方法一 通过statement对象进行操作
首先先把准备工作做一下, 新建连接建立好数据库并导入相关数据
然后就可以开始建立连接了
1.加载驱动,连接数据库
Class.forName("com.mysql.jdbc.Driver")//加载驱动
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/test","root", "123456");
//获取连接对象,test为所创建的数据库名称,root为自己的数据库用户名,123456为自己的密码
Statement statement = conn.createStatement();
//通过连接对象获取到操作数据库的对象Statement
2.查操作
遍历查询
String sql = "select * from user";//编写SQL语句
ResultSet rs = statement.executeQuery(sql);//通过定义好的报表对象statement执行SQL语句
while(rs.next()) {
System.out.print("编号"+rs.getInt(1));
System.out.print("\t姓名"+rs.getString("name"));
System.out.print("\t年龄"+rs.getInt(3));
System.out.println("\t姓名"+rs.getString(4));}
//循环遍历,取出数据,rs.getInt(),括号中可以填写列名称或者处在的列数
运行结果
条件查询
Scanner input = new Scanner(System.in);
System.out.println("请输入您要查找的名字");
String name =input.next();
String sql = "select * from user where name=" +"'"+name+"'";
ResultSet rs = statement.executeQuery(sql);
while(rs.next()) {
System.out.print("编号"+rs.getInt(1));
System.out.print("\t姓名"+rs.getString("name"));
System.out.print("\t年龄"+rs.getInt(3));
System.out.println("\t姓名"+rs.getString(4));}
运行结果
3.改操作
Scanner input = new Scanner(System.in);
System.out.println("请输入您要改的编号");
int num = input.nextInt();
System.out.println("请输入修改以后的名字");
String name = input.next();
String sql = "update user set name = " + "'" +name+"'"+"where id =" +num;
int result = statement.executeUpdate(sql);
System.out.println(result>0 ? "修改成功" : "修改失败");
运行结果:
4.删操作
Scanner input = new Scanner(System.in);
System.out.println("请输入您要删除的人员编号");
int id = input.nextInt();
String sql = "delete from user where id = "+id;
int rs = statement.executeUpdate(sql);
if(rs!=0) {
System.out.println("删除成功");
}
else {
System.out.println("删除失败");
}
运行结果
5.增操作
Scanner input = new Scanner(System.in);
System.out.println("请输入人员编号");
int id = input.nextInt();
System.out.println("请输入名字");
String name = input.next();
System.out.println("请输入年龄");
int age = input.nextInt();
System.out.println("请输入性别");
String sex = input.next();
String sql = "insert into user(id,name,age,sex) "+
"value ("+id+",'"+name+"',"+age+",'"+sex+"')";
int rs = statement.executeUpdate(sql);
if(rs != 0) {
System.out.println("插入成功");}
else {
System.out.println("插入失败");}
运行结果
完整代码(查询操作的例子)
package com.JDBC.test1;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class TestQuery {
public static void main(String[] args) {
Connection conn = null;
ResultSet rs = null;
try {
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/test","root", "123456");
Statement statement = conn.createStatement();
String sql = "select * from user";
rs = statement.executeQuery(sql);
while(rs.next()) {
System.out.print("编号"+rs.getInt(1));
System.out.print("\t姓名"+rs.getString("name"));
System.out.print("\t年龄"+rs.getInt(3));
System.out.println("\t姓名"+rs.getString(4));}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
finally {
if(rs != null) {
try {
rs.close();
} catch (Exception e) {
e.printStackTrace();
}
}
else if(conn != null) {
try {
conn.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
}
6.总结
通过插入操作可以发现使用Statement对象操作SQL的时候要输入多个“”和’‘很容易在编写程序的时候出现问题,例如(“value (”+id+",’"+name+"’,"+age+",’"+sex+"’)";),且由于Statement对象是以拼接的方式来传入参数的,所以通过Statement对象操作数据库会导致SQL注入问题(详情请询问度娘),安全性无法得到保障。
优点:在一次批处理中,SQL表现形式灵活;
缺点:不能防止SQL注入,效率较低;
扫一扫
2119
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
