JDBC

1、什么是jdbc

  Java数据库连接,由一些接口和类构成的API(Application Programming Interface,应用程序编程接口),java对外提供数据库连接的接口,各个数据库厂商提供连接时的实现类(驱动),实现java和数据库的连接

       jdbc作用:是java程序和数据库之间的桥梁

  应用程序,jdbcAPI,数据库驱动及数据库之间的关系

 

2、jdbc开发步骤

package com.zy.jdbc;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Statement;

import org.junit.Test;

public class MyJDBC {

    public static void main(String[] args) throws Exception {
        // jdbc是连接数据库一种技术
        //程序——>数据库
        //八股文编程法----顺序要求明显,不要自由发挥
        
        //1加载驱动
        //该复制的不要手写,所有bug都是手写出来的        
        Class forName = Class.forName("com.mysql.jdbc.Driver");
        //2建立连接                                                          ip       端口    数据库名
        String url="jdbc:mysql://localhost:3306/data75";
        Connection connection = DriverManager.getConnection(url, "root", "123456");        
        if(!connection.isClosed()){
            System.out.println("Succeeded connecting to the Database!");
        }
        //3准备sql
        String sql="select * from student";
        //4得到执行对象
        Statement st = connection.createStatement();
        //5执行得到结果集
        ResultSet rs = st.executeQuery(sql);
        //6遍历结果集
        while(rs.next()){//结果集如果取下一行已经到头返回false
            int id = rs.getInt(1);
            String name = rs.getString(2);
            String sex = rs.getString(3);
            String birth = rs.getString(4);
            String department = rs.getString(5);
            String address = rs.getString(6);
            System.out.println(name+"\t"+sex+"\t"+birth+"\t"+department+"\t"+address);
        }
        //7关闭资源(先开后关)
        rs.close();
        st.close();
        connection.close();
    
    }
}

3、sql注入风险

Scanner sc = new Scanner(System.in);
        System.out.println("请输入用户名");
        String name = sc.nextLine();
        System.out.println("请输入密码");
        String pwd =sc.nextLine();
        //1加载驱动
        Class.forName("com.mysql.jdbc.Driver");
        //2得到连接
        Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/data75", "root", "123456");
        //3准备一个sql
//        String sql="SELECT * FROM user WHERE name='"+name+"' AND password='"+pwd+"'";
//        4得到执行对象
//        Statement st = connection.createStatement();
//        5执行查询
//        ResultSet rs = st.executeQuery(sql);
//        rs.next()向下获取一行数据 如果到末尾返回false
//        if(rs.next()){
//            System.out.println("登录成功");
//            
//        }else{
//            System.out.println("登录失败");
//            
//        }
        //6关闭资源
//        rs.close();
//        st.close();
//        connection.close();
        
        //------------------------------------------------------
        //Statement 存在sql注入的风险所以prepareStatement  准备/预编译的
        //占位符?-----替代了原始的字符串拼接
        //3 sql
        String sql="SELECT * FROM user WHERE name=? AND password=?";
        //4得到执行对象
        PreparedStatement ps = connection.prepareStatement(sql);
        //5设置占位符参数 1表示第一个问号
        ps.setString(1, name);//传入的参数只会当做一个值,而不是拼接状态,跟+拼接不一样
        ps.setString(2, pwd);
        //6执行
        ResultSet rs = ps.executeQuery();//除了查询,其他都用executeUpdate
        //7判断
        if(rs.next()){
        System.out.println("登录成功");
        
        }else{
            System.out.println("登录失败");
            
        }
        rs.close();
        connection.close();

4、单元测试

//1 通过eclipse加入单元测试jar包
    //2使用@Test注解
    //单元测试----可以达到类似main方法的一个效果
    
    @Test
    public void show(){
        System.out.println("这里写单元测试");
    }
    
    //删除
    @Test
    public void delete() throws Exception{
        Class.forName("com.mysql.jdbc.Driver");
        Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/data75", "root", "123456");
        String sql="DELETE FROM user WHERE name=?";
        PreparedStatement ps = connection.prepareStatement(sql);
        ps.setString(1, "hello");
        int executeUpdate = ps.executeUpdate();
        System.out.println("执行后的返回值"+executeUpdate);
        ps.close();
        connection.close();
        
    }
    
    //更新
    @Test
    public void update() throws Exception{        
        Class.forName("com.mysql.jdbc.Driver");
        Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/data75", "root", "123456");
        String sql="UPDATE USER SET NAME = ? WHERE id = ?";
        PreparedStatement ps = connection.prepareStatement(sql);
        ps.setString(1, "小红");
        ps.setString(2, "2");
        int executeUpdate = ps.executeUpdate();
        System.out.println("执行后的返回值"+executeUpdate);
        ps.close();
        connection.close();
        
    }
    //增加
        @Test
    public void insert() throws Exception{
        
        Class.forName("com.mysql.jdbc.Driver");
        Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/data75", "root", "123456");
        String sql="INSERT INTO user VALUES(NULL,?,?)";
        PreparedStatement ps = connection.prepareStatement(sql);
        
        ps.setString(1, "hello");
        ps.setString(2, "111");
        
        int executeUpdate = ps.executeUpdate();
        System.out.println("执行的返回值"+executeUpdate);
        ps.close();
        connection.close();
    
    }
    

5、将连接数据库包封装成JDBCUtil工具类

package com.zy.utils;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class JDBCutil {
    //静态代码块会在该类被使用时自动加载到内存,所以里面适合放一些初始化的代码
    static{
        try {
            //1加载驱动
            Class.forName("com.mysql.jdbc.Driver");
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        }
    }
    
    
    public static  PreparedStatement getPreparedStatement(Connection connection,String url,String username,String password,String
            sql){
         try {
             //2得到连接
            connection = DriverManager.getConnection(url, username, password);
            //4得到执行对象
            PreparedStatement ps = connection.prepareStatement(sql);
            return ps;
         } catch (SQLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        
        return null;
    }
    

    
    //7关闭资源(static就是方便调用)
    public static void closeAll(ResultSet rs,Connection connection,PreparedStatement ps){
        if(rs!=null){
            try {
                rs.close();
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }        
        }
        if(ps!=null){
            try {
                ps.close();
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }        
        }
        if(connection!=null){
            try {
                connection.close();
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }        
        }
                
    }
    
    //根据id删除某条数据
    public static void deleteById(PreparedStatement ps,int id){
        try {
            ps.setInt(1,id);
            ps.executeUpdate();
        } catch (SQLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
       
    }
    
}
@Test
  public void update2() throws Exception{
        Connection connection=null;
        String url="jdbc:mysql://localhost:3306/data75";
        String username="root";
        String password="123456";
        //3准备一个sql
        String sql="UPDATE USER SET NAME = ? WHERE id = ?";
        PreparedStatement ps = JDBCutil.getPreparedStatement(connection, url, username, password, sql);
        //5设置占位符参数 
        ps.setString(1, "小明");
        ps.setString(2, "2");
        //6执行
        ps.executeUpdate();
        JDBCutil.closeAll(null, connection, ps);
  }
   
   @Test
   public void delete2() throws Exception{
       Connection connection=null;
        String url="jdbc:mysql://localhost:3306/data75";
        String username="root";
        String password="123456";
        String sql="DELETE FROM user WHERE id=?";
        int id=4;        
        PreparedStatement ps = JDBCutil.getPreparedStatement(connection, url, username, password, sql);
        JDBCutil.deleteById(ps, id);
        JDBCutil.closeAll(null, connection, ps);
       
   }

 

posted @ 2019-07-10 22:41  勤奋的园  阅读(253)  评论(0编辑  收藏  举报