在千锋“逆战”学习第42天
每日一句:编程中我们会遇到多少挫折?表放弃,沙漠尽头必是绿洲。
今天学习了jdbc中的ResultSet结果集,常见错误,SQL注入问题和PreparedStatement接口。
明天继续努力。
银行数据系统
public class TestMain {
public static void main(String[] args) {
AccountSystem as = new AccountSystem();
Scanner scanner = new Scanner(System.in);
System.out.println("-----欢迎来到银行系统-----");
int choice = 0;
do{
System.out.println("1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出");
System.out.println("请选择");
choice = scanner.nextInt();
switch (choice){
case 1:
as.regiter();
break;
case 2:
as.saveMoney();
break;
case 3:
as.takeMoney();
break;
case 4:
as.transferAccount();
break;
case 5:
as.alterPassword();
break;
case 6:
as.delete();
break;
case 0:
as.closeConnection();
return;
}
}while(choice!=0);
}
}
public class AccountSystem {
Scanner scanner = new Scanner(System.in);
private static Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
static {
//重复的操作,就触发一次加载!
try {
//1. 加载驱动
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/account?useUnicode=true&characterEncoding=utf8", "root", "123456");
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
}
//开户
public void regiter() {
System.out.print("卡号:");
String cardId = scanner.next();
System.out.print("密码:");
String password = scanner.next();
System.out.print("用户名:");
String username = scanner.next();
System.out.print("存款金额:");
double balance = scanner.nextDouble();
System.out.print("手机号码:");
String phone = scanner.next();
try {
//3.创建PreparedStatement
String sql = "insert into t_account(cardId,password,username,balance,phone) values (?,?,?,?,?)";
preparedStatement = connection.prepareStatement(sql);
//4.为占位符赋值
preparedStatement.setString(1, cardId);
preparedStatement.setString(2, password);
preparedStatement.setString(3, username);
preparedStatement.setDouble(4, balance);
preparedStatement.setString(5, phone);
//5.执行SQL语句
int i = preparedStatement.executeUpdate();
//6.处理结果
if (i > 0) {
System.out.println("开户成功!");
} else {
System.out.println("开户失败!");
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
//存款
public void saveMoney() {
System.out.print("请输入卡号:");
String cardId = scanner.next();
System.out.print("请输入密码:");
String password = scanner.next();
System.out.print("请输入存款金额");
double money = scanner.nextDouble();
if (money > 0) {
//存款操作
String sql = "update t_account set balance = balance + ? where cardId=? and password=?";
try {
//预编译
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setDouble(1, money);
preparedStatement.setString(2, cardId);
preparedStatement.setString(3, password);
//执行 接收返回结果
int i = preparedStatement.executeUpdate();
if (i > 0) {
System.out.println("存款成功!");
} else {
System.out.println("存款失败!请核对用户名或密码!");
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
} else {
System.out.println("您输入的金额不正确!");
}
}
//取款
public void takeMoney() {
System.out.print("卡号:");
String cardId = scanner.next();
System.out.print("密码:");
String password = scanner.next();
System.out.print("取款金额");
double money = scanner.nextDouble();
if (money > 0) {
//取款操作
//1.先查询cardId和password对应的数据,余额
String sql = "select balance from t_account where cardId=? and password= ?";
try {
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, cardId);
preparedStatement.setString(2, password);
resultSet = preparedStatement.executeQuery();
if (resultSet.next()) {//得到的是单行单列的数据
double balance = resultSet.getDouble(1);
if (money <= balance) {
//取款操作!
String sql2 = "update t_account set balance = balance - ? where cardId=? and password= ?";
preparedStatement = connection.prepareStatement(sql2);
preparedStatement.setDouble(1, money);
preparedStatement.setString(2, cardId);
preparedStatement.setString(3, password);
int i = preparedStatement.executeUpdate();
if (i > 0) {
System.out.println("取款成功!");
}
} else {
System.out.println("余额不足!");
}
} else {
System.out.println("请核实用户名或密码!");
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
} else {
System.out.println("金额不正确!");
}
}
//转账
public void transferAccount() {
System.out.print("卡号:");
String cardId1 = scanner.next();
System.out.print("密码:");
String password = scanner.next();
System.out.print("转账金额:");
Double money = scanner.nextDouble();
System.out.print("被转账人卡号:");
String cardId2 = scanner.next();
if (money > 0) {
String sql1 = "select balance from t_account where cardId=? and password= ?";
try {
preparedStatement = connection.prepareStatement(sql1);
preparedStatement.setString(1, cardId1);
preparedStatement.setString(2, password);
resultSet = preparedStatement.executeQuery();
if (resultSet.next()) {
double balance = resultSet.getDouble(1);
if (money <= balance) {
//转账操作
String sql2 = "update t_account set balance = balance - ? where cardId=? and password= ?";
preparedStatement = connection.prepareStatement(sql2);
preparedStatement.setDouble(1, money);
preparedStatement.setString(2, cardId1);
preparedStatement.setString(3, password);
int i1 = preparedStatement.executeUpdate();
//收款操作
String sql3 = "update t_account set balance = balance + ? where cardId = ?";
preparedStatement = connection.prepareStatement(sql3);
preparedStatement.setDouble(1, money);
preparedStatement.setString(2, cardId2);
int i2 = preparedStatement.executeUpdate();
if (i1 > 0 && i2 > 0) {
System.out.println("转账成功");
}
} else {
System.out.println("余额不足,转账失败!");
}
} else {
System.out.println("请核实用户名或密码!");
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
} else {
System.out.println("输入金额错误");
}
}
//修改密码
public void alterPassword() {
System.out.print("卡号:");
String cardId = scanner.next();
System.out.print("密码:");
String password = scanner.next();
System.out.print("新密码:");
String newPassword = scanner.next();
String sql = "update t_account set password = ? where cardId = ?";
try {
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, newPassword);
preparedStatement.setString(2, cardId);
int i = preparedStatement.executeUpdate();
if (i > 0) {
System.out.println("修改成功");
} else {
System.out.println("修改失败");
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
//注销
public void delete() {
System.out.print("注销卡号:");
String cardId = scanner.next();
System.out.print("密码:");
String password = scanner.next();
String sql = "delete from t_account where cardId = ? and password = ?";
try {
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, cardId);
preparedStatement.setString(2, password);
int i = preparedStatement.executeUpdate();
if (i > 0) {
System.out.println("注销成功!");
} else {
System.out.println("注销失败!");
}
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (resultSet != null) {
resultSet.close();
}
if (preparedStatement != null) {
preparedStatement.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
//只服务关闭!
public void closeConnection() {
try {
if (connection != null) {
connection.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
运行结果:
-----欢迎来到银行系统-----
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
1
卡号:202003302130
密码:123456
用户名:barry
存款金额:8000
手机号码:13947581632
开户成功!
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
2
请输入卡号:202003302130
请输入密码:123456
请输入存款金额2000
存款成功!
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
3
卡号:202003302130
密码:123456
取款金额4000
取款成功!
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
4
卡号:202003302050
密码:123456
转账金额:5000
被转账人卡号:202003302130
转账成功
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
5
卡号:202003302130
密码:123456
新密码:1234
修改成功
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
6
注销卡号:202003302130
密码:1234
注销成功!
1、开户 2、存款 3、取款 4、转账 5、修改密码 6、注销 0、退出
请选择
0