导入驱动包:
链接:https://pan.baidu.com/s/1RGvpXLW7ZvcDX1DpoqLuIg
提取码:t2ee
复制这段内容后打开百度网盘手机App,操作更方便哦
1.连接数据库
package com.conn;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class JDBC {
//驱动
final static String driver = "com.mysql.jdbc.Driver";
//连接数据库的地址
final static String url = "jdbc:mysql://127.0.0.1:3306/db_test?useUnicode=true&characterEncoding=utf-8";
//数据库用户名
final static String username = "root";
//数据库密码
final static String password = "123456";
//建立数据库连接
static{
try {
//加载驱动
Class.forName(driver);
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
//建立连接
public static Connection getConnection() {
Connection conn = null;
try {
//通过DriverManager获取到数据库连接
conn = DriverManager.getConnection(url, username, password);
} catch (SQLException e) {
e.printStackTrace();
}
return conn;
}
//释放资源
public static void close(Connection conn,Statement st,ResultSet rs) throws SQLException {
if (conn != null) {
conn.close();
}
if (st != null) {
st.close();
}
if (rs != null) {
rs.close();
}
}
//测试连接数据库是否成功
public static void main(String[] args) {
System.out.println(JDBC.getConnection());
}
}
2.创建表
CREATE TABLE user (
id int(11) NOT NULL AUTO_INCREMENT,
usernam` varchar(64) DEFAULT NULL,
password varchar(64) DEFAULT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;
/*Data for the table `user` */
insert into `user`(`id`,`username`,`password`) values (1,'张三','123'),(2,'李四','456'),(3,'王五','789');
3.建立实体类
package com.entity;
public class User {
private Integer id;
private String username;
private String password;
public User() {
}
public User(Integer id, String username, String password) {
this.id = id;
this.username = username;
this.password = password;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "用户信息 [编号=" + id + ", 姓名=" + username + ", 密码=" + password + "]";
}
}
4.增删改查
package com.baseDao;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;
import com.conn.JDBC;
import com.entity.User;
public class DB {
// 查询所有数据
public static List<User> seleteAll() {
// 创建一个User对象的集合
List<User> user = new ArrayList<User>();
// sql语句
String sql = "select * from user";
Connection conn = null;
Statement st = null;
ResultSet rs = null;
try {
conn = JDBC.getConnection();
st = conn.createStatement();
// 将sql语句发送到数据库
rs = st.executeQuery(sql);
while (rs.next()) {
// 通过表头获取
Integer id = rs.getInt("id");
String usename = rs.getString("username");
String password = rs.getString("password");
// 将每一条数据存放到User对象的集合中
user.add(new User(id, usename, password));
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
// 关闭连接
try {
JDBC.close(conn, st, rs);
} catch (SQLException e) {
e.printStackTrace();
}
}
return user;
}
// 增删改
public static int update(String sql) {
Connection conn = null;
Statement st = null;
int i = 0;
try {
conn = JDBC.getConnection();
st = conn.createStatement();
i = st.executeUpdate(sql);
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
JDBC.close(conn, st, null);
} catch (SQLException e) {
e.printStackTrace();
}
}
return i;
}
// 登录
public static User login(String name, String password) {
// 创建一个User对象的集合
User user = null;
String sql = "select * from user where username='" + name + "'and password = '" + password + "'";// (不安全)
Connection conn = null;
Statement st = null;
ResultSet rs = null;
try {
// 建立数据库连接
conn = JDBC.getConnection();
st = conn.createStatement();
rs = st.executeQuery(sql);
while (rs.next()) {
user = new User(rs.getInt("id"), rs.getString("username"), rs.getString("password"));
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
JDBC.close(conn, st, rs);
} catch (SQLException e) {
e.printStackTrace();
}
}
return user;
}
// 预编译登录
public static User preLogin(String name, String password) {
String sql = "select * from user where username= ? and password = ?";
User user = null;
Connection conn = null;
PreparedStatement pst = null;
ResultSet rs = null;
try {
conn = JDBC.getConnection();
pst = conn.prepareStatement(sql);
pst.setString(1, name);
pst.setString(2, password);
rs = pst.executeQuery();
while (rs.next()) {
user = new User(rs.getInt("id"), rs.getString("username"), rs.getString("password"));
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
JDBC.close(conn, pst, rs);
} catch (SQLException e) {
e.printStackTrace();
}
}
return user;
}
// 预编增删该查
public static int Preupdate(String sql, Object... prams) {
Connection conn = null;
PreparedStatement pst = null;
int i = 0;
try {
conn = JDBC.getConnection();
pst = conn.prepareStatement(sql);
for (int j = 0; j < prams.length; j++) {
pst.setObject(j + 1, prams[j]);
}
i = pst.executeUpdate();
} catch (Exception e) {
e.printStackTrace();
}
return i;
}
public static void main(String[] args) {
List<User> user = DB.seleteAll();
for (User users : user) {
System.out.println(users);
}
// System.out.println("增加数据===========");
// System.out.println(DB.update("insert into user values(4,'赵六','4321');"));
// System.out.println("删除一条数据=======");
// System.out.println(DB.update("delete from user where id="+4));
// System.out.println("修改一条数据======");
// System.out.println(DB.update("update user set username='西西' where id=3"));
System.out.println("普通登录=======不安全");
System.out.println(DB.login("' or 1=1 -- ", " "));
System.out.println("预编译登录======");
System.out.println(DB.preLogin("张三", "123"));
System.out.println(DB.preLogin("' or 1=1 -- ", " "));
// System.out.println("预编译增");
// System.out.println(DB.Preupdate("insert into user values(?,?,?)", 4,"赵六","432"));
// System.out.println("预编译删");
// System.out.println(DB.Preupdate("delete from user where id=?", 4));
System.out.println("预编译改");
System.out.println(DB.Preupdate("update user set username=? where id=?", "王五",3));
}
}
运行截图