当前位置:网站首页>Getting started with JDBC \ getting a database connection \ using Preparedstatement
Getting started with JDBC \ getting a database connection \ using Preparedstatement
2022-04-23 05:45:00 【@A Qing】
Catalog

 
One 、jdbc summary
JDBC(Java DataBase Connectivity) yes Java And a bridge between databases , It's a norm , Not an implementation , Be able to execute SQL sentence . It's used by a group Java Language written classes and interfaces . Different types of databases have corresponding implementations , The code in this article is all about MySQL Database implementation .
-  1.1 JDBC The essence : 
 Actually, it's official (sun company ) A set of rules defined to operate all relational databases , Interface . Each database manufacturer to implement this set of interface , Provide database driver jar package . We can use this interface (JDBC) Programming , The code that actually executes is the driver jar The implementation class in the package .
  
-  1.2 Data persistence - Persistence (persistence): Save data to a power down storage device for later use . Most of the time , Especially for enterprise applications , Data persistence means Save the data in memory to the hard disk On top of that ” curing ”, And persistence has been realized Most processes are completed through various relational databases .
- The main application of persistence is to store the data in memory in relational database , Of course, it can also be stored in disk files 、XML In the data file .
 
Two 、 Get database connection
2.1、 Element 1 :Driver Interface implementation class
2.1.1、Driver The interface is introduced
-  java.sql.Driver Interfaces are all DBUtils The interface that the driver needs to implement . This interface is provided for database vendors , Different database vendors provide different implementations . 
-  There is no need to access the implementation directly in the program Driver The class of the interface , Instead, the driver manager class (java.sql.DriverManager) To call these Driver Realization . 
 -Oracle The driver :oracle.jdbc.driver.OracleDriver
 -mySql The driver :com.mysql.jdbc.Driver
-  Put the above jar Package copy to Java In a directory of projects , It's customary to build a new one lib Folder , Different idea There are different operations . 
2.1.2、 Load and register DBUtils drive
-  The load driver : load  DBUtils  The driver needs to call  Class  Class static methods forName(), Pass it the... To be loaded  DBUtils  The class name of the driver 
 Class.forName(“com.mysql.jdbc.Driver”);// hold mysql Class loaded into memory , You can operate it
-  Registration drive :DriverManager  Class is the driver manager class , Responsible for managing drivers  
   -  Use 
 DriverManager.registerDriver(com.mysql.jdbc.Driver)
 To register the driver ;//
- You don't usually call DriverManager Class registerDriver() Method to register an instance of a driver class , because Driver Interface driver classes contain static code blocks , In this static block of code , Would call DriverManager.registerDriver() Method to register an instance of itself .
 
-  Use 
2.2、 Element 2 :URL
-  URL: Uniform Resource Locator, Uniform resource locator 
 URL It's made up of three parts : The resource type 、 Host domain name where resources are stored 、 Resource file name .
 It can also be said that 4 Part of it is made up of : agreement 、 host 、 port 、 route
 URL The general syntax of is :
 ( Square bracket [] Of is optional ):
 protocol :// hostname[:port] / path / [;parameters][?query]#fragment
-  DBUtils URL Used to identify a registered driver , Driver manager through this URL Choose the right driver , To establish a connection to the database . 
-  DBUtils URL There are three parts to the standard , The parts are separated by colons . - jdbc: Sub protocol : Child name
- agreement :DBUtils URL The agreement in is always jdbc
- Sub protocol : The sub protocol is used to identify a database driver
- Child name : A method of identifying database . Sub names can be changed according to different sub protocols , The purpose of using subnames is to locate the database and provide enough information . Contains the host name ( Corresponding to the server ip Address ), Port number , Database name
 
-  Of several commonly used databases DBUtils URL - MySQL The connection of URL Compiling mode : 
     - jdbc:mysql:// Host name :mysql Service port number / Database name ? ginseng Count = value & Parameters = value
- jdbc:mysql://localhost:3306/xinzhi jdbc:mysql://localhost:3306/xinzhi?
- useUnicode=true&characterEncoding=utf8( If the program is inconsistent with the character set on the server side , It will lead to confusion , Then you can specify the server-side character set through parameters )
- 8.0 after You must add &useSSL=false&serverTimezone=UTC", MySQL In the higher version, you need to indicate if you want to SSL even ( Authentication and encryption ), serverTimezone=Asia/Shanghai Use UTC( Universal time ) It's eight hours short of China's time
 
 
- MySQL The connection of URL Compiling mode : 
     
https://blog.csdn.net/wfanking/article/details/95504879
-  Oracle The connection of URL Compiling mode : - jdbc:oracle:thin:@ Host name :oracle Service port number : Database name
- jdbc:oracle:thin:@localhost:1521:xinzhi
 
-  SQLServer The connection of URL Compiling mode : - jdbc:sqlserver:// Host name :sqlserver Service port number :DatabaseName= Database name
- jdbc:sqlserver://localhost:1433:DatabaseName=xinzhi
 
2.3、 Element three : User name and password
-  user,password It can be used “ Property name = Property value ” How to tell the database 
-  You can call DriverManager Class getConnection() Method to establish a connection to the database 
2.4、 Database connection example
package com.xinzhi;
import org.junit.Test;
import java.io.InputStream; 
import java.sql.Connection; 
import java.sql.Driver;
import java.sql.DriverManager; 
import java.util.Properties;
/** * @author lzq * @date 2021/8/3 **/
public class TestUser {
    
	@Test
	public void testConnection1() throws Exception{
    
	//1. Database connection 4 Basic elements : 
	String url = "jdbc:mysql://127.0.0.1:3306/test?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai";
	String user = "root"; 
	String password = "root";
	//8.0 Then the name changed  com.mysql.cj.jdbc.Driver
	String driverName = "com.mysql.jdbc.Driver";
	//2. Instantiation Driver
	Class clazz = Class.forName(driverName);
	Driver driver = (Driver) clazz.newInstance();
	//3. Registration drive 
	DriverManager.registerDriver(driver);
	//4. Get the connection Connection conn =
	DriverManager.getConnection(url, user, password); 
	System.out.println(conn);
}
@Test
public void testConnection2() throws Exception{
    
	//1. Database connection 4 Basic elements : 
	String url = "jdbc:mysql://101.200.48.99:3306/kflb?useUnicode=true&characterEncoding=utf8&useSSL=false& serverTimezone=Asia/Shanghai";
	String user = "root"; 
	String password = "root";
	String driverName = "com.mysql.jdbc.Driver";
	//2. The load driver  (① Instantiation Driver ② Registration drive )
	Class.forName(driverName);
	//3. Get the connection Connection conn =
	DriverManager.getConnection(url, user, password); 
	System.out.println(conn);
}
@Test
public void testConnection3() throws Exception{
    
	//1. Database connection 4 Basic elements :
	String url = "jdbc:mysql://101.200.48.99:3306/test? useUnicode=true&characterEncoding=utf8&useSSL=false& serverTimezone=Asia/Shanghai";
	String user = "root"; 
	String password = "root";
	String driverName = "com.mysql.jdbc.Driver";
	//3. Get the connection Connection conn =
	DriverManager.getConnection(url, user, password); System.out.println(conn);
}
@Test
public void testConnection4() throws Exception{
    
	//1. Database connection 4 Basic elements : 
	InputStream in = TestUser.class.getClassLoader().getResourceAsStream( "jdbc.config");
	Properties properties = new Properties(); 
	properties.load(in);
	String url = properties.getProperty("url"); 
	String user = properties.getProperty("user"); 
	String password = properties.getProperty("password"); 
	String driverName = properties.getProperty("driverName");
	//2. The load driver  (① Instantiation Driver ② Registration drive )
	Class.forName(driverName);
	//3. Get the connection 
	Connection conn = DriverManager.getConnection(url, user, password);
	System.out.println(conn);
}
 Method 4 explain : Save configuration information in the form of a configuration file , Load the configuration file in the code 
 
  The benefits of using profiles :
 ① The separation of code and data is realized , If you need to modify the configuration information , Modify directly in the configuration file , There's no need to drill down into the code 
 ② If the configuration information is modified , Save the process of recompiling .
3、 ... and 、 Use PreparedStatement
3.1、 Operate and access the database
- Database connections are used to send commands and SQL sentence , And accept the results returned by the database server . In fact, a database connection is a Socket Connect .
-  stay  java.sql  There is... In the bag  3  Each interface defines different ways to call the database : 
   - Statement: For execution static SQL Statement and returns the object for which it generated the result .
- PrepatedStatement:SQL Statements are precompiled and stored in this object , You can use this object to efficiently execute the statement multiple times .
- CallableStatement: Used to perform SQL stored procedure ( Don't learn , Interested in studying by yourself , But you have to learn stored procedures first )
 
3.2、 Use Statement Disadvantages of operating data tables
- By calling Connection Object's createStatement() Method to create the object . This object is used to perform static SQL sentence , And return the execution result .
- Statement The following methods are defined in the interface to execute SQL sentence :
int excuteUpdate(String sql): Perform an update operation INSERT、UPDATE、DELETE
ResultSet executeQuery(String sql): Perform query operation SELECT
-  But use Statement There are drawbacks in the operation data table : - Question 1 : There are string operations , tedious
- Question two : There is SQL Injection problem
 
-  SQL Inject It is the use of some systems that do not fully check the data entered by the user , And injecting illegal SQL A statement or command ( Such as :SELECT user, password FROM user_table WHERE user=‘a’ OR 1 = ’ AND password = ’ OR ‘1’ = ‘1’) , So as to make use of the SQL How the engine accomplishes malicious behavior . 
-  about Java for , Guard against SQL Inject , Just use PreparedStatement( from Statement Extended ) replace Statement That's all right. . 
3.2.1、 Experience adding, deleting and changing code
The way 1: Normal mode
public static void main(String[] args) throws Exception {
    
	//1. Database connection 4 Basic elements :
	String url = "jdbc:mysql://101.200.48.99:3306/test? useUnicode=true&characterEncoding=utf8&useSSL=false& serverTimezone=Asia/Shanghai";
	String user = "root"; 
	String password = "root";
	String driverName = "com.mysql.jdbc.Driver";
	String sql = "insert into user values(1,'zn',12)";
	//2. Instantiation Driver
	Class clazz = Class.forName(driverName);
	Driver driver = (Driver) clazz.newInstance();
	//3. Registration drive 
	DriverManager.registerDriver(driver);
	//4. Get the connection Connection conn =
	DriverManager.getConnection(url, user, password);
	Statement statement = conn.createStatement(); 
	statement.execute(sql);
}
The way 2: Use tool class And combining configuration files ( See the source code )
public class JdbcUtil {
    
    public static Connection getConnection() {
    
        Connection conn = null;
        try{
    
            Properties properties = new Properties();
            properties.load(JdbcTest.class.getClassLoader().getResourceAsStream("jdbc.properties"));
            String url = properties.getProperty("mysql.url");
            String user = properties.getProperty("mysql.username");
            String password = properties.getProperty("mysql.password");
            //2. Instantiation Driver
            //3. Registration drive 
            //4. Get the connection 
            conn = DriverManager.getConnection(url, user, password);
        }catch (IOException e){
    
            e.printStackTrace();
        }catch (SQLException e){
    
            e.printStackTrace();
        }
        return conn;
    }
3.2.2、 Experience query code
public static void main(String[] args) throws Exception {
    
	//1. Database connection 4 Basic elements :
	String url = "jdbc:mysql://101.200.48.99:3306/test? useUnicode=true&characterEncoding=utf8&useSSL=false& serverTimezone=Asia/Shanghai";
	String user = "root"; 
	String password = "root";
	String driverName = "com.mysql.jdbc.Driver";
	String sql = "select id,name,age from user";
	//2. Instantiation Driver
	Class clazz = Class.forName(driverName);
	Driver driver = (Driver) clazz.newInstance();
	//3. Registration drive 
	DriverManager.registerDriver(driver);
	//4. Get the connection 
	Connection conn = DriverManager.getConnection(url, user, password);
	
	Statement statement = conn.createStatement();
	ResultSet resultSet = statement.executeQuery(sql); 
	resultSet.next();
	int id = resultSet.getInt("id");
	String name = resultSet.getString("name");
	int age = resultSet.getInt("age");
	System.out.println("id="+id);
	System.out.println("name="+name);
	System.out.println("age="+age);
	resultSet.next();
	int id2 = resultSet.getInt("id");
	String name2 = resultSet.getString("name");
	int age2 = resultSet.getInt("age");
	System.out.println("id="+id2);
	System.out.println("name="+name2); 
	System.out.println("age="+age2);
}
3.2.3、 Code optimization
Release of resources
-  Release ResultSet, Statement,Connection. 
-  Database connection (Connection) It's a very rare resource , Must be released immediately after use , If Connection Failure to shut down in time and correctly will lead to system downtime machine .Connection The principle is to create as late as possible , Release as early as possible . 
-  Can be in finally Closed in , Ensure that other code is abnormal in time , Resources can also be shut down . 
1、 Handle exceptions manually 
 2、 Reasonable relationship resources 
 3、 Traversal processing data 
public static void main(String[] args) {
    
	//1. Database connection 4 Basic elements :
	String url = "jdbc:mysql://localhost:3306/test? useUnicode=true&characterEncoding=utf8&useSSL=false& serverTimezone=Asia/Shanghai";
	String user = "root";
	String password = "root";
	String driverName = "com.mysql.jdbc.Driver"; 
	String sql = "select id,name,age from user";
	//2. Instantiation Driver
	// Extract resources , Convenient and reasonable closing 
	Connection conn = null; 
	Statement statement = null; 
	ResultSet resultSet = null;
	// Handle exceptions manually 
	try {
    
		Class clazz = Class.forName(driverName); 
		Driver driver = (Driver) clazz.newInstance();
		//3. Registration drive 
		DriverManager.registerDriver(driver);
		//4. Get the connection 
		conn = DriverManager.getConnection(url, user, password);
		statement = conn.createStatement();
		resultSet = statement.executeQuery(sql);
		// Use traversal to get data 
		while (resultSet.next()){
    
			int id = resultSet.getInt("id"); 
			String name = resultSet.getString("name");
			int age = resultSet.getInt("age");
			System.out.println("id=" + id);
			System.out.println("name=" + name);
			System.out.println("age=" + age);
			}
		} catch (Exception exception) {
    
			exception.printStackTrace();
		}finally {
    
			// close resource 
			if(conn != null){
     
				try {
    
					conn.close();
				} catch (SQLException e) {
    
				e.printStackTrace();
				}
		}
		if(statement != null){
     
		try {
    
			statement.close();
		} catch (SQLException e) {
    
			e.printStackTrace();
		}
	}
	if(resultSet != null){
     
		try {
    
			resultSet.close();
		} catch (SQLException e) {
    
			e.printStackTrace();
		}
	}
}
3.2.4、 Public extraction
1、 No matter where you want to operate the database, you need to get a connection , So can you extract 
 2、 No matter where it is, it should be closed. Can resources be extracted 
package com.xinzhi;
import java.sql.*;
/** * @author zn * @date 2020/4/1 **/
public class DBUtil {
    
	public static Connection getConnection(){
    
		String url = "jdbc:mysql://localhost:3306/test? useUnicode=true&characterEncoding=utf8&useSSL=false& serverTimezone=Asia/Shanghai";
	String user = "root"; 
	String password = "root";
	String driverName = "com.mysql.jdbc.Driver";
	
	Connection conn = null; 
	try {
    
		Class clazz = Class.forName(driverName); 
		Driver driver = (Driver)
clazz.newInstance();
		//3. Registration drive 
		DriverManager.registerDriver(driver);
		//4. Get the connection 
		conn = DriverManager.getConnection(url, user, password);
	}catch (Exception e){
     
		e.printStackTrace();
	}
	return conn;
}
	public static void closeAll(Connection connection, Statement statement, ResultSet rs){
    
		if(connection != null){
     
		try {
    
			connection.close();
		} catch (SQLException e) {
    
			e.printStackTrace();
		}
	}
		if(statement != null){
     
		try {
    
			statement.close();
		} catch (SQLException e) {
    
			e.printStackTrace();
		}
	}
	if( rs != null ){
     
	try {
    
		rs.close();
	} catch (SQLException e) {
    
		e.printStackTrace();
	}
	}
}
}
public static void main(String[] args) {
    
	String sql = "select id,name,age from user";
	Connection conn = null; 
	Statement statement = null; 
	ResultSet resultSet = null;
	// Handle exceptions manually 
	try {
    
	conn = DBUtil.getConnection(); 
	statement = conn.createStatement();
	resultSet = statement.executeQuery(sql);
	// Use traversal to get data 
	while (resultSet.next()){
    
		int id = resultSet.getInt("id"); 
		String name = resultSet.getString("name");
		int age = resultSet.getInt("age");
		System.out.println("id=" + id);
		System.out.println("name=" + name);
		System.out.println("age=" + age);
		}
	} catch (Exception exception) {
    
	exception.printStackTrace();
	}finally {
    
	DBUtil.closeAll(conn,statement,resultSet);
	}
}
3.2.5、sql Injection problem
 because SQL It's a problem of splicing strings , So there will be attackers using some special   Skills to complete some operations , To bypass our logic .
 getUserById
  because sql Statement is precompiled , And placeholders are used in the statement , Specifies the sql language   Sentence structure . Users can set "?" Value , But it can't change sql Structure of statement ,  So I want to sql The sentence is followed by “or 1=1” Realization sql Injection doesn't work .
3.3、PreparedStatement Use
3.3.1、PreparedStatement Introduce
- You can call Connection Object's preparedStatement(String sql) Method obtain PreparedStatement object
- PreparedStatement Interface is Statement Sub interface of , It represents a precompiled SQL sentence
- PreparedStatement The object represents SQL The parameters in the statement are marked with question marks (?) To express , call PreparedStatement Object's setXxx() Method to set these parameters . setXxx() Method has two parameters , The first parameter is to be set SQL The index of the parameter in the statement ( from 1 Start ), The second one is set up SQL The value of the parameter in the statement
3.3.2、PreparedStatement vs Statement
- Readability and maintainability of code .
- PreparedStatement  To maximize performance : 
   - DBServer Provides performance optimization for precompiled statements . Because precompiled statements can be called repeatedly , So the sentence is being DBServer The compiled execution code of the compiler is cached , So the next time you call it, you don't need to compile as long as it's the same precompiled statement , As long as the parameters are directly passed into the compiled statement execution code, it will be executed .
- stay statement In the sentence , Even though the data is different, the operation is different , So the whole statement itself doesn't match , There is no sense of caching statements . The fact is that no database caches the compiled execution code of ordinary statements . In this way, the incoming statement is compiled every time it is executed .
- ( Syntax check , Semantic check , Translated into binary commands , cache )
 
- PreparedStatement Can prevent SQL Inject
3.3.3、Java And SQL Corresponding data type conversion table
| Java type | SQL type | 
|---|---|
| byte | TINYINT | 
| short | SMALLINT | 
| int | INTEGER | 
| long | BIGINT | 
| String | CHAR,VARCHAR,LONGVARCHAR | 
| byte array | BINARY , VAR BINARY | 
| java.sql.Date | DATE | 
| java.sql.Time | TIME | 
| java.sql.Timestamp | TIMESTAMP | 
3.3.4、 Use PreparedStatement Realize increase 、 Delete 、 Change operation
// The growth of general purpose 、 Delete 、 Change operation ( Embody one : increase 、 Delete 、 Change  ;  Embody two : For different watches )
public void update(String sql,Object ... args){
     		
	Connection conn = null;
	PreparedStatement ps = null; 
	try {
    
		//1. Get the connection to the database 
		conn = DBUtilsUtils.getConnection();
		//2. obtain PreparedStatement Example  ( or : precompile sql sentence )
		ps = conn.prepareStatement(sql);
		//3. Fill in placeholders 
		for(int i = 0;i < args.length;i++){
     		
			ps.setObject(i + 1, args[i]);
		}
		//4. perform sql sentence 
		ps.execute();
	} catch (Exception e) {
    
		e.printStackTrace();
	}finally{
    
		//5. close resource 
		DBUtilsUtils.closeResource(conn, ps);
	}
}
3.3.5、 Use PreparedStatement Implement query operation
statement = conn.prepareStatement(sql); 
statement.setInt(1,1);
resultSet = statement.executeQuery();
2、 Reflection advanced applications
//  General query for different tables : Return an object  (version 1.0)
public <T> T getInstance(Class<T> clazz, String sql, Object... args) {
    
	Connection conn = null; 
	PreparedStatement ps = null;
	ResultSet rs = null;
	try {
    
		// 1. Get database connection 
		conn = DBUtilsUtils.getConnection();
		// 2. precompile sql sentence , obtain PreparedStatement object  
		ps = conn.prepareStatement(sql);
		// 3. Fill in placeholders 
		for (int i = 0; i < args.length; i++) {
     
			ps.setObject(i + 1, args[i]);
		}
		// 4. perform executeQuery(), Get the result set :ResultSet
		rs = ps.executeQuery();
		// 5. Get the metadata of the result set :ResultSetMetaData 
		ResultSetMetaData rsmd = rs.getMetaData();
		// 6.1 adopt ResultSetMetaData obtain columnCount,columnLabel; adopt ResultSet Get the column values 
		int columnCount = rsmd.getColumnCount(); 
		if (rs.next()) {
    
		T t = clazz.newInstance();
		for (int i = 0; i < columnCount; i++) {
     //  Traverse every column 
	
			//  Get column values 
			Object columnVal = rs.getObject(i + 1);
			//  Get the alias of the column : Alias of column , Use the property name of the class as 
			String columnLabel = rsmd.getColumnLabel(i + 1);
			// 6.2 Using reflection , Assign values to the corresponding properties of an object 
			Field field = clazz.getDeclaredField(columnLabel);
			field.setAccessible(true);
			field.set(t, columnVal);
			}
			return t;
			}
		} catch (Exception e) {
    
			e.printStackTrace();
		} finally {
    
			// 7. close resource  
			DBUtilsUtils.closeResource(conn, ps,rs);
		}
	return null;
}
explain : Use PreparedStatement The query operation implemented can replace Statement Implementation of the query operation , solve Statement String and match SQL Injection problem .
Statement and PreparedStatement Similarities and differences, advantages and disadvantages 
  Same as : Both are used to hold SQL Of the statement 
  different :PreparedStatement Need basis SQL Statement to create , It can be done by setting parameters , Specify the corresponding value , It's not like Statement That's using string concatenation .
PreparedStatement The advantages of :
1、 It uses parameter settings , Good readability , It's hard to remember . stay statement String concatenation is used in , Poor readability and maintainability .
2、 It has a precompile mechanism , Performance ratio statement faster .
3、 It can effectively prevent SQL Injection attack .
execute and executeUpdate The difference between
The same thing : Both of them can perform the increase 、 Delete 、 Modification and other operations .
Difference :
1、execute You can execute query statements , And then through getResult Take out the results .executeUpdate Cannot execute query statement .
2、execute return Boolean type ,true Indicates that the query statement is executed ,false Indicates the execution of insert、delete、update etc. .executeUpdate The return value of int, Indicates how many pieces of data have been affected .
JDBC Course notes :
	1.  Concept :Java DataBase Connectivity  Java  Database connection , Java Language operation database 
		* JDBC The essence : Actually, it's official (sun company ) A set of rules defined to operate all relational databases , Interface .
		*  Each database manufacturer to implement this set of interface , Provide database driver jar package . We can use this interface (JDBC) Programming , The code that actually executes is the driver jar The implementation class in the package .
	
	2.  Quick start :
		*  step :
			1.  Import driver jar package   
				mysql-connector-java-8.0.13.jar
				1. Copy mysql-connector-java-8.0.13.jar To the project libs Under the table of contents 
				2. Right click -->Add As Library
			2.  Registration drive ( Teacher Nan explained that there are several ways jdbc)
			3.  Get database connection object  Connection
			4.  Definition sql
			5.  Access to perform sql Object of statement  Statement
			6.  perform sql, Accept the return result 
			7.  Processing results 
			8.  Release resources 
	
		*  Code implementation :
		  	//1.  Import driver jar package 
	        //2. Registration drive 
	        Class.forName("com.mysql.jdbc.Driver");
	        //3. Get database connection object 
	        Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/db3", "root", "root");
	        //4. Definition sql sentence 
	        String sql = "update account set balance = 500 where id = 1";
	        //5. Access to perform sql The object of  Statement
	        Statement stmt = conn.createStatement();
	        //6. perform sql
	        int count = stmt.executeUpdate(sql);
	        //7. Processing results 
	        System.out.println(count);
	        //8. Release resources 
	        stmt.close();
	        conn.close();
	
	3.  Explain the objects in detail :
		1. DriverManager: Drive management objects 
			*  function :
				1.  Registration drive : Tell the program which database driver to use jar package 
					static void registerDriver(Driver driver) : Register with given driver  DriverManager . 
					 Write code using :  Class.forName("com.mysql.jdbc.Driver");
					 Discover by looking at the source code : stay com.mysql.cj.jdbc.Driver Class has static code blocks 
					 static {
					        try {
					            java.sql.DriverManager.registerDriver(new Driver());
					        } catch (SQLException E) {
					            throw new RuntimeException("Can't register driver!");
					        }
						}
	
					 Be careful :mysql5 After the drive jar Packages can omit the steps of registering drivers .
				2.  Get database connection :
					*  Method :static Connection getConnection(String url, String user, String password) 
					*  Parameters :
						* url: Specify the path of the connection 
							*  grammar :jdbc:mysql://ip Address ( domain name ): Port number / Database name 
							*  Example :jdbc:mysql://localhost:3306/db3
							*  details : If the connection is local mysql The server , also mysql The default port for the service is 3306, be url I could just write it as :jdbc:mysql:/// Database name 
						* user: user name 
						* password: password  
		2. Connection: Database connection object 
			1.  function :
				1.  Access to perform sql  The object of 
					* Statement createStatement()
					* PreparedStatement prepareStatement(String sql)  
				2.  Manage affairs :
					*  Open transaction :setAutoCommit(boolean autoCommit) : Call this method to set the parameter to false, That is, start the transaction 
					*  Commit transaction :commit() 
					*  Roll back the transaction :rollback() 
		3. Statement: perform sql The object of 
			1.  perform sql
				1. boolean execute(String sql) : You can do whatever you want sql  understand  
				2. int executeUpdate(String sql) : perform DML(insert、update、delete) sentence 、DDL(create,alter、drop) sentence 
					*  Return value : Number of rows affected , It can be judged by the number of rows affected DML Is the statement executed successfully   Return value >0 Then the execution is successful , conversely , The failure .
				3. ResultSet executeQuery(String sql)  : perform DQL(select) sentence 
			2.  practice :
				1. account surface   Add a record 
				2. account surface   Modify the record 
				3. account surface   Delete a record 
	
				 Code :
					Statement stmt = null;
			        Connection conn = null;
			        try {
			            //1.  Registration drive 
			            Class.forName("com.mysql.cj.jdbc.Driver");
			            //2.  Definition sql
			            String sql = "insert into account values(null,' Wang Wu ',3000)";
			            //3. obtain Connection object 
			            conn = DriverManager.getConnection("jdbc:mysql:///db3", "root", "root");
			            //4. Access to perform sql The object of  Statement
			            stmt = conn.createStatement();
			            //5. perform sql
			            int count = stmt.executeUpdate(sql);// Number of rows affected 
			            //6. Processing results 
			            System.out.println(count);
			            if(count > 0){
			                System.out.println(" Add success !");
			            }else{
			                System.out.println(" Add failure !");
			            }
			
			        } catch (ClassNotFoundException e) {
			            e.printStackTrace();
			        } catch (SQLException e) {
			            e.printStackTrace();
			        }finally {
			            //stmt.close();
			            //7.  Release resources 
			            // Avoid null pointer exceptions 
			            if(stmt != null){
			                try {
			                    stmt.close();
			                } catch (SQLException e) {
			                    e.printStackTrace();
			                }
			            }
			
			            if(conn != null){
			                try {
			                    conn.close();
			                } catch (SQLException e) {
			                    e.printStackTrace();
			                }
			            }
			        }
				
		4. ResultSet: Result set object , Encapsulate query results 
			* boolean next():  Move the cursor down one line , Determine whether the current line is the end of the last line ( Is there any data ), If it is , Then return to false, If not, return true
			* getXxx( Parameters ): get data 
				* Xxx: Representative data type     Such as : int getInt() ,	String getString()
				*  Parameters :
					1. int: Represents the number of the column , from 1 Start     Such as : getString(1)
					2. String: Name of representative column .  Such as : getDouble("balance")
			
			*  Be careful :
				*  Use steps :
					1.  Move the cursor down one line 
					2.  Judge whether there is data 
					3.  get data 
	
				   // Loop to determine whether the cursor is at the end of the last line .
		            while(rs.next()){
		                // get data 
		                int id = rs.getInt(1);
		                String name = rs.getString("name");
		                double balance = rs.getDouble(3);
		
		                System.out.println(id + "---" + name + "---" + balance);
		            }
	
			*  practice :
				*  Define a method , Inquire about emp The table's data encapsulates it as an object , Then load the collection , return .
					1.  Definition Emp class 
					2.  Define methods  public List<Emp> findAll(){}
					3.  Implementation method  select * from emp;
						
		5. PreparedStatement: perform sql The object of 
			1. SQL Injection problem : In splicing sql when , Somewhat sql Special keywords participate in string splicing . Can cause security problems 
				1.  Input users casually , Input password :a' or 'a' = 'a
				2. sql:select * from user where username = 'fhdsjkf' and password = 'a' or 'a' = 'a' 
	
			2.  solve sql Injection problem : Use PreparedStatement Object to solve 
			3.  precompiled SQL: Parameters use ? As placeholder 
			4.  step :( For relevant methods, please refer to api)
				1.  Import driver jar package , Such as : mysql-connector-java-8.0.13.jar
				2.  Registration drive 
				3.  Get database connection object  Connection
				4.  Definition sql
					*  Be careful :sql Parameter usage of ? As placeholder .  Such as :select * from user where username = ? and password = ?;
				5.  Access to perform sql Object of statement  PreparedStatement  Connection.prepareStatement(String sql) 
				6.  to ? assignment :
					*  Method : setXxx( Parameters 1, Parameters 2)
						*  Parameters 1:? Location number of   from 1  Start 
						*  Parameters 2:? Value ( Note the corresponding data type )
				7.  perform sql, Accept the return result , There is no need to pass on sql sentence 
				8.  Processing results 
				9.  Release resources 
	
			5.  Be careful : It will be used later PreparedStatement To complete all operations of addition, deletion, modification and query 
				1.  Can prevent SQL Inject 
				2.  More efficient 
##  extract JDBC Tool class  : JDBCUtils
	*  Purpose : Simplify writing 
	*  analysis :
		1.  Registration drivers also extract 
		2.  Extract a method to get the connection object 
			*  demand : Don't want to pass parameters ( trouble ), We also need to ensure the universality of tool class .
			*  solve : The configuration file 
				jdbc.properties
					url=
					user=
					password=
		3.  Extract a method to release resources 
	
	*  Code implementation :
		public class JDBCUtils {
	    private static String url;
	    private static String user;
	    private static String password;
	    private static String driver;
	    /**
	     *  File reading , You only need to read it once to get these values . Use static code blocks 
	     */
	    static{
	        // Read resource file , Get value .
	
	        try {
	            //1.  establish Properties Collection classes .
	            Properties pro = new Properties();
	
	            // obtain src The way of files under the path --->ClassLoader  Class loader 
	            ClassLoader classLoader = JDBCUtils.class.getClassLoader();
	            URL res  = classLoader.getResource("jdbc.properties");
	            String path = res.getPath();
	            System.out.println(path);///D:/IdeaProjects/itcast/out/production/day04_jdbc/jdbc.properties
	            //2.  Load the file 
	           // pro.load(new FileReader("D:\\IdeaProjects\\itcast\\day04_jdbc\\src\\jdbc.properties"));
	            pro.load(new FileReader(path));
	
	            //3.  get data , assignment 
	            url = pro.getProperty("url");
	            user = pro.getProperty("user");
	            password = pro.getProperty("password");
	            driver = pro.getProperty("driver");
	            //4.  Registration drive 
	            Class.forName(driver);
	        } catch (IOException e) {
	            e.printStackTrace();
	        } catch (ClassNotFoundException e) {
	            e.printStackTrace();
	        }
	    }
	
	    /**
	     *  Get the connection 
	     * @return  Connection object 
	     */
	    public static Connection getConnection() throws SQLException {
	
	        return DriverManager.getConnection(url, user, password);
	    }
	
	    /**
	     *  Release resources 
	     * @param stmt
	     * @param conn
	     */
	    public static void close(Statement stmt,Connection conn){
	        if( stmt != null){
	            try {
	                stmt.close();
	            } catch (SQLException e) {
	                e.printStackTrace();
	            }
	        }
	
	        if( conn != null){
	            try {
	                conn.close();
	            } catch (SQLException e) {
	                e.printStackTrace();
	            }
	        }
	    }
	
	    /**
	     *  Release resources 
	     * @param stmt
	     * @param conn
	     */
	    public static void close(ResultSet rs,Statement stmt, Connection conn){
	        if( rs != null){
	            try {
	                rs.close();
	            } catch (SQLException e) {
	                e.printStackTrace();
	            }
	        }
	
	        if( stmt != null){
	            try {
	                stmt.close();
	            } catch (SQLException e) {
	                e.printStackTrace();
	            }
	        }
	
	        if( conn != null){
	            try {
	                conn.close();
	            } catch (SQLException e) {
	                e.printStackTrace();
	            }
	        }
	    }
	
	}
	
	*  practice :
		*  demand :
			1.  Enter the user name and password through the keyboard 
			2.  Determine whether the user has successfully logged in 
				* select * from user where username = "" and password = "";
				*  If this sql There are query results , The successful , conversely , The failure 
	
		*  step :
			1.  Create database tables  user
				CREATE TABLE USER(
					id INT PRIMARY KEY AUTO_INCREMENT,
					username VARCHAR(32),
					PASSWORD VARCHAR(32)
				
				);
	
				INSERT INTO USER VALUES(NULL,'zhangsan','123');
				INSERT INTO USER VALUES(NULL,'lisi','234');
	
			2.  Code implementation :
				public class JDBCDemo9 {
	
				    public static void main(String[] args) {
				        //1. Keyboard Entry , Accept user name and password 
				        Scanner sc = new Scanner(System.in);
				        System.out.println(" Please enter a user name :");
				        String username = sc.nextLine();
				        System.out.println(" Please input a password :");
				        String password = sc.nextLine();
				        //2. Calling method 
				        boolean flag = new JDBCDemo9().login(username, password);
				        //3. Judge the result , Output different statements 
				        if(flag){
				            // Login successful 
				            System.out.println(" Login successful !");
				        }else{
				            System.out.println(" Wrong user name or password !");
				        }				
				    }
			
				    /**
				     *  Login method 
				     */
				    public boolean login(String username ,String password){
				        if(username == null || password == null){
				            return false;
				        }
				        // Connect the database to determine whether the login is successful 
				        Connection conn = null;
				        Statement stmt =  null;
				        ResultSet rs = null;
				        //1. Get the connection 
				        try {
				            conn =  JDBCUtils.getConnection();
				            //2. Definition sql
				            String sql = "select * from user where username = '"+username+"' and password = '"+password+"' ";
				            //3. Access to perform sql The object of 
				            stmt = conn.createStatement();
				            //4. Execute the query 
				            rs = stmt.executeQuery(sql);
				            //5. Judge 
				           /* if(rs.next()){// If there's a next line , Then return to true
				                return true;
				            }else{
				                return false;
				            }*/
				           return rs.next();// If there's a next line , Then return to true
				
				        } catch (SQLException e) {
				            e.printStackTrace();
				        }finally {
				            JDBCUtils.close(rs,stmt,conn);
				        }				
				        return false;
				    }
				}
## JDBC Control the transaction :
	1.  Business : A business operation with multiple steps . If the business operation is managed by a transaction , Then these multiple steps will either succeed at the same time , Or fail at the same time .
	2.  operation :
		1.  Open transaction 
		2.  Commit transaction 
		3.  Roll back the transaction 
	3.  Use Connection Object to manage affairs 
		*  Open transaction :setAutoCommit(boolean autoCommit) : Call this method to set the parameter to false, That is, start the transaction 
			*  In execution sql Before opening the transaction 
		*  Commit transaction :commit() 
			*  When all sql All commit transactions are completed 
		*  Roll back the transaction :rollback() 
			*  stay catch Rollback transaction 
	
	4.  Code :
		public class JDBCDemo10 {
	
		    public static void main(String[] args) {
		        Connection conn = null;
		        PreparedStatement pstmt1 = null;
		        PreparedStatement pstmt2 = null;
		
		        try {
		            //1. Get the connection 
		            conn = JDBCUtils.getConnection();
		            // Open transaction 
		            conn.setAutoCommit(false);
		
		            //2. Definition sql
		            //2.1  Zhang San  - 500
		            String sql1 = "update account set balance = balance - ? where id = ?";
		            //2.2  Li Si  + 500
		            String sql2 = "update account set balance = balance + ? where id = ?";
		            //3. Access to perform sql object 
		            pstmt1 = conn.prepareStatement(sql1);
		            pstmt2 = conn.prepareStatement(sql2);
		            //4.  Set parameters 
		            pstmt1.setDouble(1,500);
		            pstmt1.setInt(2,1);
		
		            pstmt2.setDouble(1,500);
		            pstmt2.setInt(2,2);
		            //5. perform sql
		            pstmt1.executeUpdate();
		            //  Manual manufacturing abnormality 
		            int i = 3/0;
		
		            pstmt2.executeUpdate();
		            // Commit transaction 
		            conn.commit();
		        } catch (Exception e) {
		            // Transaction rollback 
		            try {
		                if(conn != null) {
		                    conn.rollback();
		                }
		            } catch (SQLException e1) {
		                e1.printStackTrace();
		            }
		            e.printStackTrace();
		        }finally {
		            JDBCUtils.close(pstmt1,conn);
		            JDBCUtils.close(pstmt2,null);
		        }		
		    }
		}
版权声明 
                        本文为[@A Qing]所创,转载请带上原文链接,感谢
                        https://yzsam.com/2022/04/202204230539032167.html
                    
边栏推荐
- C# ,类库
- What financial products will benefit during May Day?
- Frequently asked interview questions - 3 (operating system)
- Navicate连接oracle(11g)时ORA:28547 Connection to server failed probable Oeacle Net admin error
- Map对象 map.get(key)
- io.lettuce.core.RedisCommandExecutionException: ERR wrong number of arguments for ‘auth‘ command
- SQL语句简单优化
- Add days to date
- STD:: String implements split
- Write the declaration of a function to return the reference of the array, and the array contains 10 string objects (notes)
猜你喜欢
 - Fletter next generation graphics renderer impaller 
 - SQL statement simple optimization 
 - Batch import of orange single micro service 
 - Differences between sea level anatomy and sea surface height anatomy 
 - Navicate连接oracle(11g)时ORA:28547 Connection to server failed probable Oeacle Net admin error 
 - The 8th Blue Bridge Cup 2017 - frog jumping cup 
 - C# ,类库 
 - Frequently asked interview questions - 2 (computer network) 
 - Pol / select / EPO 
 - 2-软件设计原则 
随机推荐
- 50 SQL exercises, answers and detailed analysis 
- Linear sieve method (prime sieve) 
- College entrance examination volunteer filling reference 
- Golang implements Ping connectivity detection case through exec module 
- 数据安全入门产品——数据库审计系统详解 
- 世界与个人发展 
- TypeScript interface & type 粗略理解 
- Use of qwbengneview and qwebchannel. 
- excel获取两列数据的差异数据 
- DWSurvey是一个开源的调查问卷系统。解决无法运行问题,修改bug。 
- MySQL create Oracle exercise table 
- Hongji micro classroom | cyclone RPA's "flexible digital employee" actuator 
- Add two pointers? (legal or illegal) 
- QSslSocket::connectToHostEncrypted: TLS initialization failed 
- Data mining -- understanding data 
- IPI interrupt 
- 【华为机试】考试得分总数(如何处理答错的情况?回溯一次,代表答错一题) 
- MySQL创建oracle练习表 
- Object to map 
- Differences between auto and decltype inference methods (learning notes)