Java Database Connectivity
是一种专门用来通过Java程序操作数据库
导入jar包
使用工具库,获取数据库的连接(用户名,密码)
通过程序执行SQL
通过程序处理结果
package cn.tedu.test;
import java.sql.*;
//测试jdbc入门案例
public class Test1 {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
//注册驱动 Driver
// Class<?> aClass = Class.forName("com.mysql.jdbc.Driver");
//获取连接(用户名 密码 (端口号 url 库名))
//哪里的哪里数据库
String url="jdbc:mysql://localhost:3306/cgb2106?characterEncoding=utf8";
Connection c = DriverManager.getConnection(url, "root", "root");
//获取传输器
Statement s = c.createStatement();
//执行 sql语句
ResultSet resultSet = s.executeQuery("select * from dept");
//处理结果集
while (resultSet.next()){//判断有没有数据
System.out.print(resultSet.getString(1));//第一列
System.out.print(resultSet.getString(2));
System.out.print(resultSet.getString(3));
System.out.println();
// System.out.println(resultSet.getString("deptno"));//字段名
}
//释放资源
resultSet.close();
s.close();
c.close();
}
}
SQL注入(简易破解)
package cn.tedu.test;
import java.sql.*;
import java.util.Scanner;
/*自己准备user2表(id/name/password),准备数据
CREATE TABLE `user` (
`id` int(11) PRIMARY KEY auto_increment,
`name` varchar(10) default NULL,
`password` varchar(10) default NULL
) ;
*/
public class Test4 {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
System.out.println("请输入您的账号:");
String uname = new Scanner(System.in).nextLine();
//简单破解 注入SQL攻击
// if(uname.contains("#")) {
// System.out.println("去你妈的!");
//}
//else {
System.out.println("请输入您的密码:");
String upassword = new Scanner(System.in).nextLine();
//注册驱动
Class<?> aClass = Class.forName("com.mysql.jdbc.Driver");
//获取连接
Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/cgb2106",
"root", "root");
//获取传输
Statement statement = connection.createStatement();
//执行sql
ResultSet resultSet = statement.executeQuery(
"select * from user where name ='" + uname + "' and password ='" + upassword + "'");
//验证
if (resultSet.next()) {
System.out.println("登录成功!");
} else {
System.out.println("登录失败!请重新输入");
}
//关闭资源
resultSet.close();
statement.close();
connection.close();
}
// }
}