = null; ResultSet rs = null; try { //获取数据库连接 conn = JdbcUtils.getConnection(); // 获得sql的执行对象 st = conn.createStatement(); String sql = "DELETE FROM `users` WHERE `id`=1"; int i = st.executeUpdate(sql); if(i>0){ System.out.println("删除成功"); }else{ System.out.println("删除失败"); } } catch (SQLException e) { e.printStackTrace(); } finally { JdbcUtils.release(conn,st,rs); } } }
查询数据
package com.sanduo.lesson02; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class TestQuery { public static void main(String[] args) { Connection conn = null; Statement st = null; ResultSet rs = null; // 新建连接 try { conn = JdbcUtils.getConnection(); st = conn.createStatement(); // sql String sql = "select * from users where id = 40"; rs = st.executeQuery(sql);//查询完毕会返回结果集 while (rs.next()){ System.out.println(rs.getObject("id")); System.out.println(rs.getObject("name")); System.out.println(rs.getObject("desc")); System.out.println(rs.getObject("email")); } } catch (Exception e) { e.printStackTrace(); } finally { JdbcUtils.release(conn,st,rs); } } }
6.SQL注入
sql存在漏洞,容易被攻击导致数据泄露
7.PrepareStatement对象
PrepareStatement 可以防止SQL注入,效率更好!
新增数据
package com.sanduo.lesson03; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.SQLException; public class TestInsert { public static void main(String[] args) { Connection conn = null; PreparedStatement st = null; try { conn = JdbcUtils.getConnection(); // 区别 // 使用问号占位符,代替参数 String sql = "INSERT INTO `users` (id,`name`,`password`,`desc`,`email`) VALUES(?,?,?,?,?)"; st = conn.prepareStatement(sql);//预编译sql,先写sql,然后不执行 // 手动给参数赋值 st.setInt(1,42); st.setString(2,"hahah"); st.setString(3,"123456"); st.setString(4,"10525431761@qq.com"); st.setString(5,"10525431761@qq.com"); // 执行 int i = st.executeUpdate(); if(i>0){ System.out.println("插入成功"); } } catch (SQLException throwables) { throwables.printStackTrace(); } finally { JdbcUtils.release(conn,st,null); } } }
更新数据
package com.sanduo.lesson03; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.SQLException; public class TestUpdate { public static void main(String[] args) { Connection conn = null; PreparedStatement st = null; try { conn = JdbcUtils.getConnection(); // 区别 // 使用问号占位符,代替参数 String sql = "update `users` set name=? WHERE `id`= ?"; st = conn.prepareStatement(sql);//预编译sql,先写sql,然后不执行 // 手动给参数赋值 st.setString(1,"hahah"); st.setInt(2,42); // 执行 int i = st.executeUpdate(); if(i>0){ System.out.println("更新成功"); } } catch (SQLException throwables) { throwables.printStackTrace(); } finally { JdbcUtils.release(conn,st,null); } } }
删除数据
package com.sanduo.lesson03; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.SQLException; public class TestDelete { public static void main(String[] args) { Connection conn = null; PreparedStatement st = null; try { conn = JdbcUtils.getConnection(); // 区别 // 使用问号占位符,代替参数 String sql = "DELETE FROM `users` WHERE `id`=?"; st = conn.prepareStatement(sql);//预编译sql,先写sql,然后不执行 // 手动给参数赋值 st.setInt(1,40); // 执行 int i = st.executeUpdate(); if(i>0){ System.out.println("删除成功"); } } catch (SQLException throwables) { throwables.printStackTrace(); } finally { JdbcUtils.release(conn,st,null); } } }
查询数据
package com.sanduo.lesson03; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; public class TestQuery { public static void main(String[] args) { Connection conn = null; PreparedStatement st = null; ResultSet rs = null; try { conn = JdbcUtils.getConnection(); // 区别 // 使用问号占位符,代替参数 String sql = "select * from users where id = ?"; st = conn.prepareStatement(sql);//预编译sql,先写sql,然后不执行 // 手动给参数赋值 st.setInt(1, 42); // 执行 rs = st.executeQuery(); while (rs.next()) { System.out.println(rs.getObject("id")); System.out.println(rs.getObject("name")); System.out.println(rs.getObject("desc")); System.out.println(rs.getObject("email")); } } catch (SQLException throwables) { throwables.printStackTrace(); } finally { JdbcUtils.release(conn, st, rs); } } }
SQL注入
package com.sanduo.lesson03; import com.sanduo.lesson02.utils.JdbcUtils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; public class SQL注入 { public static void main(String[] args) { //login("1111","123456"); login("'' or 1=1", "123456"); } // 登录业务 public static void login(String username, String password) { Connection conn = null; PreparedStatement st = null; ResultSet rs = null; System.out.println(username); System.out.println(password); // 新建连接 try { conn = JdbcUtils.getConnection(); // PrepareStatement 防止SQL注入的本质,把传递进来的参数当作字符 // 假设其中存在转译字符,就直接忽略,' 会被直接忽略 String sql = "select * from users where `name`=? and password=?"; st = conn.prepareStatement(sql); st.setString(1, username); st.setString(2, password); rs = st.executeQuery();//查询完毕会返回结果集 while (rs.next()) { System.out.println(rs.getObject("id")); System.out.println(rs.getObject("name")); System.out.println(rs.getObject("desc")); System.out.println(rs.getObject("email")); } } catch (Exception e) { e.printStackTrace(); } finally { JdbcUtils.release(conn, st, rs); } } }
9.数据池
编写连接池,实现一个接口DataSource
开源数据源实现 拿来即用
DBCP
C3P0
Druid:阿里巴巴
使用了这些数据库连接池之后,我们在项目开发中就不需要编写连接数据库的代码了
DBCP
commons-dbcp-1.4.jar
commons-pool-1.6.jar
C3P0
c3p0-0.9.2.1.jar
mchange-commons-java-0.2.3.4.jar
10.DBCP
1.导入包
commons-dbcp-1.4.jar
commons-pool-1.6.jar
2.配置文件
在src目录下创建 dbcpconfig.properties文件
配置文件如下:
#连接配置 这里的名字,是DBCP数据源中定义好的 driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&useSSL=true username=root password=root #初始化连接 initialSize=10 #最大连接数 maxActive=50 #最大空闲连接 maxIdle=20 #最小空闲连接 minIdle=5 #超时等待以毫秒为单位计算 6000毫秒/1000 = 60秒 maxWait=60000 #JDBC驱动建立连接时附带的连接属性的格式必须为这样:[属性名=property;] #注意:"user" 与 "password" 两个属性会被明确地传递,因此这里不需要包含他们。 connectionProperties=useUnicode=true;characterEncoding=UTF8 #指定由连接池所创建的连接的自动提交(auto-commit)状态: defaultAutoCommit=true #driver default 指定由连接池所创建的连续只读(read-only)状态 #如果没有设置该值,则“setReadOnly”方法将不被调用。(某些驱动不支持只读模式,如:Informix) defaultReadOnly= #driver default 指定由连接池所创建的连接事务级别(TransactionIsolation)。 #可用值为下列之一:(详情可见javadoc。)NONE,READ_UNCOMMITTED,REPEATABLE_READ defaultTransactionIsolation=READ_UNCOMMITTED
3.编写工具类
编写 JdbcUtils_DBCP.java类文件,代码如下:
package com.sanduo.lesson5.utils; import org.apache.commons.dbcp.BasicDataSource; import org.apache.commons.dbcp.BasicDataSourceFactory; import javax.sql.DataSource; import java.io.InputStream; import java.sql.*; import java.util.Properties; public class JdbcUtils_DBCP { private static DataSource dataSource = null; static { try { InputStream in = JdbcUtils_DBCP.class.getClassLoader().getResourceAsStream("dbcpconfig.properties"); Properties properties = new Properties(); properties.load(in); //创建数据源 工厂模式->创建 dataSource = BasicDataSourceFactory.createDataSource(properties); } catch (Exception e) { e.printStackTrace(); } } // 获取连接 public static Connection getConnection() throws SQLException { return dataSource.getConnection();//从数据源中获取连接 } // 释放连接资源 public static void release(Connection conn, Statement st, ResultSet rs) { if (rs != null) { try { rs.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } if (st != null) { try { st.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } if (conn != null) { try { conn.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } } }
4.测试代码
package com.sanduo.lesson5.utils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; public class TestQuery { public static void main(String[] args) { Connection conn = null; PreparedStatement st = null; ResultSet rs = null; try { conn = JdbcUtils_DBCP.getConnection(); // 区别 // 使用问号占位符,代替参数 String sql = "select * from `user` where id = ?"; st = conn.prepareStatement(sql);//预编译sql,先写sql,然后不执行 // 手动给参数赋值 st.setInt(1, 1); // 执行 rs = st.executeQuery(); while (rs.next()) { System.out.println(rs.getObject("id")); System.out.println(rs.getObject("name")); } } catch (SQLException throwables) { throwables.printStackTrace(); } finally { JdbcUtils_DBCP.release(conn,st,rs); } } }
11.C3P0
1.导入包
c3p0-0.9.5.5.jar
mchange-commons-java-0.2.19.jar
2.编辑配置文件
cdp0-config.xml代码如下:
<?xml version="1.0" encoding="UTF-8"?> <c3p0-config> <!-- C3P0的缺省(默认配置),如果在代码中 ComboPooledDataSource ds = new ComboPooledDataSource(); 这样就表示获取默认数数据源 --> <!-- 默认配置,如果没有指定使用则使用这个配置 --> <default-config> <property name="driverClass">com.mysql.jdbc.Driver</property> <property name="jdbcUrl">jdbc:mysql://localhost:3306/test</property> <property name="user">root</property> <property name="password">123</property> <property name="acquireIncrement">50</property> <property name="initialPoolSize">100</property> <property name="minPoolSize">50</property> <property name="maxPoolSize">1000</property> <!-- intergalactoApp adopts a different approach to configuring statement caching --> <property name="maxStatements">0</property> <property name="maxStatementsPerConnection">5</property> <!-- he's important, but there's only one of him --> <user-overrides user="master-of-the-universe"> <property name="acquireIncrement">1</property> <property name="initialPoolSize">1</property> <property name="minPoolSize">1</property> <property name="maxPoolSize">5</property> <property name="maxStatementsPerConnection">50</property> </user-overrides> </default-config> <!-- C3P0的命名配置,如果在代码中 ComboPooledDataSource ds = new ComboPooledDataSource("MySQL"); 这样就表示使用的是name为MySQL的数据源 --> <!-- 命名的配置 --> <named-config name="mysql"> <!-- 连接数据库的4项基本参数 --> <property name="driverClass">com.mysql.jdbc.Driver</property> <property name="jdbcUrl">jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&useSSL=true</property> <property name="user">root</property> <property name="password">root</property> <!-- 如果池中数据连接不够时一次增长多少个 --> <property name="acquireIncrement">5</property> <!-- 初始化连接数 --> <property name="initialPoolSize">10</property> <!-- 最小连接数 --> <property name="minPoolSize">10</property> <!-- 最大连接数 --> <property name="maxPoolSize">40</property> <!-- JDBC的标准参数,用以控制数据源内加载的PrepareStatements数量 --> <property name="maxStatements">200</property> <!-- 连接池内单个连接所拥有的最大缓存statements数 --> <property name="maxStatementsPerConnection">5</property> </named-config> </c3p0-config>
3.编写C3P0工具类
JdbcUtils_C3P0.java 类
package com.sanduo.lesson5.utils; import com.mchange.v2.c3p0.ComboPooledDataSource; import org.apache.commons.dbcp.BasicDataSourceFactory; import javax.sql.DataSource; import java.io.InputStream; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.Properties; public class JdbcUtils_C3P0 { private static DataSource dataSource = null; static { try { //创建数据源 工厂模式->创建 dataSource = new ComboPooledDataSource("mysql");//配置文件写法 } catch (Exception e) { e.printStackTrace(); } } // 获取连接 public static Connection getConnection() throws SQLException { return dataSource.getConnection();//从数据源中获取连接 } // 释放连接资源 public static void release(Connection conn, Statement st, ResultSet rs) { if (rs != null) { try { rs.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } if (st != null) { try { st.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } if (conn != null) { try { conn.close(); } catch (SQLException throwables) { throwables.printStackTrace(); } } } }
4.测试代码
编写TestQueryC3P0代码测试
package com.sanduo.lesson5.utils; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; public class TestQueryC3P0 { public static void main(String[] args) { Connection conn = null; PreparedStatement st = null; ResultSet rs = null; try { conn = JdbcUtils_C3P0.getConnection(); // 区别 // 使用问号占位符,代替参数 String sql = "select * from `user` where id = ?"; st = conn.prepareStatement(sql);//预编译sql,先写sql,然后不执行 // 手动给参数赋值 st.setInt(1, 1); // 执行 rs = st.executeQuery(); while (rs.next()) { System.out.println(rs.getObject("id")); System.out.println(rs.getObject("name")); } } catch (SQLException throwables) { throwables.printStackTrace(); } finally { JdbcUtils_C3P0.release(conn,st,rs); } } }
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· DeepSeek 开源周回顾「GitHub 热点速览」
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了