JDBC concepts:
Java database connection, (Java Database Connectivity referred JDBC) Java language is used to regulate how a client program to access the application interface to the database.
Connection in MySQL database: jdbc: MySQL: // localhost: 3306 / database name to true & characterEncoding = = useUnicode & serverTimezone = UTF8 & useSSL GMT% 2B8 = false "? ;
Load the database driver :
// 1, load the driver Class.forName ( "com.mysql.cj.jdbc.Driver");
If you load a SQL server: Class.forName ( "com.microsoft.jdbc.sqlserver.SQLServerDriver");
To establish a connection :
Database URL : URL for location identification database, which database programmers tell JDBC connection program through a URL address.
URL is written: " jdbc: MySQL: // localhost:? 3306 / database name parameter name = parameter value ..."
URL address common database wording:
The Oracle : jdbc: the Oracle: Thin: @localhost: 2521: database name
SqlServer : jdbc: in the Microsoft: sqlserver: // localhost: 1433; DatabaseName = database name
MySQL : jdbc: MySQL: // localhost: 3306 / database name
Connection:
jdbc Connection program, which is used to link the database on behalf of, Collection is one of the most important objects in the database programming, database client and all interactions are done through the Connection object.
创建方法:Connection conn = DriverManager.getConnection( URL,User,PassWord );
Common methods:
● the createStatement () ; create sql statement sent to the database objects
● prepareStatement (sql) ; send PrepareStatement create precompiled sql objects to the database
● prepareCall (SQL) ; create stored procedure execution callableStatement objects
● setAutoCommit (boolean autoCommit) ; Set whether to automatically submit the transaction
● the commit () ; commit the transaction on the link
● ROLLBACK () ; roll back the transaction on this link
String url = "jdbc.mysql: // localhost : 3306 / database name" ; Username String = "username" ; Password String = "User Password" ; Conn Connection = null ; // 2, acquires link database conn = DriverManager.getConnection (url, username, password);
Execute SQL statements :
Of Statement : Object of Statement jdbc program for sending SQL statements to the database.
Creation Method: of Statement ST = conn.createdStatement () ;
Common methods:
● executeQuery (String sql); for sending a query to the database
● executeUpdate (String sql); database for transmitting to insert, update or delete statement
● execute (String sql); for transmitting any statement to the database
● addBatch (String sql); sending multiple SQL statements into a batch
● executeBatch (); sending a group of SQL statements to the database execute.
ST = the Statement null ; // . 3, for transmitting the acquired SQL statement to the database the Statement ST = conn.createdStatement (); // . 4, sent to the SQL database String sql = "select id,name,password,email,birthday from users st.executeQuery();
PreparedStatement : This class is a subclass of Statement Objects
Creation Method: PreparedStatement ST = conn.preparedStatement () ;
preparedStatement st = null; SQL String = "? The SELECT * from the User password and the WHERE name = =?" ; // 3, get used to send SQL statements to the database preparedStatement ST = conn.preparedStatement (SQL); // incoming SQL statements, pre compiling st.setString (. 1 , username); st.setString ( 2 , password); // 4, sent to the database SQL st.executeQuery (); // here goes the incoming SQL statement
Statement and PreparedStatement difference :
With respect to the problem in terms of PreparedStatement Statement object to avoid SQL injection .
如:String sql = "select * from admin where loginname=' "+loginName+" ' and loginpwd=' "+loginPwd+" ' ";
In the application:
- "please enter account:
333
- "Please enter your password:
wer'or'1'='1
Transmission actually: the SELECT * from the WHERE ADMIN the LoginName = '333' and loginpwd = ' wer'or'1' = '1 ', the login is successful!
Statement makes frequent database compiled SQL, the database may cause a buffer overflow. PreparedStatement for SQL can be precompiled to improve the efficiency of the database.
And PreparedStatement for SQL parameters, allowing only alternative form placeholders, simplifies the preparation of the SQL statement.
Getting Results :
jdbc ResultSet program for Sql statement on behalf of the implementation of the results. When the execution result ResultSet package, in a manner similar form employed, ResultSet object maintains a pointer to the cursor line data table, the initial time, the cursor calls the ResultSet.next () method before the first line, that the cursor may point to a particular data lines, call method to get the data of the line.
Gets the line : ResultSet provides a method for the result set rolling
● next (); move to the next line
● Previous (); moved to the front row
● absolute (int row); to a specific line
● beforeFirst (); ResultSet moved to the foremost
● afterLast (); ResultSet moved to the rearmost
Get Value : the ResultSet Since the execution result for packaging, so that the object is to provide a method for acquiring data get
● get any type of data:
getObject(int index);
getObject(String columnName);
● Gets the specified types of data:
getString(int index);
getString(String columnName);
Rs = ResultSet null ; // 4, sent to the SQL database, and get the representative of the result set ResultSet String SQL = "the SELECT the above mentioned id, name, password, Email, Birthday from the Users" ; rs = st.executeQuery(sql); // 5, the result set of data taken rs.afterLast (); rs.previous(); System.out.println("id=" + rs.getObject("id")); System.out.println("name=" + rs.getObject("name")); System.out.println("password=" + rs.getObject("password")); System.out.println("email=" + rs.getObject("email")); System.out.println ( "Birthday =" + rs.getObject ( "Birthday" )); // or remove all cycles ID the while (rs.next ()) { The above mentioned id String = rs.getString (1); // number of columns in Table 1 represent the database, id in the first column may be ( "id")! ! ! System.out.println ( "ID =" + ID); }