向一个数据表中插入一条记录:
return stu;
}
public void addNewStudent2(Student stu){
String sql = "INSERT INTO examstudent VALUES(?, ?, ?, ?, ?, ?, ?)";
JDBCTools.Update(sql, stu.getFlowid(),stu.getType(),stu.getIdcard(),
stu.getExamcard(), stu.getStudentname(), stu.getLocation(),
stu.getGrade());
}
JDBCTools.java
public class JDBCTools {
/**
使用PreparedStatement拼写 sql 语句:
1) why:
①使用 Statement 需要进行拼写 SQL 语句,很麻烦并且容易出错。
String sql = "INSERT INTO examstudent VALUES("
+ stu.getFlowid() + "," + stu.getType() + ",'"
+ stu.getIdcard() + "','" + stu.getExamcard() + "','"
+ stu.getStudentname() + "','"
+ stu.getLocation() + "'," + stu.getGrade()
+ ")";
2) PreparedStatement:是 Statement 的子接口,可以传入带占位符的 SQL语句,并且
提供了补充占位符变量的方法。
①创建 PreparedStatement:需要传入一个 SQL
String sql = "INSERT INTO examstudent VALUES(?,?,?,?,?,?,?)";
PreparedStatement ps = connection.prepareStatement(sql);
②调用 PreparedStatement 的 SetXxx(int index, Object val)设置占位符的值
index 值从 1 开始。
③执行 SQL 语句: executeQuery() 或 executeUpdate(). 注意:执行时不再需要传入 SQL 语句。
3)可以有效的禁止 SQL注入。
对 Java 而言,要防范 SQL 注入,只要用 PreparedStatement 取代 Statement 就可以了。
*/
public static void Update(String sql, Object...args){
Connection connection = null;
PreparedStatement preparedStatement = null;
try {
connection = JDBCTools.GetConnection();
preparedStatement = connection.prepareStatement(sql);
for(int i = 0; i < args.length; i++){
preparedStatement.setObject(i + 1, args[i]);
}
preparedStatement.executeUpdate();
} catch (Exception e) {
e.printStackTrace();
}finally{
JDBCTools.release(null, preparedStatement, connection);
}
}
/*
*通用的更新的方法:包括 insert,update,delete
public static void Update(String sql){
Connection conn = null;
Statement statement = null;
try {
conn = GetConnection();
statement = conn.createStatement();
statement.executeUpdate(sql);
} catch (Exception e) {
e.printStackTrace();
}finally{
JDBCTools.release(statement, conn);
}
}
*/
//关闭相关资源 public static void release(ResultSet rs, Statement statement, Connection conn){
if(rs != null){
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(statement != null)
try {
statement.close();
} catch (Exception e2) {
e2.printStackTrace();
}
if(conn != null)
try {
conn.close();
} catch (Exception e2) {
e2.printStackTrace();
}
}
/*
* 1. 获取连接的方法 * 通过读配置文件从数据库服务器获取一个连接 */
public static Connection GetConnection() throws Exception{
String driverClass = null;
String jdbcUrl = null;
String user = null;
String password = null;
InputStream in =
JDBCTools.class.getClassLoader().getResourceAsStream("jdbc.properties");
Properties properties = new Properties();
properties.load(in);
driverClass = properties.getProperty("driver");
jdbcUrl = properties.getProperty("jdbcUrl");
user = properties.getProperty("user");
password = properties.getProperty("password");
Driver driver =
(Driver) Class.forName(driverClass).newInstance();
Properties info = new Properties();
info.put("user", user);
info.put("password", password);
Connection connection = driver.connect(jdbcUrl, info);
return connection;
}
}
Student.java
public class Student {
private int flowid;
private int type;
private String idcard;
private String examcard;
private String studentname;
private String location;
private int grade;
public int getFlowid() {
return flowid;
}
public void setFlowid(int flowid) {
this.flowid = flowid;
}
public int getType() {
return type;
}
public void setType(int type) {
this.type = type;
}
public String getIdcard() {
return idcard;
}
public void setIdcard(String idcard) {
this.idcard = idcard;
}
public String getExamcard() {
return examcard;
}
public void setExamcard(String examcard) {
this.examcard = examcard;
}
public String getStudentname() {
return studentname;
}
public void setStudentname(String studentname) {
this.studentname = studentname;
}
public String getLocation() {
return location;
}
public void setLocation(String location) {
this.location = location;
}
public int getGrade() {
return grade;
}
public void setGrade(int grade) {
this.grade = grade;
}
public Student(int flowid, int type, String idcard, String examcard,
String studentname, String location, int grade) {
super();
this.flowid = flowid;
this.type = type;
this.idcard = idcard;
this.examcard = examcard;
this.studentname = studentname;
this.location = location;
this.grade = grade;
}
public Student() {
super();
}
@Override
public String toString() {
return "Student [flowid=" + flowid + ", type=" + type + ", idcard="
+ idcard + ", examcard=" + examcard + ", studentname="
+ studentname + ", location=" + location + ", grade=" + grade
+ "]";
}
}