DATABASE

public class UserInfoDAO {
    //验证登陆名/密码sql语句
    //private -----这个sql语句只在本类内部使用,没有必要public
    //static  -----sql语句仅仅一份就足够了
    //final   -----sql语句一般在运行时不变,final修饰的变量相当于常量
    //常量名所有字母大写
    private static final String SQL_CHECK_USERINFO =
            "SELECT LOGINNAME,USERNAME,PASSWORD,AGE,ADDRESS FROM USERINFO WHERE LOGINNAME=? AND PASSWORD = ?";
    public UserInfoDAO() {
    }
    /**
     * 验证登陆名/密码方法
     * @param u UserInfo
     * @return boolean
     */
    public boolean checkUser(UserInfo u) {
        boolean b = false;//验证是否成功的标识
        Connection conn = null;//数据库连接的引用
        PreparedStatement pstmt = null;//PreparedStatement引用
        ResultSet rs = null;//结果集引用
        //调用ConnectionManager的方法,得到数据库里连接实例
        conn = ConnectionManager.getConnection();
        try {
            //通过Connection的prepareStatement()方法构建PreparedStatement实例,参数为sql语句
            pstmt = conn.prepareStatement(SQL_CHECK_USERINFO);

            //为sql语句中的?赋值,注意序号从1开始
            pstmt.setString(1, u.getLoginName());
            pstmt.setString(2, u.getPassword());

            //执行查询得到结果集
            rs = pstmt.executeQuery();

            //在结果集中循环,如果结果集中有记录意味着验证成功
            b = rs.next();//标识置为true
            while (rs.next()) {
                b = true;//标识置为true
            }
        } catch (SQLException ex) {
            System.out.println(ex.getMessage());
        } finally {
            //注意:一定在finally中释放数据库资源
            cleanUP(rs, pstmt, conn);
        }
        return b;
    }

    private void cleanUP(ResultSet rs, PreparedStatement pstmt, Connection conn) {
        try {
            if (rs != null) {
                rs.close();
            }
            if (pstmt != null) {
                pstmt.close();
            }
            if (conn != null) {
                conn.close();
            }
        } catch (SQLException ex) {
            System.out.println(ex.getMessage());
        }
    }
}