Statement 简单操作数据库

移动开发 2023-09-19 00:17:58 阅读次数: 0

使用Statement的弊端:需要拼写sql语句,并且存在SQL注入的问题

解决办法:只要使用PreparedStatement(从Statement扩展而来)取代Statement

mysql配置 : jdbc.properties

#mysql配置
user=root
password=root
url=jdbc:mysql://localhost:3306/java?serverTimezone=Asia/Shanghai
driverClass=com.mysql.cj.jdbc.Driver

JDBCUtils链接数据库

package JDBCUtil;

import JDBCTest.PreperdStatementUpdateTest;

import java.io.IOException;
import java.io.InputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Properties;

/**
 * @Author HLY
 * @Create 2019-12-05 12:55
 */
public class JDBCUtils {

    public static Connection getConnection() throws IOException, ClassNotFoundException, SQLException {
        InputStream inputStream= JDBCUtils.class.getClassLoader().getResourceAsStream("jdbc.properties");
        Properties properties=new Properties();
        properties.load(inputStream);

        String user=properties.getProperty("user");
        String password=properties.getProperty("password");
        String url=properties.getProperty("url");
        String driverClass=properties.getProperty("driverClass");
        //加载驱动
        Class.forName(driverClass);
        //获取链接
        Connection connection = DriverManager.getConnection(url, user, password);
        return connection;
    }

    public void closeResource(Connection connection, Statement preparedStatement) throws SQLException {
        //资源关闭
        if (connection!=null){
            connection.close();
        }
        if (preparedStatement!=null){
            preparedStatement.close();
        }
    }

}

 User对象

package JDBCStatement;

/**
 * @Author HLY
 * @Create 2019-12-17 11:39
 */
public class User {

    private String user;
    private String password;

    public User (){

    }

    public User (String user,String password){
        this.user=user;
        this.password=password;
    }


    public String getUser() {
        return user;
    }

    public void setUser(String user) {
        this.user = user;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    @Override
    public String toString() {
        return "User{user:"+user
                +"password:"+password+"}";
    }

}

StatementTest

package JDBCStatement;
import JDBCUtil.JDBCUtils;
import org.junit.Test;

import java.io.IOException;
import java.lang.reflect.Field;
import java.sql.*;
import java.util.Scanner;

/**
 * @Author HLY
 * @Create 2019-12-17 11:39
 */
public class StatementTest {


    public static void main(String[] args) {

        test();

    }


    public static void test(){

        System.out.println("请输入用户名:");
        Scanner input=new Scanner(System.in);
        //接受String类型
        String str=input.next();
        System.out.println("请输入密码:");
        String ps=input.next();
        String sql="SELECT user,password FROM user_login WHERE user='"+str+"' AND PASSWORD='"+ps+"'";
        try {
            User user1 = get(sql, User.class);
            System.out.print(user1.toString());
        } catch (SQLException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        } catch (InstantiationException e) {
            e.printStackTrace();
        }
    }


    public static <T> T get(String sql, Class clazz) throws SQLException, IOException, ClassNotFoundException, IllegalAccessException, InstantiationException {

        T t=null;
        Connection connection = JDBCUtils.getConnection();
        Statement statement = connection.createStatement();
        ResultSet resultSet = statement.executeQuery(sql);
        ResultSetMetaData resultSetMetaData=resultSet.getMetaData();
        int columnCount=resultSetMetaData.getColumnCount();
        if (resultSet.next()){
            t= (T) clazz.newInstance();
            for (int i=0;i<columnCount;i++){
                String name=resultSetMetaData.getColumnLabel(i+1);

                Object val=resultSet.getObject(name);
                Field field= null;
                try {
                    field = clazz.getDeclaredField(name);
                } catch (NoSuchFieldException e) {
                    e.printStackTrace();
                }
                field.setAccessible(true);
                field.set(t,val);
            }

            resultSet.close();
            statement.close();
            connection.close();

            return t;
        }
        return null;
    }

}

问题:在单元测试中使用Scanner ,控制台不能输入

希望大神留言解释

代码如下:

package JDBCStatement;
import JDBCUtil.JDBCUtils;
import org.junit.Test;

import java.io.IOException;
import java.lang.reflect.Field;
import java.sql.*;
import java.util.Scanner;

/**
 * @Author HLY
 * @Create 2019-12-17 11:39
 */
public class StatementTest {
    

    @Test
    public  void test(){

        System.out.println("请输入用户名:");
        Scanner input=new Scanner(System.in);
        //接受String类型
        String str=input.next();
        System.out.println("请输入密码:");
        String ps=input.next();
        String sql="SELECT user,password FROM user_login WHERE user='"+str+"' AND PASSWORD='"+ps+"'";
        try {
            User user1 = get(sql, User.class);
            System.out.print(user1.toString());
        } catch (SQLException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        } catch (InstantiationException e) {
            e.printStackTrace();
        }
    }


    public <T> T get(String sql, Class clazz) throws SQLException, IOException, ClassNotFoundException, IllegalAccessException, InstantiationException {

        T t=null;
        Connection connection = JDBCUtils.getConnection();
        Statement statement = connection.createStatement();
        ResultSet resultSet = statement.executeQuery(sql);
        ResultSetMetaData resultSetMetaData=resultSet.getMetaData();
        int columnCount=resultSetMetaData.getColumnCount();
        if (resultSet.next()){
            t= (T) clazz.newInstance();
            for (int i=0;i<columnCount;i++){
                String name=resultSetMetaData.getColumnLabel(i+1);

                Object val=resultSet.getObject(name);
                Field field= null;
                try {
                    field = clazz.getDeclaredField(name);
                } catch (NoSuchFieldException e) {
                    e.printStackTrace();
                }
                field.setAccessible(true);
                field.set(t,val);
            }

            resultSet.close();
            statement.close();
            connection.close();

            return t;
        }
        return null;
    }

}

猜你喜欢

转载自blog.csdn.net/paroleg/article/details/103581986
今日推荐
面壁智能发布 Eurux-8x22B 开源大模型 —— 堪称「理科状元」
开源日报 | 谷歌扶持鸿蒙上位;开源Rabbit R1;Docker加持的安卓手机;微软的焦虑和野心;海尔电器把开放平台关了
中国码农的“35岁魔咒”
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Arc Browser for Windows 1.0 正式 GA
90后程序员开发视频搬运软件、不到一年获利超 700 万,结局很刑!
周排行
【转】spring中对控制反转和依赖注入的理解
tms webcore 安装和使用
java程序员进阶相关书籍
SpringMVC接受请求参数、
如何保存训练好的机器学习模型
MyEclipse、Eclipse设置项目JDK的三个地方
商超行业微信小程序开发定制一般多少钱 (行业技术人员解读)
Markdown编辑器语言——30分钟入门到到精通
Linux系统下MongoDB的简单安装与基本操作
Power Strings
每日归档
更多
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)
2024-05-01(4)
2024-04-30(1)
2024-04-29(40)
2024-04-28(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022