二十七、JDBC连接数据库与预编译登录(及用预编译的原因)

其他 2020-02-07 10:11:04 阅读次数: 0

导入驱动包:
链接:https://pan.baidu.com/s/1RGvpXLW7ZvcDX1DpoqLuIg
提取码:t2ee
复制这段内容后打开百度网盘手机App,操作更方便哦
在这里插入图片描述
1.连接数据库

package com.conn;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class JDBC {
	//驱动
	final static String driver = "com.mysql.jdbc.Driver";
    //连接数据库的地址
	final static String url = "jdbc:mysql://127.0.0.1:3306/db_test?useUnicode=true&characterEncoding=utf-8";
	//数据库用户名
	final static String username = "root";
	//数据库密码
	final static String password = "123456";
	//建立数据库连接
	static{
		try {
			//加载驱动
			Class.forName(driver);
		} catch (ClassNotFoundException e) {
			e.printStackTrace();
		}
	}
	//建立连接
	public static Connection getConnection() {
		Connection conn = null;
		try {
			//通过DriverManager获取到数据库连接
		    conn = DriverManager.getConnection(url, username, password);
		} catch (SQLException e) {
			e.printStackTrace();
		}
		return conn;
	}
	//释放资源
	public static void close(Connection conn,Statement st,ResultSet rs) throws SQLException {
		if (conn != null) {
			conn.close();
		}
		if (st != null) {
			st.close();
		}
		if (rs != null) {
			rs.close();
		}
	}
	//测试连接数据库是否成功
	public static void main(String[] args) {
		System.out.println(JDBC.getConnection());
	}
}

2.创建表

CREATE TABLE user (
  id int(11) NOT NULL AUTO_INCREMENT,
  usernam` varchar(64) DEFAULT NULL,
  password varchar(64) DEFAULT NULL,
  PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;

/*Data for the table `user` */

insert  into `user`(`id`,`username`,`password`) values (1,'张三','123'),(2,'李四','456'),(3,'王五','789');

3.建立实体类

package com.entity;

public class User {
	private Integer id;
	private String username;
	private String password;
	public User() {
		
	}
	public User(Integer id, String username, String password) {
		this.id = id;
		this.username = username;
		this.password = password;
	}
	public Integer getId() {
		return id;
	}
	public void setId(Integer id) {
		this.id = id;
	}
	public String getUsername() {
		return username;
	}
	public void setUsername(String username) {
		this.username = username;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}
	@Override
	public String toString() {
		return "用户信息 [编号=" + id + ", 姓名=" + username + ", 密码=" + password + "]";
	}
}

4.增删改查

package com.baseDao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;

import com.conn.JDBC;
import com.entity.User;

public class DB {
	// 查询所有数据
	public static List<User> seleteAll() {
		// 创建一个User对象的集合
		List<User> user = new ArrayList<User>();
		// sql语句
		String sql = "select * from user";
		Connection conn = null;
		Statement st = null;
		ResultSet rs = null;
		try {
			conn = JDBC.getConnection();
			st = conn.createStatement();
			// 将sql语句发送到数据库
			rs = st.executeQuery(sql);
			while (rs.next()) {
				// 通过表头获取
				Integer id = rs.getInt("id");
				String usename = rs.getString("username");
				String password = rs.getString("password");
				// 将每一条数据存放到User对象的集合中
				user.add(new User(id, usename, password));
			}
		} catch (SQLException e) {
			e.printStackTrace();
		} finally {
			// 关闭连接
			try {
				JDBC.close(conn, st, rs);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}
		return user;
	}

	// 增删改
	public static int update(String sql) {
		Connection conn = null;
		Statement st = null;
		int i = 0;
		try {
			conn = JDBC.getConnection();
			st = conn.createStatement();
			i = st.executeUpdate(sql);
		} catch (SQLException e) {
			e.printStackTrace();
		} finally {
			try {
				JDBC.close(conn, st, null);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}
		return i;
	}

	// 登录
	public static User login(String name, String password) {
		// 创建一个User对象的集合
		User user = null;
		String sql = "select * from user where username='" + name + "'and password = '" + password + "'";// (不安全)
		Connection conn = null;
		Statement st = null;
		ResultSet rs = null;
		try {
			// 建立数据库连接
			conn = JDBC.getConnection();
			st = conn.createStatement();
			rs = st.executeQuery(sql);
			while (rs.next()) {
				user = new User(rs.getInt("id"), rs.getString("username"), rs.getString("password"));
			}
		} catch (SQLException e) {
			e.printStackTrace();
		} finally {
			try {
				JDBC.close(conn, st, rs);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}

		return user;

	}

	// 预编译登录
	public static User preLogin(String name, String password) {
		String sql = "select * from user where username= ? and password = ?";
		User user = null;
		Connection conn = null;
		PreparedStatement pst = null;
		ResultSet rs = null;
		try {
			conn = JDBC.getConnection();
			pst = conn.prepareStatement(sql);
			pst.setString(1, name);
			pst.setString(2, password);
			rs = pst.executeQuery();
			while (rs.next()) {
				user = new User(rs.getInt("id"), rs.getString("username"), rs.getString("password"));
			}
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			try {
				JDBC.close(conn, pst, rs);
			} catch (SQLException e) {
				e.printStackTrace();
			}
		}
		return user;
	}

	// 预编增删该查
	public static int Preupdate(String sql, Object... prams) {
		Connection conn = null;
		PreparedStatement pst = null;
		int i = 0;
		try {
			conn = JDBC.getConnection();
			pst = conn.prepareStatement(sql);
			for (int j = 0; j < prams.length; j++) {
				pst.setObject(j + 1, prams[j]);
			}
			i = pst.executeUpdate();
		} catch (Exception e) {
			e.printStackTrace();
		}

		return i;
	}

	public static void main(String[] args) {
		List<User> user = DB.seleteAll();
		for (User users : user) {
			System.out.println(users);
		}

//		System.out.println("增加数据===========");
//		System.out.println(DB.update("insert into user values(4,'赵六','4321');"));
		
//		System.out.println("删除一条数据=======");
//		System.out.println(DB.update("delete from user where id="+4));
		
//		System.out.println("修改一条数据======");
//		System.out.println(DB.update("update user set username='西西'  where id=3"));
		
		System.out.println("普通登录=======不安全");
		System.out.println(DB.login("' or 1=1 -- ", " "));
		
		System.out.println("预编译登录======");
		System.out.println(DB.preLogin("张三", "123"));
		System.out.println(DB.preLogin("' or 1=1 -- ", " "));
		
//		System.out.println("预编译增");
//		System.out.println(DB.Preupdate("insert into user values(?,?,?)", 4,"赵六","432"));
//		System.out.println("预编译删");
//		System.out.println(DB.Preupdate("delete from user where id=?", 4));
		System.out.println("预编译改");
		System.out.println(DB.Preupdate("update user set username=? where id=?", "王五",3));
		
	}
}

运行截图
在这里插入图片描述
在这里插入图片描述

hcybx
发布了46 篇原创文章 · 获赞 41 · 访问量 8425
私信 关注

猜你喜欢

转载自blog.csdn.net/weixin_42635052/article/details/100729835
今日推荐
Linus “吃狗粮”最积极!
开源日报 | Winamp播放器即将开源;生成式AI之战升级第二轮;Linus“吃狗粮”最积极;AI进入泡沫前期;吴泳铭为阿里云带来了什么?
NetBSD 禁止提交由 AI 生成的代码
Apache Doris 2.0.10 版本正式发布!
开源日报 | 大模型开战;大模型独角兽被曝卖身;周鸿祎建议谷歌开源所有产品;最大开源AI社区提供1000万美元共享GPU
开源日报 | Chrome内置Gemini的意义不在于Gemini;中国AI追随之路的五大误区;ECharts创始人“下海”养鱼;谷歌I/O开发者大会什么都有,只是没有惊喜
微软回应中国区AI团队“打包赴美”传闻
周排行
SVN服务端安装在阿里云
实战 | 相机标定
webpack核心概念
note20——》只要肯低头吃苦,人生就会有救
PAT甲级 1062 Talent and Virtue (25 分)排序
NG Toolset开发笔记--5GNR Resource Grid(26)
如何对待上司
oracle命令
第9章 STL迭代器
logstash使用es映射模板
每日归档
更多
2024-05-20(36)
2024-05-19(0)
2024-05-18(4)
2024-05-17(34)
2024-05-16(6)
2024-05-15(24)
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022