写在文章的开头,首先需要导入mysql/j 的jar包,去maven仓库直接下载就好
需要操作的数据表
数据表名:user,属性:
一、根据user表创建User实体类
/**
* @author: changqing
* @date: 2021/3/6 16:00
*/
public class User {
private Long id;
private String username;
private String password;
private String nickname;
public User() {
}
public User(Long id, String username, String password, String nickname) {
this.id = id;
this.username = username;
this.password = password;
this.nickname = nickname;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getNickname() {
return nickname;
}
public void setNickname(String nickname) {
this.nickname = nickname;
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", username='" + username + '\'' +
", password='" + password + '\'' +
", nickname='" + nickname + '\'' +
'}';
}
}
二、封装一个JDBC的工具类,用来获取连接对象和关闭资源
import java.sql.*;
/**
* @author: changqing
* @date: 2021/3/6 13:43
*/
public final class JDBCUtil {
private JDBCUtil() {
}
private static final String url = "jdbc:mysql://localhost:3306/jdbctest";
private static final String user = "root";
private static final String password = "123456";
//注册驱动
static {
try {
Class.forName("com.mysql.cj.jdbc.Driver");
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
/**
* 获取数据连接对象
* @return 数据库连接对象
*/
public static Connection getConnection(){
Connection connection = null;
try {
connection = DriverManager.getConnection(url, user, password);
} catch (SQLException e) {
e.printStackTrace();
}
return connection;
}
public static void closeAll(ResultSet set, Statement statement,Connection connection){
if (set != null){
try {
set.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (statement != null){
try {
statement.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (connection != null){
try {
connection.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
三、创建User的数据访问对象UserDao类
import org.jgs2010entity.User;
import org.util.JDBCUtil;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
/**
* @author: changqing
* @date: 2021/3/6 16:07
*/
public class UserDao {
public User getOne(String username,String password) throws SQLException {
//获取连接对象
Connection connection = JDBCUtil.getConnection();
//获取语句执行者,这里用预编译
PreparedStatement preparedStatement =
connection.prepareStatement("select*from user where username = ? and password = ?");
//设置值
preparedStatement.setString(1,username);
preparedStatement.setString(2,password);
//执行sql语句
ResultSet resultSet = preparedStatement.executeQuery();
User user = null;
//将查到的结果存在user对象中
if (resultSet.next()){
user = new User(resultSet.getLong("id"), resultSet.getString("username"),
resultSet.getString("password"), resultSet.getString("nickname"));
}
//释放资源
JDBCUtil.closeAll(resultSet,preparedStatement,connection);
return user;
}
}
四、测试类
/**
* 测试sql注入问题
* @author: changqing
* @date: 2021/3/6 16:36
*/
public class Demo03 {
public static void main(String[] args) throws SQLException {
UserDao userDao = new UserDao();
Scanner scanner = new Scanner(System.in);
while (true){
System.out.println("请输入用户名:");
String username = scanner.nextLine();
System.out.println("请输入密码 :");
String password = scanner.nextLine();
User one = userDao.getOne(username, password);
if (one !=null){
System.out.println("登录成功,欢迎"+one.getNickname());
}else {
System.out.println("用户名或密码错误。");
}
}
}
}