jdbc操作数据库的过程:
1 创建connection
Connection conn = DBConnection.getConnection();
2 定义sql,声明预处理对象PreparedStatement(代替statement,可以有效的解决sql注入攻击问题),定义结果集ResultSet
String findByIDSql = "select * from t_employee where employeeID = ?";
PreparedStatement pstmt = null;
ResultSet rs = null;
4 手动设置参数
pstmt = conn.prepareStatement(findByIDSql);
pstmt.setInt(1, employeeID);
4 结果集检索
rs = pstmt.executeQuery();
5 关闭连接(ResultSet,PreparedStatement,connection)
DBConnection.close(rs);
DBConnection.close(pstmt);
DBConnection.close(conn);
1 创建connection
Connection conn = DBConnection.getConnection();
2 定义sql,声明预处理对象PreparedStatement(代替statement,可以有效的解决sql注入攻击问题),定义结果集ResultSet
String findByIDSql = "select * from t_employee where employeeID = ?";
PreparedStatement pstmt = null;
ResultSet rs = null;
4 手动设置参数
pstmt = conn.prepareStatement(findByIDSql);
pstmt.setInt(1, employeeID);
4 结果集检索
rs = pstmt.executeQuery();
5 关闭连接(ResultSet,PreparedStatement,connection)
DBConnection.close(rs);
DBConnection.close(pstmt);
DBConnection.close(conn);