1.next(): 游标向下移动一行
2.getXxx(): 获取数据
1.Xxx代表数据类型如:intgetInt()2.参数:1.int: 代表列表的编号,从1开始
2.String : 代表列的名称
3.注意:1.游标向下移动一行
2.判断是否有数据
3.获取数据
4.伪代码
while(rs.next()){int id = rs.getInt(1);String name = rs.getString("name");System.out.println(id+"--"+name);}
PreparedStatement: 执行动态(预编译)sql的对象
1.SQL注入问题:1.String sql ="select * from user where uname = '"+name+"' and password = '"+pwd+"'";2.此时用户名随便写,密码写 a' or 'a' = 'a 就可以登录
2.预编译sql:sql的参数使用占位符
1.例如 select * from user where uname =? and password =?;2.获取sql执行对象:PreparedStatementConnection.prepareStatement(String sql)3.给?赋值:setXxx(问号位置1开始,值)
//2.@Testpublicvoidtest_queryForMap(){JdbcTemplate jt =newJdbcTemplate(JDBCUtils.getDataSource());Map<String,Object> map = jt.queryForMap("SELECT * FROM emp WHERE id=?",3);System.out.println(map);}//3.@Testpublicvoidtest_queryForList(){JdbcTemplate jt =newJdbcTemplate(JDBCUtils.getDataSource());List<Map<String,Object>> list = jt.queryForList("SELECT * FROM emp");for(Map<String,Object> map : list){System.out.println(map);}}//4.@Testpublicvoidtest_queryForObject_RowMapper(){JdbcTemplate jt =newJdbcTemplate(JDBCUtils.getDataSource());
emp emp = jt.queryForObject("SELECT * FROM emp WHERE id=?",newBeanPropertyRowMapper<>(emp.class),3);/**
* 这里rowmapper是一个接口,快捷键Ctrl+H查看选中接口的结构图,使用BeanPropertyRowMapper<>(类名.class)
*/System.out.println(emp);}//5.@Testpublicvoidtest_queryFor(){JdbcTemplate jt =newJdbcTemplate(JDBCUtils.getDataSource());List<emp> empList = jt.query("SELECT * FROM emp",newBeanPropertyRowMapper<>(emp.class));for(emp emp : empList){System.out.println(emp);}}