How to use the pre-compiled object?

. 1  Package jdbcDome;
 2  
. 3  Import the java.sql.Connection;
 . 4  Import java.sql.PreparedStatement;
 . 5  Import the java.sql.ResultSet;
 . 6  Import java.sql.SQLException;
 . 7  Import java.util.Scanner;
 . 8  
. 9  Import JavaFX. geometry.Side;
 10  
. 11  
12 is  
13 is  / ** 
14  * 
 15  * @author extraordinary
 16  * this is the basis of the method used, is a method to start learning,
 17  * but not prevent SQL injection, (but may enter the box limit special character input to achieve the same purpose)
 18  * the following statement is precompiled objects
. 19   * / 
20 is  public  class dbText {
 21 is      public  static  void main (String [] args) {
 22 is          / * 
23 is           
24           * 
 25           *
 26 is          jdbcTools jdbcTools.getDB DB1 = ();
 27          Scanner Scanner SC1 new new = (the System.in);
 28          System.out.println ( "Please enter your login:");
 29          int Sid = sc1.nextInt ();
 30          System.out.println ( "Please enter your password");
 31          String pwd = sc1.next ();
 32          String sqlQuery = "SELECT * WHERE from SID = Student" Sid + + "and pwd = '" + + pwd "
'";
33         
34         ResultSet rs1 =  db1.query(sqlQuery);
35         try {
36             if(rs1.next())
37             {
38             System.out.println("登陆成功！");
39             System.out.println(sqlQuery);
40             System.out.println(rs1.getString(2));
41                 }else {
42                     System.out.println("登陆失败！");
43                     
44                 }
45         
46         } catch (SQLException e) {
47             // TODO Auto-generated catch block
48             e.printStackTrace();
49          }
 50          
51 is          * / 
52          // ----------------------------------------- -------------------------------------------------- -
 53 is          // precompiled statement object herein has three features 
54          / * 1. prevent SQL injection
 55           * 2. simple 
 56           * 3 may be a question mark, act as a place easier (?) 
 57           * 4. statement is only compiled execute more efficiently.
58           * 
 59           * / 
60          Scanner SC1 = new new Scanner (the System.in);
 61 is          System.out.println ( "Please enter your account number:" );
 62 is          int   Sid =    sc1.nextInt ();
 63 is         System.out.println ( "Please enter your password" );
 64-          String pwd = sc1.next ();
 65          // (?) To say hello placeholders 
66          String sqlQuery = "from the SELECT * Student and the WHERE sid =? = pwd "? ;
 67          Connection CON1 =   jdbcTools.getConn ();
 68          the try {
 69              // generate a pre-compiled statement object 
70              the PreparedStatement pSt =   con1.prepareStatement (sqlQuery);
 71 is              // to assign placeholders 
72              pSt.setInt ( . 1 , Sid);
 73 is              pSt.setString (2 , pwd);
 74              //Performing a pre-compiled object 
75              the ResultSet RS2 = pSt.executeQuery ();
 76              IF (rs2.next ()) {
 77                  System.out.println ( "login success" );
 78                  rs2.getString (2 );
 79              } the else {
 80                  System.out.println ( "login failed!" );
 81              }
 82              
83          } the catch (SQLException E) {
 84              e.printStackTrace ();
 85          }
 86          
87      }
 88  
89 }