知识回顾:
JavaWeb之Java基础知识增强
文章目录
1.概念
- 概念:Java DataBase Connectivity Java 数据库连接, Java语言操作数据库
- JDBC本质:其实是官方(sun公司)定义的一套操作所有关系型数据库的规则,即接口。各个数据库厂商去实现这套接口,提供数据库驱动jar包。我们可以使用这套接口(JDBC)编程,真正执行的代码是驱动jar包中的实现类。
2. 快速入门:
2.1 步骤:
- 导入驱动jar包 mysql-connector-java-5.1.37-bin.jar
- 复制mysql-connector-java-5.1.37-bin.jar到项目的libs目录下
- 右键–>Add As Library
- 注册驱动
- 获取数据库连接对象 Connection
- 定义sql
- 获取执行sql语句的对象 Statement
- 执行sql,接受返回结果
- 处理结果
- 释放资源
2.2 代码实现
//1. 导入驱动jar包
//2.注册驱动
Class.forName("com.mysql.jdbc.Driver");
//3.获取数据库连接对象
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/db3", "root", "root");
//4.定义sql语句
String sql = "update account set balance = 500 where id = 1";
//5.获取执行sql的对象 Statement
Statement stmt = conn.createStatement();
//6.执行sql
int count = stmt.executeUpdate(sql);
//7.处理结果
System.out.println(count);
//8.释放资源
stmt.close();
conn.close();
package com.weeks.jdbc;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
/**
* JDBC 的快速入门
*/
public class JDBCDemo {
public static void main(String[] args) throws Exception {
//1.注册驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取链接
String url = "jdbc:mysql://localhost:3306/javaweb";
String username = "root";
String password = "root123";
Connection conn = DriverManager.getConnection(url, username, password);
//3.定义sql
String sql = "update user set name='rising' where id=202101";
//4.获取执行sql的对象
Statement statement = conn.createStatement();
//5.执行sql语句
int i = statement.executeUpdate(sql);
//6.处理结果
System.out.println(i);
//8.释放资源
statement.close();
conn.close();
}
}
3.详解各个对象
3.1 DriverManager:驱动管理对象
- 功能:
- 注册驱动:告诉程序该使用哪一个数据库驱动jar
static void registerDriver(Driver driver) :注册与给定的驱动程序 DriverManager 。
- 写代码使用:
Class.forName("com.mysql.jdbc.Driver");
- 通过查看源码发现:在com.mysql.jdbc.Driver类中存在静态代码块
- 注册驱动:告诉程序该使用哪一个数据库驱动jar
static {
try {
java.sql.DriverManager.registerDriver(new Driver());
} catch (SQLException E) {
throw new RuntimeException("Can't register driver!");
}
}
注意:mysql5之后的驱动jar包可以省略注册驱动的步骤。
- 获取数据库连接:
- 方法:
static Connection getConnection(String url, String user, String password)
- 参数:
- url:指定连接的路径
- 语法:jdbc:mysql://ip地址(域名):端口号/数据库名称
- 例子:jdbc:mysql://localhost:3306/db3
- 细节:如果连接的是本机mysql服务器,并且mysql服务默认端口是3306,则url可以简写为:jdbc:mysql:///数据库名称
- user:用户名
- password:密码
- 方法:
3.2 Connection:数据库连接对象
- 功能:
- 获取执行sql 的对象
- Statement createStatement()
- PreparedStatement prepareStatement(String sql)
- 获取执行sql 的对象
- 管理事务:
- 开启事务:setAutoCommit(boolean autoCommit) :调用该方法设置参数为false,即开启事务
- 提交事务:commit()
- 回滚事务:rollback()
3.3 Statement:执行sql的对象
- 执行sql
- boolean execute(String sql) :可以执行任意的sql 了解
- int executeUpdate(String sql) :执行DML(insert、update、delete)语句、DDL(create,alter、drop)语句
- 返回值:影响的行数,可以通过这个影响的行数判断DML语句是否执行成功 返回值>0的则执行成功,反之,则失败。
- ResultSet executeQuery(String sql) :执行DQL(select)语句
- 练习:
- account表 添加一条记录
- account表 修改记录
- account表 删除一条记录
package com.weeks.jdbc;
import org.junit.Test;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
/**
* jdbc增删改测试
*/
public class JDBCDemo2 {
@Test
public void testInsert(){
Statement stmt = null;
Connection conn = null;
try {
//1.导入驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接对象
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/db2", "root", "root123");
//3.定义sql语句
String sql = "insert into account (name, balance) values ('wangwu', 2000)";
//4.定义执行sql的对象
stmt = conn.createStatement();
//5.执行sql语句
int count = stmt.executeUpdate(sql);
//6.处理结果
System.out.println(count);
} catch (ClassNotFoundException | SQLException e) {
e.printStackTrace();
} finally {
//7.关闭资源
if(stmt != null){//防止空指针异常
try {
stmt.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if(conn != null){
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
}
@Test
public void testUpdate(){
Statement stmt = null;
Connection conn = null;
try {
//1.导入驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接对象
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/db2", "root", "root123");
//3.定义sql语句
String sql = "update account set balance='1000' where id=3";
//4.定义执行sql的对象
stmt = conn.createStatement();
//5.执行sql语句
int count = stmt.executeUpdate(sql);
//6.处理结果
System.out.println(count);
} catch (ClassNotFoundException | SQLException e) {
e.printStackTrace();
} finally {
//7.关闭资源
if(stmt != null){//防止空指针异常
try {
stmt.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if(conn != null){
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
}
@Test
public void testDelete(){
Statement stmt = null;
Connection conn = null;
try {
//1.导入驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接对象
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/db2", "root", "root123");
//3.定义sql语句
String sql = "delete from account where id = 4";
//4.定义执行sql的对象
stmt = conn.createStatement();
//5.执行sql语句
int count = stmt.executeUpdate(sql);
//6.处理结果
System.out.println(count);
} catch (ClassNotFoundException | SQLException e) {
e.printStackTrace();
} finally {
//7.关闭资源
if(stmt != null){//防止空指针异常
try {
stmt.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if(conn != null){
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
}
}
3.4 ResultSet:结果集对象,封装查询结果
-
boolean next(): 游标向下移动一行,判断当前行是否是最后一行末尾(是否有数据),如果是,则返回false,如果不是则返回true
-
getXxx(参数):获取数据
-
Xxx:代表数据类型 如: int getInt() , String getString()
-
参数:
- int:代表列的编号,从1开始 如: getString(1)
- String:代表列名称。 如: getDouble(“balance”)
- 注意:
- 使用步骤:
- 游标向下移动一行
- 判断是否有数据
- 获取数据
- 使用步骤:
-
-
练习:
- 定义一个方法,查询emp表的数据将其封装为对象,然后装载集合,返回。
- 定义Emp类
- 定义方法 public List findAll(){}
- 实现方法 select * from emp;
- 定义一个方法,查询emp表的数据将其封装为对象,然后装载集合,返回。
create table emp(
id int primary key,
ename varchar(50),
job_id int,
mgr int,
joindate date,
salary decimal(7, 2),
bonus decimal(7, 2),
dept_id int,
);
INSERT INTO emp(id,ename,job_id,mgr,joindate,salary,bonus,dept_id) VALUES
(1001,'孙悟空',4,1004,'2000-12-17','8000.00',NULL,20),
(1002,'卢俊义',3,1006,'2001-02-20','16000.00','3000.00',30),
(1003,'林冲',3,1006,'2001-02-22','12500.00','5000.00',30),
(1004,'唐僧',2,1009,'2001-04-02','29750.00',NULL,20),
(1005,'李逵',4,1006,'2001-09-28','12500.00','14000.00',30),
(1006,'宋江',2,1009,'2001-05-01','28500.00',NULL,30),
(1007,'刘备',2,1009,'2001-09-01','24500.00',NULL,10),
(1008,'猪八戒',4,1004,'2007-04-19','30000.00',NULL,20),
(1009,'罗贯中',1,NULL,'2001-11-17','50000.00',NULL,10),
(1010,'吴用',3,1006,'2001-09-08','15000.00','0.00',30),
(1011,'沙僧',4,1004,'2007-05-23','11000.00',NULL,20),
(1012,'李逵',4,1006,'2001-12-03','9500.00',NULL,30),
(1013,'小白龙',4,1004,'2001-12-03','30000.00',NULL,20),
(1014,'关羽',4,1007,'2002-01-23','13000.00',NULL,10);
package com.weeks.domain;
import java.util.Date;
public class Emp {
private Integer id;
private String name;
private Integer jobId;
private Integer manager;
private Date joinDate;
private double salary;
private double bonus;
private Integer deptId;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getJobId() {
return jobId;
}
public void setJobId(Integer jobId) {
this.jobId = jobId;
}
public Integer getManager() {
return manager;
}
public void setManager(Integer manager) {
this.manager = manager;
}
public Date getJoinDate() {
return joinDate;
}
public void setJoinDate(Date joinDate) {
this.joinDate = joinDate;
}
public double getSalary() {
return salary;
}
public void setSalary(double salary) {
this.salary = salary;
}
public double getBonus() {
return bonus;
}
public void setBonus(double bonus) {
this.bonus = bonus;
}
public Integer getDeptId() {
return deptId;
}
public void setDeptId(Integer deptId) {
this.deptId = deptId;
}
@Override
public String toString() {
return "Emp{" +
"id=" + id +
", name='" + name + '\'' +
", jobId=" + jobId +
", manager=" + manager +
", joinDate=" + joinDate +
", salary=" + salary +
", bonus=" + bonus +
", deptId=" + deptId +
'}';
}
}
package com.weeks.jdbc;
import com.weeks.domain.Emp;
import org.junit.Test;
import java.sql.*;
import java.util.ArrayList;
import java.util.List;
/**
* jdbc ResultSet测试
*/
public class JDBCDemo4 {
@Test
public void testResultSet(){
ResultSet resultSet = null;
Statement stmt = null;
Connection conn = null;
try {
//1.导入驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接对象
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/db3", "root", "root123");
//3.定义sql语句
String sql = "select * from emp";
//4.定义执行sql的对象
stmt = conn.createStatement();
//5.执行sql语句
resultSet = stmt.executeQuery(sql);
//6.处理结果
Emp emp = null;
List<Emp> emps = new ArrayList<>();
while(resultSet.next()){
//获取数据数据
int id = resultSet.getInt("id");
String name = resultSet.getString("ename");
int jobId = resultSet.getInt("job_id");
int manager = resultSet.getInt("mgr");
Date joinDate = resultSet.getDate("joindate");
double salary = resultSet.getDouble("salary");
double bonus = resultSet.getDouble("bonus");
int deptId = resultSet.getInt("dept_id");
//创建emp对象并赋值
emp = new Emp();
emp.setId(id);
emp.setName(name);
emp.setJobId(jobId);
emp.setManager(manager);
emp.setJoinDate(joinDate);
emp.setSalary(salary);
emp.setBonus(bonus);
emp.setDeptId(deptId);
emps.add(emp);
}
System.out.println(emps);
} catch (ClassNotFoundException | SQLException e) {
e.printStackTrace();
} finally {
//7.关闭资源
if(resultSet != null){
try {
resultSet.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if(stmt != null){//防止空指针异常
try {
stmt.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if(conn != null){
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
}
}
3.5 PreparedStatement:执行sql的对象
- SQL注入问题:在拼接sql时,有一些sql的特殊关键字参与字符串的拼接。会造成安全性问题
package com.weeks.jdbc;
import com.weeks.utils.JDBCUtils;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
/**
* 练习:
* 1.通过键盘录入用户名和密码
* 2.判断用户是否登录成功
*/
public class JDBCDome6 {
public static void main(String[] args) {
//1.定义接受键盘输入对象
Scanner sc = new Scanner(System.in);
//2.获取键盘输入
System.out.println("请输入用户名:");
String user = sc.next();
System.out.println("请输入密码:");
String pwd = sc.next();
//3.登录验证
boolean flag = JDBCDome6.login(user, pwd);
//4.判断登陆是否成功
if(flag){
System.out.println("登陆成功!");
} else{
System.out.println("登陆失败!");
}
}
public static boolean login(String user, String pwd){
if(user == null || pwd == null){
return false;
}
Connection conn = null;
Statement stmt = null;
ResultSet resultSet = null;
try {
//1.获取数据库连接
conn = JDBCUtils.getConnection();
//2.定义sql语句
String sql = "select * from user where name='" + user + "' and pwd='" + pwd + "'";
//3.定义执行sql的对象
stmt = conn.createStatement();
//4.执行sql语句
resultSet = stmt.executeQuery(sql);
//5.处理结果
return resultSet.next();
} catch (SQLException e) {
e.printStackTrace();
} finally {
//6.关闭资源
JDBCUtils.close(resultSet, stmt, conn);
}
return false;
}
}
1. 输入用户随便,输入密码:a' or 'a' = 'a
2. sql:select * from user where username = 'fhdsjkf' and password = 'a' or 'a' = 'a'
2. 解决sql注入问题:使用PreparedStatement对象来解决
3. 预编译的SQL:参数使用?作为占位符
4. 步骤:
1. 导入驱动jar包 mysql-connector-java-5.1.37-bin.jar
2. 注册驱动
3. 获取数据库连接对象 Connection
4. 定义sql
* 注意:sql的参数使用?作为占位符。 如:select * from user where username = ? and password = ?;
5. 获取执行sql语句的对象 PreparedStatement Connection.prepareStatement(String sql)
6. 给?赋值:
* 方法: setXxx(参数1,参数2)
* 参数1:?的位置编号 从1 开始
* 参数2:?的值
7. 执行sql,接受返回结果,不需要传递sql语句
8. 处理结果
9. 释放资源
package com.weeks.jdbc;
import com.weeks.utils.JDBCUtils;
import java.sql.*;
import java.util.Scanner;
/**
* 练习:使用PreparedStatement完成
* 1.通过键盘录入用户名和密码
* 2.判断用户是否登录成功
*/
public class JDBCDome7 {
public static void main(String[] args) {
//1.定义接受键盘输入对象
Scanner sc = new Scanner(System.in);
//2.获取键盘输入
System.out.println("请输入用户名:");
String user = sc.next();
System.out.println("请输入密码:");
String pwd = sc.next();
//3.登录验证
boolean flag = JDBCDome7.login(user, pwd);
//4.判断登陆是否成功
if(flag){
System.out.println("登陆成功!");
} else{
System.out.println("登陆失败!");
}
}
public static boolean login(String user, String pwd){
if(user == null || pwd == null){
return false;
}
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet resultSet = null;
try {
//1.获取数据库连接
conn = JDBCUtils.getConnection();
//2.定义sql语句
String sql = "select * from user where name=? and pwd=?";
//3.定义执行sql的对象
pstmt = conn.prepareStatement(sql);
//给?赋值
pstmt.setString(1, user);
pstmt.setString(2, pwd);
//4.执行sql语句
resultSet = pstmt.executeQuery();
//5.处理结果
return resultSet.next();
} catch (SQLException e) {
e.printStackTrace();
} finally {
//6.关闭资源
JDBCUtils.close(resultSet, pstmt, conn);
}
return false;
}
}
- 注意:后期都会使用PreparedStatement来完成增删改查的所有操作
1. 可以防止SQL注入
2. 效率更高
4.抽取JDBC工具类 : JDBCUtils
- 目的:简化书写
- 分析:
- 注册驱动也抽取
- 抽取一个方法获取连接对象
- 需求:不想传递参数(麻烦),还得保证工具类的通用性。
- 解决:配置文件
driver=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/db2
user=root
password=root123
-
抽取一个方法释放资源
-
代码实现:
package com.weeks.utils;
import java.io.IOException;
import java.io.InputStream;
import java.sql.*;
import java.util.Properties;
public class JDBCUtils {
//定义获取数据库连接的变量
private static String url;
private static String user;
private static String password;
private static String driver;
/**
* 使用静态代码块加载资源文件,随着类的加载只加载一次
*/
static{
//1.定义Properties对象加载资源文件
Properties properties = new Properties();
//2.通过类加载器获取资源文件路径
ClassLoader classLoader = JDBCUtils.class.getClassLoader();
InputStream resourceAsStream = classLoader.getResourceAsStream("jdbc.properties");
try {
properties.load(resourceAsStream);
url = properties.getProperty("url");
user = properties.getProperty("user");
password = properties.getProperty("password");
driver = properties.getProperty("driver");
//3.加载驱动
Class.forName(driver);
} catch (IOException | ClassNotFoundException e) {
e.printStackTrace();
}
};
/**
* 获取数据库连接
*/
public static Connection getConnection() throws SQLException {
return DriverManager.getConnection(url, user, password);
}
/**
* 关闭资源
*/
public static void close(ResultSet rs, Statement stmt, Connection conn){
if(rs != null){//防止空指针异常
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (stmt != null){
try {
stmt.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (conn != null){
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
/**
* 重载关闭资源方法
*/
public static void close(Statement stmt, Connection conn){
close(null, stmt, conn);
}
}
- 练习:
-
需求:
- 通过键盘录入用户名和密码
- 判断用户是否登录成功
- select * from user where username = “” and password = “”;
- 如果这个sql有查询结果,则成功,反之,则失败
-
步骤:
- 创建数据库表 user
-
CREATE TABLE USER(
id INT PRIMARY KEY AUTO_INCREMENT,
username VARCHAR(32),
PASSWORD VARCHAR(32)
);
INSERT INTO USER VALUES(NULL,'zhangsan','123');
INSERT INTO USER VALUES(NULL,'lisi','234');
- 代码实现:
package com.weeks.jdbc;
import com.weeks.utils.JDBCUtils;
import java.sql.*;
import java.util.Scanner;
/**
* 练习:使用PreparedStatement完成
* 1.通过键盘录入用户名和密码
* 2.判断用户是否登录成功
*/
public class JDBCDome7 {
public static void main(String[] args) {
//1.定义接受键盘输入对象
Scanner sc = new Scanner(System.in);
//2.获取键盘输入
System.out.println("请输入用户名:");
String user = sc.next();
System.out.println("请输入密码:");
String pwd = sc.next();
//3.登录验证
boolean flag = JDBCDome7.login(user, pwd);
//4.判断登陆是否成功
if(flag){
System.out.println("登陆成功!");
} else{
System.out.println("登陆失败!");
}
}
public static boolean login(String user, String pwd){
if(user == null || pwd == null){
return false;
}
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet resultSet = null;
try {
//1.获取数据库连接
conn = JDBCUtils.getConnection();
//2.定义sql语句
String sql = "select * from user where name=? and pwd=?";
//3.定义执行sql的对象
pstmt = conn.prepareStatement(sql);
//给?赋值
pstmt.setString(1, user);
pstmt.setString(2, pwd);
//4.执行sql语句
resultSet = pstmt.executeQuery();
//5.处理结果
return resultSet.next();
} catch (SQLException e) {
e.printStackTrace();
} finally {
//6.关闭资源
JDBCUtils.close(resultSet, pstmt, conn);
}
return false;
}
}
5.JDBC控制事务
-
事务:一个包含多个步骤的业务操作。如果这个业务操作被事务管理,则这多个步骤要么同时成功,要么同时失败。
-
操作:
- 开启事务
- 提交事务
- 回滚事务
-
使用Connection对象来管理事务
- 开启事务:setAutoCommit(boolean autoCommit) :调用该方法设置参数为false,即开启事务
- 在执行sql之前开启事务
- 提交事务:commit()
- 当所有sql都执行完提交事务
- 回滚事务:rollback()
- 在catch中回滚事务
- 开启事务:setAutoCommit(boolean autoCommit) :调用该方法设置参数为false,即开启事务
-
代码:
package com.weeks.jdbc;
import com.weeks.utils.JDBCUtils;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Scanner;
/**
* JDBC 事务
*/
public class JDBCDome8 {
public static void main(String[] args) {
Connection conn = null;
PreparedStatement pstmt1 = null;
PreparedStatement pstmt2 = null;
try {
//1.获取连接
conn = JDBCUtils.getConnection();
//2.开启事务
conn.setAutoCommit(false);
//3.定义sql语句
String sql1 = "update account set balance=balance-? where id=?";
String sql2 = "update account set balance=balance+? where id=?";
//4.定义执行sql的对象
pstmt1 = conn.prepareStatement(sql1);
pstmt2 = conn.prepareStatement(sql2);
//5.给?赋值
pstmt1.setDouble(1, 500);
pstmt1.setInt(2, 1);
pstmt2.setDouble(1, 500);
pstmt2.setInt(2, 2);
//6.执行sql
pstmt1.executeUpdate();
//手动发出异常
int i = 2 / 0;
pstmt2.executeUpdate();
//7.提交事务
conn.commit();
} catch (Exception e) {
//8.发生异常回滚事务
try {
if(conn != null) {
conn.rollback();
}
} catch (SQLException throwables) {
throwables.printStackTrace();
}
e.printStackTrace();
} finally {
JDBCUtils.close(pstmt1, conn);
JDBCUtils.close(pstmt2, null);
}
}
}