jdbc.properties内容如下,放src下面
#ORACLE
driver=oracle.jdbc.driver.OracleDriver
url=jdbc:oracle:thin:@127.0.0.1:1521:orcl
userName=ZHAOYANG
password=ZHAOYANG
package study;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Properties;
import org.apache.tomcat.dbcp.dbcp2.ConnectionFactory;
public class ConnectFactory {
private static Connection connection=null;
static {
try {
Properties p=new Properties();
p.load(ConnectionFactory.class.getClassLoader().getResourceAsStream("jdbc.properties"));
String driver=p.getProperty("driver");
String url=p.getProperty("url");
String userName=p.getProperty("userName");
String password=p.getProperty("password");
System.out.println(driver);
Class.forName(driver);
connection=DriverManager.getConnection(url,userName,password);
} catch (IOException e) {
e.printStackTrace();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
}
public static Connection getConnection() {
return connection;
}
public static void main(String[] args) {
System.out.println(connection);
}
}
executeQuery
package study;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class QueryData {
public static void main(String[] args) {
query();
}
public static void query() {
try {
Statement state=ConnectFactory.getConnection().createStatement();
String sql="SELECT * FROM AA_EMP";
ResultSet rs=state.executeQuery(sql);
String name="";
while(rs.next()) {
name+=rs.getString("ENAME")+",";
}
System.out.println(name);
ConnectFactory.getConnection().close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
executeUpdate
package study;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
public class INUPDEData {
public static void main(String[] args) {
changeData();
}
public static void changeData() {
try {
Connection connection=ConnectFactory.getConnection();
Statement state=connection.createStatement();
String sql="DELETE FROM AA_EMP WHERE ENAME='1'";
int num=state.executeUpdate(sql);
System.out.println(num);
connection.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
execute
返回值为true时,表示执行的是查询语句,可以通过getResultSet方法获取结果;
返回值为false时,执行的是更新语句或DDL语句。
package study;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class QUINUPDEData {
public static void main(String[] args) {
queryChangeData();
}
public static void queryChangeData() {
try {
Connection connection=ConnectFactory.getConnection();
Statement state=connection.createStatement();
String sql1="SELECT * FROM AA_EMP";
boolean judge1=state.execute(sql1);
System.out.println(judge1);//true
if(judge1) {
ResultSet rs=state.getResultSet();
while(rs.next()) {
System.out.println(rs.getString("ENAME"));
}
}
String sql2="UPDATE AA_EMP SET ENAME='666'";
boolean judge2=state.execute(sql2);
System.out.println(judge2);//false
connection.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
PreparedStatement防止sql注入
//采用PrepareStatement
@Test //不会被黑:如输入name值为: a' or '1'='1
public void login2() throws Exception{
Connection con=ConnectionFactory.getConnection();
Scanner input=new Scanner(System.in);
String id = input.nextLine();
String name = input.nextLine();
int age = Integer.parseInt(input.nextLine());
//创建预处理语句对象
String sql= "select count(*) from stud where id=? and name=?";//凡是用户输入的地方,用“?”号(称占位符)填入
PreparedStatement ps=con.prepareStatement(sql);
//给占位设置值---设置参数
ps.setString(1, id);
ps.setString(2, name);
ResultSet rs=ps.executeQuery();//这里不能传参数sql
rs.next();
int n=rs.getInt(1);
if (n<=0){
System.out.println("登录失败!");
} else {
System.out.println("登陆成功!");
}
con.close();
}
