一、JDBC基本概念
概念:Java DataBase Connectivity
- JDBC是Java DataBase Connectivity的縮寫,Java數據庫連接,也就是Java語言操作數據庫。
- JDBC的本質:是sun公司定義的一套操作所有關係型數據庫的規則,即接口。各個數據庫廠商去實現這套藉口提供數據庫驅動jar包。我們可以使用這套接口(JDBC)編程,真正執行的代碼是jar包當中的實現類。
二、快速入門
步驟
1、導入驅動jar包
- 在項目當中創建libs目錄,並將mysql-connector-java-5.1.48-bin.jar文件複製到libs目錄下
- 右鍵libs文件夾,選擇add as library
2、註冊驅動
Class.forName("com.mysql.jdbc.Driver"); //調用靜態代碼塊
3、 獲取數據庫連接對象 Connection
/**
*url:指明數據庫的名稱
*user:用戶名
*password:密碼
*/
Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/city", "root", "root");
4、定義sql
//同sql語句
String sql = "UPDATE employee SET age = 22 WHERE NAME = '張三'";
5、 獲取執行sql語句的對象 statement
Statement statement = connection.createStatement();
6、 執行sql,接收返回結果
//結果是整型
int count = statement.executeUpdate(sql);
7、 處理結果
//僅僅是代表一個步驟,實際上不是光打印count這麼簡單
System.out.println(count);
8、 釋放資源
//close()方法釋放資源
statement.close();
connection.close();
整體代碼段
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
public class JDBCDemo {
public static void main(String[] args) throws Exception {
// 1.導入驅動jar包 mysql-connector-java-5.1.48-bin.jar
// 2.註冊驅動
Class.forName("com.mysql.jdbc.Driver");
// 3.獲取數據庫連接對象
Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/city", "root", "cjd510510");
// 4.定義sql語句
String sql = "UPDATE employee SET age = 22 WHERE NAME = '張三'";
// 5.獲取執行sql的對象
Statement statement = connection.createStatement();
// 6.執行sql
int count = statement.executeUpdate(sql);
// 7.處理結果
System.out.println(count);
// 8.釋放資源
statement.close();
connection.close();
}
}
三、對JDBC中各個接口和類的詳細解析
DriverManager:驅動管理對象
1、註冊驅動
// DriverManager當中的註冊驅動的方法
public static synchronized void registerDriver(java.sql.Driver driver)
throws SQLException {
registerDriver(driver, null);
}
// 在com.mysql.jdbc.Driver類當中存在靜態代碼塊
// 靜態塊當中的代碼將會調用DriverManager的registerDriver方法
public class Driver extends NonRegisteringDriver implements java.sql.Driver {
public Driver() throws SQLException {
}
static {
try {
DriverManager.registerDriver(new Driver());
} catch (SQLException var1) {
throw new RuntimeException("Can't register driver!");
}
}
}
2、獲取數據庫連接
/**
*url:指定連接的路徑
*jdbc:mysql://ip地址(域名):端口號/數據庫名稱
*user:用戶名
*password:密碼
*/
public static Connection getConnection(String url, String user, String password)
throws SQLException {}
Connection:數據庫連接對象
/**
*功能:獲取執行sql語句的對象
*createStatement()
*preparedStatement()
*=============================
*功能:管理實務
*開啓事務:setAutoCommit(boolean autoCommit)
*autoCommit=false->開啓事務
*提交事務:commit()
*回滾事務:rollback()
*/
Statement createStatement() throws SQLException;
PreparedStatement prepareStatement(String sql) throws SQLException;
void setAutoCommit(boolean autoCommit) throws SQLException;
void commit() throws SQLException;
void rollback() throws SQLException;
Statement:執行sql對象
/**
*功能:執行靜態sql語句並返回其生成的結果對象
*執行任意sql語句:execute(String sql)
*執行DDL,DML語句:executeUpdate(String sql)
*return->影響的行數
*執行DQL語句:executeQuery(String sql)
*return->ResultSet
*/
boolean execute(String sql) throws SQLException;
int executeUpdate(String sql) throws SQLException;
ResultSet executeQuery(String sql) throws SQLException;
- 實例練習
import java.sql.*;
public class JDBCDemo {
public static void main(String[] args) {
Connection connection = null;
Statement statement = null;
try {
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/city","root", "root");
statement = connection.createStatement();
String insertSQL = "INSERT INTO STUDENT (ID, NAME, AGE, SEX, ADDRESS, MATH, ENGLISH) VALUES (9, '陳', 20, '男', '山東', 100, 99)";
String updateSQL = "UPDATE STUDENT SET ENGLISH = 100 WHERE NAME = '陳'";
String deleteSQL = "DELETE FROM STUDENT WHERE NAME = '馬德'";
System.out.println(statement.executeUpdate(insertSQL));
System.out.println(statement.executeUpdate(updateSQL));
System.out.println(statement.executeUpdate(deleteSQL));
} catch (ClassNotFoundException | SQLException e) {
e.printStackTrace();
} finally {
if(statement != null) {
try {
statement.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(connection != null) {
try {
connection.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
}
ResultSet:結果集對象
/**
*遊標向下移動一行:next()
*獲取數據:getXxx(),只能一行按列獲取
*獲取某一列的數據:getXxx(int columnIndex),getXxx(String columnLabel)
*columnIndex從1開始
*/
boolean next() throws SQLException;
double getDouble(String columnLabel) throws SQLException;
int getInt(int columnIndex) throws SQLException;
- 簡單實例練習
import java.sql.*;
public class JDBCDemo {
public static void main(String[] args) {
Connection connection = null;
Statement statement = null;
ResultSet resultSet = null;
try {
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/city","root", "cjd510510");
statement = connection.createStatement();
String querySQL = "SELECT * FROM STUDENT WHERE NAME LIKE '___'";
resultSet = statement.executeQuery(querySQL);
System.out.println("id name age sex address math english");
while(resultSet.next()) {
int id = resultSet.getInt(1);
String name = resultSet.getString(2);
int age = resultSet.getInt(3);
String sex = resultSet.getString(4);
String address = resultSet.getString(5);
int math = resultSet.getInt(6);
int english = resultSet.getInt(7);
System.out.println(" " + id + " " + name + " " + age + " " + sex + " " + address + " " + math + " " + english);
}
} catch (ClassNotFoundException | SQLException e) {
e.printStackTrace();
} finally {
if(statement != null) {
try {
statement.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(resultSet != null) {
try {
resultSet.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(connection != null) {
try {
connection.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
}
PreparedStatement:執行sql對象(後期全部使用該類來完成增刪改查的所有操作)
sql注入問題
在拼接sql時有一些sql特殊關鍵字參與字符串的拼接,造成安全性的問題
使用PreparedStatement類解決sql注入問題
/*
* 預編譯SQL:參數作爲佔位符
* 步驟:
* 1.在定義sql時參數使用佔位符
* "select * from ? where name = ?"
* 2.給佔位符賦值
* setXxx(int parameterIndex, typedef x)
* parameterIndex:問號的位置
* typedef:數據類型
* 3.執行sql語句
* executeUpdate(),executeQuery()
*/
import java.sql.*;
import java.util.Scanner;
public class JDBCDemo {
public static void main(String[] args) {
Scanner scanner = new Scanner(System.in);
Connection connection = JDBCUtil.getConnection();
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
try {
String sql = "SELECT password FROM users WHERE name = ?";
preparedStatement = connection.prepareStatement(sql);
String user, password;
while(scanner.hasNext()) {
user = scanner.next();
password = scanner.next();
preparedStatement.setString(1, user);
resultSet = preparedStatement.executeQuery();
if(!resultSet.next()) {
System.out.println("賬號不存在!");
continue;
}
if(password.trim().equals(resultSet.getString("password").trim())) {
System.out.println("登陸成功!");
} else {
System.out.println("登陸失敗!");
}
}
} catch (SQLException e) {
e.printStackTrace();
}
JDBCUtil.close(connection, preparedStatement, resultSet);
scanner.close();
}
}