package com.hspedu.jdbc.myjdbc;
//我们规定的jdbc接口(方法)
public interface JdbcInterface {
//连接
public Object getConnection();
//crud
public void curd();
//关闭连接
public void close();
}
package com.hspedu.jdbc.myjdbc;
//mysql数据库实现了jdbc接口
public class MysqlJdbcImpl implements JdbcInterface{
@Override
public Object getConnection() {
System.out.println("得到mysql的连接");
return null;
}
@Override
public void curd() {
System.out.println("完成MySQL的增删改查");
}
@Override
public void close() {
System.out.println("关闭mysql的连接");
}
}
package com.hspedu.jdbc.myjdbc;
public class TestJDBC {
public static void main(String[] args) {
//完成mysql的操作
JdbcInterface jdbcInterface = new MysqlJdbcImpl();
jdbcInterface.getConnection();//通过接口来调用实现类【动态绑定】
jdbcInterface.curd();
jdbcInterface.close();
}
}
(二)、JDBC带来的好处
(三)JDBC API
二、JDBC快速入门 (一)、JDBC程序编写步骤
(二)JDBC第一个程序
CREATE TABLE actor ( id INT PRIMARY KEY AUTO_INCREMENT, NAME VARCHAr(32) NOT NULL DEFAULT '', sex CHAr(1) NOT NULL DEFAULT '女', borndate DATETIME, phone VARCHAr(12) ); SELECt * FROM actor
package com.hspedu.jdbc;
import com.mysql.jdbc.Driver;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Properties;
//这是第一个JDBC程序,完成简单的操作
public class Jdbc01 {
public static void main(String[] args) throws SQLException {
//前置工作:在项目系创建一个文件及比如libs
//将mysql.jar 拷贝到该目录下,点击add to project ..加入到项目中
//1.注册驱动
//(1) jdbc:mysql://规定好表示协议,通过jdbc的方式连接mysql
//(2) localhost 主机,可以是ip地址
//(3) 3306 表示mysql监听的端口
//(4) hsp_db02 连接到mysql dbms 的哪个数据库
//(5) mysql的连接本质就是socket连接
Driver driver = new Driver();//创建driver对象
//2.得到连接
//(1) jdbc:mysql://规定好表示协议,通过jdbc的方式连接mysql
//(2) localhost 主机,可以是ip地址
//(3) 3306 表示mysql监听的端口
//(4) hsp_db02 连接到mysql dbms 的哪个数据库
//(5) mysql的连接本质就是socket连接
String url = "jdbc:mysql://localhost:3306/hsp_db02";
//将 用户名和密码放入到Properties 对象
Properties properties = new Properties();
//说明 user 和password 是规定好,后面的值根据实际情况写
properties.setProperty("user","root");//用户
properties.setProperty("password", "hsp");//密码
//获取连接
Connection connect = driver.connect(url, properties);
//3.执行sql
String sql = "insert into actor values(null, '刘德华','男','1970-10-11','110')";
//String sql = "update actor set name = '周星驰' where id = 1";
//String sql = "delete form actor where id = 1";
//statement 用于执行静态SQL语句并返回其生成的结果的对象
Statement statement = connect.createStatement();
int rows = statement.executeUpdate(sql);//如果是dml语句,返回的是影响的行数
System.out.println(rows > 0 ? "成功" : "失败");
//4.关闭连接资源
statement.close();
connect.close();
}
}
三、获取数据库连接5种方式
package com.hspedu.jdbc;
import com.mysql.jdbc.Driver;
import org.junit.Test;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Properties;
//分析java连接mysql的5种方式
public class JdbcConn {
@Test
//方式一
public void connect01() throws SQLException {
Driver driver = new Driver();
String url = "jdbc:mysql://localhost:3306/hsp_db02";
//将 用户名和密码放入到Properties 对象
Properties properties = new Properties();
//说明 user 和password 是规定好,后面的值根据实际情况写
properties.setProperty("user","root");//用户
properties.setProperty("password", "hsp");//密码
//获取连接
Connection connect = driver.connect(url, properties);
System.out.println("方式1=" + connect);//方式1=com.mysql.jdbc.JDBC4Connection@68fb2c38
}
//方式二
@Test
public void connect02() throws ClassNotFoundException, IllegalAccessException, InstantiationException, SQLException {
//使用反射加载Driver类,动态加载,更加灵活,减少依赖性
Class aClass = Class.forName("com.mysql.jdbc.Driver");
Driver driver = (Driver)aClass.newInstance();
String url = "jdbc:mysql://localhost:3306/hsp_db02";
//将 用户名和密码放入到Properties 对象
Properties properties = new Properties();
//说明 user 和password 是规定好,后面的值根据实际情况写
properties.setProperty("user","root");//用户
properties.setProperty("password", "hsp");//密码
Connection connect = driver.connect(url, properties);
System.out.println("方式2=" + connect);//方式2=com.mysql.jdbc.JDBC4Connection@68fb2c38
}
//方式3 使用DriverManager 替代 Diver 进行统一管理
@Test
public void connect03() throws ClassNotFoundException, IllegalAccessException, InstantiationException, SQLException {
//使用反射机制Driver
Class aClass = Class.forName("com.mysql.jdbc.Driver");
Driver driver =(Driver) aClass.newInstance();
//创建url 和 password
String url = "jdbc:mysql://localhost:3306/hsp_db02";
String user = "root";
String password = "hsp";
DriverManager.registerDriver(driver);
Connection connection = DriverManager.getConnection(url, user, password);
System.out.println("方式3=" + connection);//方式3=com.mysql.jdbc.JDBC4Connection@567d299b
}
//方式4:使用Class.forName 自动完成组成驱动,简化代码
//这种方式推荐使用
@Test
public void connect04() throws ClassNotFoundException, SQLException {
//使用反射加载了Driver类
//在加载Driver类时,完成注册
Class.forName("com.mysql.jdbc.Driver");
//创建url 和 password
String url = "jdbc:mysql://localhost:3306/hsp_db02";
String user = "root";
String password = "hsp";
Connection connection = DriverManager.getConnection(url, user, password);
System.out.println("第4种方式 " + connection);//第4种方式 com.mysql.jdbc.JDBC4Connection@68fb2c38
}
@Test
//方式5,在方式4的基础上改进,增加配置文件,让连接mysql更加灵活
public void connect05() throws IOException, ClassNotFoundException, SQLException {
//通过Properties对象获取配置文件的信息
Properties properties = new Properties();
properties.load(new FileInputStream("src\mysql.properties"));
//获取相关的值
String user = properties.getProperty("user");
String password = properties.getProperty("password");
String driver = properties.getProperty("driver");
String url = properties.getProperty("url");
Class.forName(driver);//建议写
Connection connection = DriverManager.getConnection(url, user, password);
System.out.println("方式5=" + connection);//方式5=com.mysql.jdbc.JDBC4Connection@68fb2c38
}
}
(一)课堂练习
(二)ResultSet【结果集】
package com.hspedu.jdbc.resultSet_;
import java.io.FileInputStream;
import java.sql.*;
import java.util.Properties;
//演示select 语句返回 ResultSet ,并取出结果
@SuppressWarnings({"all"})
public class ResultSet_ {
public static void main(String[] args) throws Exception {
//通过Properties对象获取配置文件的信息
Properties properties = new Properties();
properties.load(new FileInputStream("src\mysql.properties"));
//获取相关的值
String user = properties.getProperty("user");
String password = properties.getProperty("password");
String driver = properties.getProperty("driver");
String url = properties.getProperty("url");
//1.注册驱动
Class.forName(driver);//建议写
//2.得到连接
Connection connection = DriverManager.getConnection(url,user,password);
//3.得到Statement
Statement statement = connection.createStatement();
//4.组织Sql
String sql = "select id, name, sex, borndate from actor";
//执行给定的SQL语句,该语句返回单个ResultSet对象
ResultSet resultSet = statement.executeQuery(sql);//指向表头
//5.使用while取出数据
while (resultSet.next()) { //让光标向后移,如果没有更多行,则返回false
int id = resultSet.getInt(1);//获取该行的第一列
String name = resultSet.getString(2);//获取该行的第二列
String sex = resultSet.getString(3);
Date date = resultSet.getDate(4);
System.out.println(id + "t" + name + "t" + sex + "t" + date);
}
//6.关闭连接
resultSet.close();
statement.close();
connection.close();
}
}
四、Statement (一)基本介绍1 刘德华 男 1970-10-11
2 刘德华 男 1970-12-12
3 jack 男 1970-11-11
这里是引用
-- 演示SQL注入
-- 创建一张表
CREATE TABLE admin(
NAME VARCHAr(32) NOT NULL UNIQUE,
pwd VARCHAr(32) NOT NULL DEFAULT '')CHARACTER SET utf8;
INSERT INTO admin VALUES('tom', '123');
SELECt * FROM admin
WHERe NAME = 'tom' AND pwd = '123'
-- SQL
-- 输入用户名 为 1' or
-- 输入密码 为 or '1' = '1'
SELECt *
FROM admin
WHERe NAME = '1' OR' and pwd = 'OR '1' = '1'
package com.hspedu.jdbc.statement_;
import java.io.FileInputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.Properties;
import java.util.Scanner;
//演示statement 的注入问题
@SuppressWarnings({"all"})
public class Statement_ {
public static void main(String[] args) throws Exception {
Scanner scanner = new Scanner(System.in);
//让用户输入管理员名和密码
System.out.print("请输入管理员的名字:");
//next():当接收到空格或者’(单引号)就是表示结束
//如果希望看到SQL注入,这里需要nextLine()
String admin_name = scanner.nextLine();
System.out.print("请输入管理员的密码:");
String admin_pwd = scanner.nextLine();
//通过Properties对象获取配置文件的信息
Properties properties = new Properties();
properties.load(new FileInputStream("src\mysql.properties"));
//获取相关的值
String user = properties.getProperty("user");
String password = properties.getProperty("password");
String driver = properties.getProperty("driver");
String url = properties.getProperty("url");
//1.注册驱动
Class.forName(driver);//建议写
//2.得到连接
Connection connection = DriverManager.getConnection(url,user,password);
//3.得到Statement
Statement statement = connection.createStatement();
//4.组织Sql
String sql = "select name, pwd from admin where name = '" +
admin_name + "' and pwd = ' "+ admin_pwd + "'" ;
ResultSet resultSet = statement.executeQuery(sql);
if(resultSet.next()) { //如果查询到一条记录,则说明该管理存在
System.out.println("恭喜, 登录成功");
} else {
System.out.println("对不起,登录失败");
}
//关闭连接
resultSet.close();
statement.close();
connection.close();
}
}
五、PreparedStatement
(一)基本介绍
(二)预处理好处
package com.hspedu.jdbc.preparedstatement_;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.sql.*;
import java.util.Properties;
import java.util.Scanner;
//演示PreparedStatement
@SuppressWarnings({"all"})
public class PreparedStatement_ {
public static void main(String[] args) throws Exception {
Scanner scanner = new Scanner(System.in);
//让用户输入管理员名和密码
System.out.print("请输入管理员的名字:");
//next():当接收到空格或者’(单引号)就是表示结束
//如果希望看到SQL注入,这里需要nextLine()
String admin_name = scanner.nextLine();
System.out.print("请输入管理员的密码:");
String admin_pwd = scanner.nextLine();
//通过Properties对象获取配置文件的信息
Properties properties = new Properties();
properties.load(new FileInputStream("src\mysql.properties"));
//获取相关的值
String user = properties.getProperty("user");
String password = properties.getProperty("password");
String driver = properties.getProperty("driver");
String url = properties.getProperty("url");
//1.注册驱动
Class.forName(driver);//建议写
//2.得到连接
Connection connection = DriverManager.getConnection(url,user,password);
//3.得到PreparedStatement
//3.1.组织Sql, SQL 语句的?相当于占位符
String sql = "select name , pwd from admin where name = ? and pwd = ?";
//3.2preparedStatement 对象实现了 PreparedStatement 接口的实现类的对象
PreparedStatement preparedStatement = connection.prepareStatement(sql);
//3.3 给? 赋值占位符
preparedStatement.setString(1, admin_name);
preparedStatement.setString(2, admin_pwd);
//4.执行select 语句使用 executeQuery
//如果执行的是dml(update, insert, delete) executeUpdte()
//这里执行executeQuery,不要写sql
ResultSet resultSet = preparedStatement.executeQuery();
if(resultSet.next()) { //如果查询到一条记录,则说明该管理存在
System.out.println("恭喜, 登录成功");
} else {
System.out.println("对不起,登录失败");
}
//关闭连接
resultSet.close();
preparedStatement.close();
connection.close();
}
}
