什么是JDBC?
JDBC可以理解为Java DataBase Connection,就是用来连接数据库的,我们要做持久层操作,必须连接数据库,JDBC就是用来充当用户和数据库之间的那个桥梁。
直接上案例
架构:
数据库 id主键自增
User.class 我写了两个有参构造器,有一个不用赋值id,因为它自增了,执行插入数据的时候不能插入id
import java.util.Objects;
public class User {
private int id;
private String name;
private int age;
private String sex;
public User() {
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
User user = (User) o;
return id == user.id && age == user.age && Objects.equals(name, user.name) && Objects.equals(sex, user.sex);
}
@Override
public int hashCode() {
return Objects.hash(id, name, age, sex);
}
public User(String name, int age, String sex) {
this.name = name;
this.age = age;
this.sex = sex;
}
public User(int id, String name, int age, String sex) {
this.id = id;
this.name = name;
this.age = age;
this.sex = sex;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
public String getSex() {
return sex;
}
public void setSex(String sex) {
this.sex = sex;
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", name='" + name + '\'' +
", age=" + age +
", sex='" + sex + '\'' +
'}';
}
}UserDao.class
public interface UserDao {
void insertStudent(User user);//插入
void deleteById(int id);//删除
void updateStudent(User user);//修改
User selectById(int id);//根据id查询
User selectByname(String name);//根据name查询
}
UserDaoImpl.class
import com.wjc.Dao.UserDao;
import com.wjc.pojo.User;
import java.sql.*;
public class UserDaoImpl implements UserDao {
static final String url = "jdbc:mysql://localhost:3306/ssm?useUnicode=true&characterEncoding=utf8&useSSL=true&serverTimezone=UTC";
static final String username = "root";
static final String password = "111111";
static Connection connection = null;
static PreparedStatement statement = null;
@Override
public void insertStudent(User user) {
try {
//1.加载驱动
Class.forName("com.mysql.cj.jdbc.Driver");
//2.连接数据库
connection = DriverManager.getConnection(url, username, password);
String sql = "INSERT INTO user(name,age,sex) values(?,?,?)";
//预编译
statement = connection.prepareStatement(sql);
statement.setString(1, user.getName());
statement.setInt(2, user.getAge());
statement.setString(3, user.getSex());
//执行sql
int i = statement.executeUpdate();
if (i > 0) {
System.out.println("插入成功");
}
//关闭资源
if (statement != null) {
statement.close();
}
if (connection != null) {
statement.close();
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
@Override
public void deleteById(int id) {
try {
//1.加载驱动
Class.forName("com.mysql.cj.jdbc.Driver");
//2.连接数据库
connection = DriverManager.getConnection(url, username, password);
String sql = "DELETE FROM user Where id=?";
//预编译
statement = connection.prepareStatement(sql);
statement.setInt(1, id);
//执行sql
int i = statement.executeUpdate();
if (i > 0) {
System.out.println("删除成功");
}
//关闭资源
if (statement != null) {
statement.close();
}
if (connection != null) {
statement.close();
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
@Override
public void updateStudent(User user) {
try {
//1.加载驱动
Class.forName("com.mysql.cj.jdbc.Driver");
//2.连接数据库
connection = DriverManager.getConnection(url, username, password);
String sql = "UPDATE user SET name=?,age=?,sex=? WHERE id=?";
//预编译
statement = connection.prepareStatement(sql);
statement.setString(1, user.getName());
statement.setInt(2, user.getAge());
statement.setString(3, user.getSex());
statement.setInt(4, user.getId());
//执行sql
int i = statement.executeUpdate();
if (i > 0) {
System.out.println("更新成功");
}
//关闭资源
if (statement != null) {
statement.close();
}
if (connection != null) {
statement.close();
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
@Override
public User selectById(int id) {
User user=new User();
try {
//1.加载驱动
Class.forName("com.mysql.cj.jdbc.Driver");
//2.连接数据库
connection = DriverManager.getConnection(url, username, password);
String sql = "SELECT * FROM user where id=?";
//预编译
statement = connection.prepareStatement(sql);
statement.setInt(1, id);
//执行sql
ResultSet resultSet = statement.executeQuery();
while (resultSet.next()) {
user.setId(resultSet.getInt("id"));
user.setName(resultSet.getString("name"));
user.setAge(resultSet.getInt("age"));
user.setSex(resultSet.getString("sex"));
System.out.println("id=" + resultSet.getInt("id"));
System.out.println("name=" + resultSet.getString("name"));
System.out.println("age=" + resultSet.getInt("age"));
System.out.println("sex=" + resultSet.getString("sex"));
}
//关闭资源
if (statement != null) {
statement.close();
}
if (connection != null) {
statement.close();
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return user;
}
@Override
public User selectByname(String name) {
User user=new User();
try {
//1.加载驱动
Class.forName("com.mysql.cj.jdbc.Driver");
//2.连接数据库
connection = DriverManager.getConnection(url, username, password);
String sql = "SELECT * FROM user where name=?";
//预编译
statement = connection.prepareStatement(sql);
statement.setString(1, name);
//执行sql
ResultSet resultSet = statement.executeQuery();
while (resultSet.next()) {
user.setId(resultSet.getInt("id"));
user.setName(resultSet.getString("name"));
user.setAge(resultSet.getInt("age"));
user.setSex(resultSet.getString("sex"));
System.out.println("id=" + resultSet.getInt("id"));
System.out.println("name=" + resultSet.getString("name"));
System.out.println("age=" + resultSet.getInt("age"));
System.out.println("sex=" + resultSet.getString("sex"));
}
//关闭资源
if (statement != null) {
statement.close();
}
if (connection != null) {
statement.close();
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
return user;
}
}
测试类
import com.wjc.pojo.User;
import org.junit.Assert;
import org.junit.Test;
public class CrudTest {
@Test
public void inserttest() {
User user = new User("wjc", 18, "男");
UserDaoImpl userDao=new UserDaoImpl();
userDao.insertStudent(user);
//如果能够获取id 说明插入数据成功
Assert.assertTrue(userDao.selectByname("wjc").getId()>0);
}
@Test
public void deletetest() {
UserDaoImpl userDao=new UserDaoImpl();
userDao.deleteById(5);
//调用userDao的按id查询的方法,查询为空说明删除成功
User user = userDao.selectById(5);
Assert.assertEquals(user.getId(),0);
}
@Test
public void updatetest(){
User user = new User(5, "小红更新", 21, "女");
UserDaoImpl userDao=new UserDaoImpl();
userDao.updateStudent(user);
//
Assert.assertEquals(userDao.selectById(5),user);
}
@Test
public void selectByIdtest(){
UserDaoImpl userDao=new UserDaoImpl();
User user1 = userDao.selectById(1);
//如果user1里的id和查询的id相同,贼查询成功
//注意,要用equals的话要重写user的equals方法
Assert.assertEquals(user1.getId(),1);
}
@Test
public void selectByNametest(){
UserDaoImpl userDao=new UserDaoImpl();
User user = userDao.selectByname("albaa");
//name相同则成功
Assert.assertEquals(user.getName(),"albaa");
}
}总结:JDBC一般用预编译PreparedStatement,防止sql注入。
补充:数据库在对prepareStatement进行预编译后,会将用户穿进来的and 或者or等操作数据库的操作视为普通的字符串,以此达到防止SQL注入的目的。这样就算参数中包含破环性语句(or ‘1=1’)也不会被执行。
executeUpdate()执行增删改操作,executeQuery()执行查询。 JDBC里每次使用sql都要编写sql语句,注入,执行,然后sql语句庞大的,就十分繁琐了。
使用junit断言的时候要合适使用,并理解assertSame和assertEquals的区别,用assertEquals要重写equals方法,否则跟assertSame一样还是比较引用相等
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
