JDBC代表Java数据库连接,用于数据库连接和执行sql语句。
第一个jdbc实例:mysql驱动版本mysql-connector-java-8.0.16.jar
package com.test; import java.sql.*; public class JDBC01 { public static void main(String[] args) { ResultSet rs = null; Connection connection = null; PreparedStatement statement = null; try { //1,加载驱动 Class.forName("com.mysql.cj.jdbc.Driver"); //2.创建连接 //此处按照实际的数据库名称和账号密码进行修改 //格式为jdbc:mysql://127.0.0.1:3306/数据库名称?useSSL=true&characterEncoding=utf-8&user=账号名&password=密码 connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/test?useSSL=true&characterEncoding=utf-8&user=root&password=123456&serverTimezone=UTC"); System.out.println("创建连接成功"); //3.写sql //根据数据库实际的表名写SQL语句 String sql="select * from pet"; //4.得到statement对象执行sql statement = connection.prepareStatement(sql); //5.得到结果集 rs = statement.executeQuery(); //6.处理结果集 while(rs.next()){
//rs.next()得到表中的一行,可以将其封装到java bean里,每一行就是一个对象实例
System.out.println(rs.getString(1)); System.out.println(rs.getString(2)); System.out.println(rs.getString(3)); } } catch (ClassNotFoundException | SQLException e) { e.printStackTrace(); } finally { //7.关闭 if(rs!=null){ try { rs.close(); } catch (SQLException e) { e.printStackTrace(); } } if(statement!=null) { try { statement.close(); } catch (SQLException e) { e.printStackTrace(); } } if(connection!=null){ try { connection.close(); } catch (SQLException e) { e.printStackTrace(); } } System.out.println("关闭成功"); } } }
通过配置文件获取连接:
1,jdbc.properties文件置于当前模块的src目录下;
2,url要添加时区;
3,可以创建util类,封装getCollection和closeConnection静态方法。
package com.test; import org.junit.Test; import java.io.InputStream; import java.sql.*;、
import java.util.Properties;
class JDBCUtils {
public static Connection getConnection(){
Connection connection = null;
try {
InputStream inputStream = ClassLoader.getSystemClassLoader().getResourceAsStream("jdbc.properties");
Properties properties = new Properties();
properties.load(inputStream);
String user = properties.getProperty("user");
String password = properties.getProperty("password");
String url = properties.getProperty("url");
String driverClass = properties.getProperty("driverClass");
//加载驱动
Class.forName(driverClass);
//获取连接
connection = DriverManager.getConnection(url,user,password);
} catch (Exception e) {
e.printStackTrace();
}
return connection;
}
public static void closeConnection(Connection connection, Statement statement){
try {
if (statement != null)
statement.close();
} catch (SQLException e) {
e.printStackTrace();
}
try {
if (connection != null)
connection.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
//测试方法
public class JDBC02 {
public static void insertTest(String sql,Object...args) {
Connection connection1 = null;
PreparedStatement preparedStatement = null;
try {
//读取配置文件中的信息获取连接
connection1 = JDBCUtils.getConnection();
//预编译sql
preparedStatement = connection1.prepareStatement(sql);
//填充占位符
for(int i=0; i<args.length; i++){
preparedStatement.setObject(i+1, args[i]);
}
//执行sql
preparedStatement.execute();
} catch (Exception e) {
e.printStackTrace();
} finally {
//关闭
JDBCUtils.closeConnection(connection1, preparedStatement);
}
}
}
第一次接触sql注入问题,尝试一下学校的教务网站,好像被查水表了。
//输入password为123' or '1'='1
select * from users where username='123' or '1'='1' and password='123' or '1'='1’;
