数据库建立连接
public class Demo01 {
public static void main(String[] args) {
Connection conn = null;
try {
Class.forName("com.mysql.jdbc.Driver");
long start = System.currentTimeMillis();
conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/testjdbc?useUnicode=true&characterEncoding=UTF-8", "root", "root");
long end = System.currentTimeMillis();
System.out.println(conn);
System.out.println("建立连接,耗时:" + (end - start) + "ms毫秒");
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
Statement接口的用法,执行SQL语句,以及SQL注入问题
public class Demo02 {
public static void main(String[] args) {
Connection conn = null;
Statement stmt = null ;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/testjdbc?useUnicode=true&characterEncoding=UTF-8", "root", "root");
stmt = conn.createStatement();
String id = "5 or 1=1 ";
String sql = "delete from t_user where id=" + id;
stmt.execute(sql);
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (stmt != null) {
stmt.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
PreparedStatement的基本用法
public class Demo03 {
public static void main(String[] args) {
Connection conn = null;
PreparedStatement ps = null;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/testjdbc?useUnicode=true&characterEncoding=UTF-8", "root", "root");
String sql = "insert into t_user (username,pwd) values (?,?)";
ps = conn.prepareStatement(sql);
ps.setString(1, "林伟茂6");
ps.setString(2, "123456");
System.out.println("插入一行记录");
ps.execute();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (ps != null) {
ps.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
public class Demo03_1 {
public static void main(String[] args) {
Connection conn = null;
PreparedStatement ps = null;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/testjdbc?useUnicode=true&characterEncoding=UTF-8", "root", "root");
String sql = "insert into t_user (username,pwd,regTime) values (?,?,?)";
ps = conn.prepareStatement(sql);
ps.setObject(1, "林伟茂2");
ps.setObject(2, 123);
ps.setObject(3, new java.sql.Date(System.currentTimeMillis()));
System.out.println("插入一行记录");
ps.execute();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}finally {
try {
if (ps != null) {
ps.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
public class Demo03_2 {
public static void main(String[] args) {
Connection conn = null;
PreparedStatement ps = null;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/testjdbc?useUnicode=true&characterEncoding=UTF-8", "root", "root");
String sql = "insert into t_user (username,pwd,regTime) values (?,?,?)";
ps = conn.prepareStatement(sql);
ps.setObject(1, "林伟茂2");
ps.setObject(2, 123);
ps.setObject(3, new java.sql.Date(System.currentTimeMillis()));
System.out.println("插入一行记录");
int count = ps.executeUpdate();
System.out.println(count);
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
} finally {
try {
if (ps != null) {
ps.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
ResultSet结果集的基本用法
public class Demo04 {
public static void main(String[] args) {
Connection conn = null;
PreparedStatement ps = null;
ResultSet rs = null;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/testjdbc?useUnicode=true&characterEncoding=UTF-8", "root", "root");
String sql = "select id,username,pwd from t_user where id > ?";
ps = conn.prepareStatement(sql);
ps.setObject(1, 2);
rs = ps.executeQuery();
while(rs.next()) {
System.out.println(rs.getInt(1)+"-----"+rs.getString(2)+"-----"+rs.getString(3));
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}finally {
try {
if (rs != null) {
rs.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (ps != null) {
ps.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (conn != null) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}