使用您的方法,如果在调用conn.close()之前抛出任何异常,则永远不会关闭连接.您需要在try块中获取它(以及语句和结果集)并在finally块中将其关闭.无论是否抛出异常,都将始终执行finally中的任何代码.有了这个,您可以确保关闭昂贵的资源.
这是一个重写:
public int getSiteIdFromName(String name, String company) throws DataAccessException, java.sql.SQLException {
Connection conn = null;
Statement smt = null;
ResultSet rs = null;
int id = 0;
try {
conn = this.getSession().connection();
smt = conn.createStatement();
String query = "SELECT id FROM site WHERE name='" + name + "' and company_id='" + company + "'";
rs = smt.executeQuery(query);
rs.next();
id = rs.getInt("id");
} finally {
if (rs != null) try { rs.close(); } catch (SQLException logOrIgnore) {}
if (smt != null) try { smt.close(); } catch (SQLException logOrIgnore) {}
if (conn != null) try { conn.close(); } catch (SQLException logOrIgnore) {}
}
return id;
}
也就是说,此代码对SQL injection attacks敏感.使用PreparedStatement而不是Statement.
也可以看看: