JDBC
JDBC介绍
▪ JDBC(Java Database Connectivity)是基于JAVA语言访问数据库的一种技术。
▪ JDBC(Java Data Base Connectivity,java数据库连接)是一种用于执行SQL语句的Java API,可以为多种关系数据库提供统一访问,它由一组用Java语言编写的类和接口组成。JDBC提供了一种基准,据此可以构建更高级的工具和接口,使数据库开发人员能够编写数据库应用程序,同时,JDBC也是个商标名。
▪ JDBC的设计思想:由SUN公司(JCP)提供访问数据库的接口,由数据库厂商提供对这些接口的实现,程序员编程时都是针对接口进行编程的。
▪ JDBC包括一套JDBC的API和一套程序员和数据库厂商都必须去遵守的规范。
– java.sql包:提供访问数据库基本的功能
– javax.sql包:提供扩展的功能
▪ 数据库中间件
▪ JDBC可以做些什么?
– 连接到数据库
– 在Java app中执行SQL命令
– 处理结果。
面向接口编程 java.sql.*
1、java.sql.Driver : -->驱动
2、java.sql.Connection -->连接
3、java.sql.Statement -->静态处理块
java.sql.PreparedStatement -->预处理块
4、java.sql.ResultSet -->结果集
5、java.sql.ResultSetMetaData -->结果集元数据
搭建JDBC
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
/*
1.倒入mysql驱动包
2.注册驱动
3.建立与mysql的连接通道
4.向mysql发送sql语句
5.接收返回结果
6.关闭连接通道
*/
public class JDBCTest {
public static void main(String[] args) {
try {//以java反射机制来创建此对象
Class.forName("com.mysql.cj.jdbc.Driver");
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
//characterEncoding=utf8 编码设置
//连接mysql8必须要设置时区 serverTimezone=Asia/Shanghai
String url = "jdbc:mysql://127.0.0.1:3306/student?characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai";
try {
//Connection是接口,实际返回的是mysql的实现类对象(多态)
Connection connection = DriverManager.getConnection(url,"root","111111");
//发送sql 由Statement发送对象
Statement st = connection.createStatement();
st.executeUpdate("insert into major(mname) values ('信管')");
//关闭相关链接
st.close();
connection.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
插入删除
Statement
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
/*
不建议使用
*/
public class JDBCTest2 {
public static void main(String[] args){
try {
save();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
public static void save() throws ClassNotFoundException, SQLException {
int num = 107;
String name = "tom";
String gender = "男";
String birthday = "2001-9-1";
float height = 1.78f;
Connection connection = null;
Statement st = null;
try{
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://127.0.0.1:3306/student?characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai";
connection = DriverManager.getConnection(url, "root", "111111");
st = connection.createStatement();
st.executeUpdate("insert into student(num,sanme,gender,birthday,height) values("+num+",'"+name+"','"+gender+"','"+birthday+"',"+height+") ");
}finally {
if(st!=null){
st.close();
}
if(connection!=null){
connection.close();
}
}
}
}
PrepareStatement
插入
import java.sql.*;
public class JDBCTest3 {
public static void main(String[] args){
try {
save();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
public static void save() throws ClassNotFoundException, SQLException {
int num = 107;
String name = "tom";
String gender = "男";
String birthday = "2001-9-1";
float height = 1.78f;
Connection connection = null;
PreparedStatement ps = null;
try{
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://127.0.0.1:3306/student?characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai";
connection = DriverManager.getConnection(url, "root", "111111");
//使用PrepareStatement发送sql,建议使用!!!
//预编译sql
//?是占位符,表示此处需要传入一个值,只是将sql编译到ps中
ps = connection.prepareStatement("insert into student(num,sname,gender,birthday,height)"+
"values(?,?,?,?,?)");
//向sql中的占位符赋值 赋值时可以对值进行检测
ps.setObject(1, num);
ps.setObject(2, name);
ps.setObject(3, gender);
ps.setObject(4, birthday);
ps.setObject(5, height);
//执行sql
ps.executeUpdate();
}finally {
if(ps!=null){
ps.close();
}
if(connection!=null){
connection.close();
}
}
}
}
删除
import java.sql.*;
public class JDBCTest3 {
public static void main(String[] args){
try {
//save();
delete();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
public static void delete() throws ClassNotFoundException, SQLException {
String id = "7";
Connection connection = null;
PreparedStatement ps = null;
try{
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://127.0.0.1:3306/student?characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai";
connection = DriverManager.getConnection(url, "root", "111111");
//使用PrepareStatement发送sql,建议使用!!!
//预编译sql
//?是占位符,表示此处需要传入一个值,只是将sql编译到ps中
ps = connection.prepareStatement("delete from student where id = ?");
//向sql中的占位符赋值 赋值时可以对值进行检测
ps.setObject(1, id);
//执行sql
ps.executeUpdate();
}finally {
if(ps!=null){
ps.close();
}
if(connection!=null){
connection.close();
}
}
}
}
Statement和PrepareStatement的区别
Statement 传参时是直接将变量拼接到字符中,不能防止sql注入
st.executeUpdate("insert into student(num,sanme,gender,birthday,height) values("+num+",'"+name+"','"+gender+"','"+birthday+"',"+height+") ");
PrepareStatement输入方式优雅,重点是可以防止sql注入
ps = connection.prepareStatement("insert into student(num,sname,gender,birthday,height)"+
"values(?,?,?,?,?)");
//一个问号只能传入一个关键字,防止恶意攻击
//向sql中的占位符赋值 赋值时可以对值进行检测
ps.setObject(1, num);
ps.setObject(2, name);
ps.setObject(3, gender);
ps.setObject(4, birthday);
ps.setObject(5, height);
//执行sql
ps.executeUpdate();
查询
import java.sql.*;
public class JDBCTest4 {
public static void main(String[] args){
try {
Student student = query1("李四");
System.out.println(student);
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
public static Student query1(String name) throws ClassNotFoundException, SQLException {
Connection connection = null;
PreparedStatement ps = null;
ResultSet rs = null;
try{
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://127.0.0.1:3306/student?characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai";
connection = DriverManager.getConnection(url, "root", "111111");
//查询语句是由返回结果的,如何接收?
//通过学号查询,只返回一条记录 向sql中传入参数并返回
ps = connection.prepareStatement("select id,num,sname,gender,birthday,height,register_time from student where sname=?");
ps.setObject(1, name);
rs = ps.executeQuery();//执行查询语句,接收返回结果 在java中存储结果
Student student = new Student();
//循环ResultSet next() 将光标移到下一行,如果有数据返回true,反之false
while (rs.next()){
student.setId(rs.getInt("id"));
student.setNum(rs.getInt("num"));
student.setName(rs.getString("sname"));
student.setGender(rs.getString("gender"));
student.setBirthday(rs.getDate("birthday"));
student.setHeight(rs.getFloat("height"));
student.setRegisterTime(rs.getTimestamp("register_time"));
}
return student;
}finally {
if(rs!=null){
rs.close();
}
if(ps!=null){
ps.close();
}
if(connection!=null){
connection.close();
}
}
}
}