一、引言
1.1 如何操作数据库
| 客户端操作数据库步骤 |
|---|
 |
1.2 实际开发中,会采用客户端操作数据库吗?
二、JDBC (Java Database Connectivity)
2.1 什么是 JDBC?
2.2 JDBC 核心思想
| 核心思想 |
|---|
 |
|
2.2.1 Mysql 数据库驱动
2.2.2 JDBC API
| 类型 | 权限定名 | 简介 |
|---|
| class | java.sql.DriverManager | 管理多个数据库驱动类,提供了获取数据库连接的方法 |
| interface | java.sql.Connection | 代表一个数据库连接(当 connection 不是 null 时,表示已连接数据库) |
| interface | java.sql.Statement | 发送 SQL 语句到数据库工具 |
| interface | java.sql.ResultSet | 保存 SQL 查询语句的结果数据(结果集) |
| class | java.sql.SQLException | 处理数据库运用程序时所发生的异常 |
2.3 环境搭建
三、JDBC 开发步骤【重点】
3.1 注册驱动
Class.forName("com.mysql.cj.jdbc.Driver");
3.2 连接数据库
DriverManager.getConnection("jdbc:mysql://localhost:3306/day17","root","199610fan");
- URL(Uniform Resource Locator)统一资源定位符:由协议、IP、端口、SID(程序实例名称)组成
3.3 获取发送 SQL 对象
Statement statement = connection.createStatement();
3.4 执行 SQL 语句
Statement statement = connection.createStatement();
String sql = "INSERT INTO users(user_id,user_name,user_pwd,user_realname,user_img) VALUES(12,'luogenhua','199610','罗根华','ing.jpg')";
int result = statement.executeUpdate(sql);
- 注意:在编写 DML 语句时,一定要注意字符串参数的符号是单引号 ‘值’
- DML 语句:增删改时,返回受影响行数(int 类型)
- DQL 语句:查询时,返回结果数据(ResultSet 结果集)
3.5 处理结果
if(result == 1){
System.out.println("Success");
}
- 受影响行数:逻辑判断,方法返回
- 查询结果集:迭代、一次获取
3.6 释放资源
statement.close();
connection.close();
3.7 整个代码
import com.mysql.jdbc.Driver;
import java.sql.*;
public class JDBCTest {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/day17";
String user = "root";
String password = "199610fan";
Connection connection = DriverManager.getConnection(url, user, password);
if (connection != null){
System.out.println("连接成功");
}else {
System.out.println("连接失败");
}
Statement statement = connection.createStatement();
String sql = "INSERT INTO users(user_id,user_name,user_pwd,user_realname,user_img) VALUES(12,'luogenhua','199610','罗根华','ing.jpg')";
int i = statement.executeUpdate(sql);
if (i == 1){
System.out.println("执行成功");
}else {
System.out.println("执行失败");
}
statement.close();
connection.close();
}
}
四、ResultSet(结果集)
4.1 接收结果集
ResultSet resultSet = statement.executeQuery(SELECT * FROM USERS);
4.2 遍历 ResultSet 中的数据
boolean next = resultSet.next();
4.3 遍历方法
int getInt(int columnIndex)
int getInt(String columnLabel)
...
String getString(int columnIndex)
String getString(String columnLabel)
...
4.4 整个代码
package com.luo;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
public class QueryJdbc {
public static void main(String[] args) throws Exception {
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/day17";
String user = "root";
String password = "199610fan";
Connection connection = DriverManager.getConnection(url, user, password);
if (connection != null){
System.out.println("连接成功");
}else {
System.out.println("连接失败");
}
Statement statement = connection.createStatement();
String sql = "SELECT * FROM USERS";
ResultSet resultSet = statement.executeQuery(sql);
while (resultSet.next()){
String user_id = resultSet.getString("user_id");
String user_name = resultSet.getString("user_name");
String user_pwd = resultSet.getString("user_pwd");
String user_realname = resultSet.getString("user_realname");
String user_img = resultSet.getString("user_img");
System.out.println(user_id+"\t"+user_name +"\t"+ user_pwd +"\t"+ user_realname +"\t"+ user_img);
}
statement.close();
connection.close();
}
}
五、常见错误
六、综合案列【登入】
6.1 创建一张表
CREATE TABLE user(
id INT PRIMARY KEY AUTO_INCREMENT,
username VARCHAR(20) UNIQUE NOT NULL,
password VARCHAR(20) NOT NULL,
phone VARCHAR(11)
);
6.2 实现登入
package com.luo;
import java.sql.*;
import java.util.Scanner;
public class LogJdbc {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
Scanner scanner = new Scanner(System.in);
System.out.print("请输入用户名:");
String username = scanner.next();
System.out.print("请输入密码:");
String pwd = scanner.next();
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/day14";
String user = "root";
String password = "199610fan";
Connection connection = DriverManager.getConnection(url, user, password);
Statement statement = connection.createStatement();
String sql = "select * from user where username = '"+username+"' and password = '"+pwd+"'";
ResultSet resultSet = statement.executeQuery(sql);
if (resultSet.next()){
System.out.println("登入成功");
}else{
System.out.println("登入失败");
}
statement.close();
connection.close();
}
}
七、SQL 注入问题
7.1 什么是 SQL 注入
7.2 如何避免 SQL 注入
八、PreparedStatement【重点】
8.1.1 参数标记
PreparedStatement pstmt = connection.prepareStatement("select * from user where username = ? and password = ?");
- 注意:JDBC 中的所有参数都是由 ? 符号占位,这被称为参数标记。在执行 SQL 语句之前,必须为每个参数提供值
8.1.2 动态参数绑定
PreparedStatement pstmt = connection.prepareStatement("select * from user where username = ? and password = ?");
pstmt.setString(1,username);
pstmt.setString(2,pwd);
8.1.3 整个代码
package com.luo;
import java.sql.*;
import java.util.Scanner;
public class PrepareStatement {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
Scanner scanner = new Scanner(System.in);
System.out.print("请输入用户名:");
String username = scanner.next();
System.out.print("请输入密码:");
String pwd = scanner.next();
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/day14";
String user = "root";
String password = "199610fan";
Connection connection = DriverManager.getConnection(url, user, password);
PreparedStatement pstmt = connection.prepareStatement("select * from user where username = ? and password = ?;");
pstmt.setString(1,username);
pstmt.setString(2,pwd);
ResultSet resultSet = pstmt.executeQuery();
if (resultSet.next()){
System.out.println("登入成功");
}else {
System.out.println("登入失败,用户名或密码错误");
}
pstmt.close();
connection.close();
}
}
九、封装工具类
9.1 重用性方案
9.2 整儿代码
package com.luo;
import java.sql.*;
public class DBUtils {
static {
try {
Class.forName("com.mysql.cj.jdbc.Driver");
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
public static Connection getConnection(){
String url = "jdbc:mysql://localhost:3306/day14";
String user = "root";
String password = "199610fan";
Connection connection = null;
try {
connection = DriverManager.getConnection(url, user, password);
} catch (SQLException e) {
e.printStackTrace();
}
return connection;
}
public static void closeAll(Connection connection, Statement statement, ResultSet resultSet){
try{
if (connection != null){
connection.close();
}
if (statement != null){
statement.close();
}
if (resultSet != null){
resultSet.close();
}
}catch (SQLException e){
e.printStackTrace();
}
}
}
9.3跨平台方案
9.3.1 跨平台工具类实现
driver=com.mysql.cj.jdbc.Driver
url=jdbc:mysql://localhost:3306/day14
user=root
password=199610fan
package com.luo2;
import java.io.IOException;
import java.io.InputStream;
import java.sql.*;
import java.util.Properties;
public class DBUtils {
private static final Properties PROPERTIES = new Properties();
static {
InputStream is = DBUtils.class.getResourceAsStream("/db.properties");
try {
PROPERTIES.load(is);
Class.forName(PROPERTIES.getProperty("driver"));
} catch (IOException | ClassNotFoundException e) {
e.printStackTrace();
}
}
public static Connection getConnection() {
Connection connection = null;
try {
connection = DriverManager.getConnection(
PROPERTIES.getProperty("url"),
PROPERTIES.getProperty("user"),
PROPERTIES.getProperty("password"));
} catch (SQLException e) {
e.printStackTrace();
}
return connection;
}
public static void closeAll(Connection connection, Statement statement, ResultSet resultset){
if (connection != null){
try {
connection.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (statement != null){
try {
statement.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (resultset != null){
try {
resultset.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}
十、ORM
10.1 实体类(entity):零散数据的载体
10.2 表对应的实体类代码
package com.luo2;
public class User {
private String id;
private String username;
private String password;
private String phone;
public User() {
}
public User(String id, String username, String password, String phone) {
this.id = id;
this.username = username;
this.password = password;
this.phone = phone;
}
@Override
public String toString() {
return "user{" +
"id='" + id + '\'' +
", username='" + username + '\'' +
", password='" + password + '\'' +
", phone='" + phone + '\'' +
'}';
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
this.phone = phone;
}
}
10.3 测试类代码
package com.luo2;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
public class TestORM {
public static void main(String[] args) {
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
List<User> list = new ArrayList<User>();
try {
connection = DBUtils.getConnection();
preparedStatement = connection.prepareStatement("select * from user");
resultSet = preparedStatement.executeQuery();
while (resultSet.next()){
String id = resultSet.getString("id");
String username = resultSet.getString("username");
String password = resultSet.getString("password");
String phone = resultSet.getString("phone");
User user = new User();
user.setId(id);
user.setUsername(username);
user.setPassword(password);
user.setPhone(phone);
list.add(user);
}
} catch (SQLException e) {
e.printStackTrace();
}finally {
DBUtils.closeAll(connection,preparedStatement,resultSet);
}
for (User u:list) {
System.out.println(u);
}
}
}
十一、DAO 数据访问对象(Data Access Object)
11.1 创建数据库
11.2 数据库代码
CREATE TABLE Person(
id INT PRIMARY KEY AUTO_INCREMENT,
name VARCHAR(20) NOT NULL,
age INT NOT NULL,
bornDate DATE,
email VARCHAR(20),
address VARCHAR(20)
)CHARSET=utf8;
11.3 封装实体类
package com.person;
import java.util.Date;
public class Person {
private int id;
private String name;
private int age;
private Date bornDate;
private String email;
private String address;
public Person() {
}
public Person(String name, int age, Date bornDate, String email, String address) {
this.name = name;
this.age = age;
this.bornDate = bornDate;
this.email = email;
this.address = address;
}
public Person(int id, String name, int age, Date bornDate, String email, String address) {
this.id = id;
this.name = name;
this.age = age;
this.bornDate = bornDate;
this.email = email;
this.address = address;
}
@Override
public String toString() {
return "Person{" +
"id=" + id +
", name='" + name + '\'' +
", age=" + age +
", date=" + bornDate +
", email='" + email + '\'' +
", address='" + address + '\'' +
'}';
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
public Date getBornDate() {
return bornDate;
}
public void setBornDate(Date date) {
this.bornDate = date;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
}
11.4 编写 DaoImpl 类
package com.person;
import java.sql.*;
import java.util.ArrayList;
import java.util.List;
public class PersonDaoImpl {
public int insert(Person person){
Connection connection = null;
PreparedStatement preparedStatement = null;
String sql = "insert into person(name,age,borndate,email,address) values(?,?,?,?,?)";
try {
connection = DBUtils.getConnection();
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1,person.getName());
preparedStatement.setInt(2,person.getAge());
preparedStatement.setDate(3,null);
preparedStatement.setString(4,person.getEmail());
preparedStatement.setString(5,person.getAddress());
int result = preparedStatement.executeUpdate();
return result;
}catch (SQLException e){
e.printStackTrace();
}finally {
DBUtils.closeAll(connection,preparedStatement,null);
}
return 0;
}
public int update(Person person){
Connection connection = null;
PreparedStatement preparedStatement = null;
String sql = "update Person set name = ?,age = ?,bornDate = ?,email = ?,address = ? where id= ?";
try {
connection = DBUtils.getConnection();
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1,person.getName());
preparedStatement.setInt(2,person.getAge());
preparedStatement.setDate(3,null);
preparedStatement.setString(4,person.getEmail());
preparedStatement.setString(5,person.getAddress());
preparedStatement.setInt(6,person.getId());
int i = preparedStatement.executeUpdate();
return i;
} catch (SQLException e) {
e.printStackTrace();
}finally {
DBUtils.closeAll(connection,preparedStatement,null);
}
return 0;
}
public int delete(int id){
Connection connection = null;
PreparedStatement preparedStatement = null;
String sql = "delete from Person where id = ?";
connection = DBUtils.getConnection();
try {
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setInt(1,id);
int i = preparedStatement.executeUpdate();
return i;
} catch (SQLException e) {
e.printStackTrace();
}finally {
DBUtils.closeAll(connection,preparedStatement,null);
}
return 0;
}
public Person select(int id){
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
Person person = null;
String sql = "select * from Person where id = ?";
try {
connection = DBUtils.getConnection();
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setInt(1,id);
resultSet = preparedStatement.executeQuery();
if (resultSet.next()){
int pid = resultSet.getInt("id");
String name = resultSet.getString("name");
int age = resultSet.getInt("age");
Date bornDate = resultSet.getDate("bornDate");
String email = resultSet.getString("email");
String address = resultSet.getString("address");
person = new Person();
person.setId(pid);
person.setName(name);
person.setAge(age);
person.setBornDate(bornDate);
person.setEmail(email);
person.setAddress(address);
}
return person;
} catch (SQLException e) {
e.printStackTrace();
}finally {
DBUtils.closeAll(connection,preparedStatement,resultSet);
}
return null;
}
public List<Person> selectAll(){
Connection connection = null;
PreparedStatement preparedStatement = null;
ResultSet resultSet = null;
Person person = null;
List<Person> personList = new ArrayList<Person>();
String sql = "select * from Person";
connection = DBUtils.getConnection();
try {
preparedStatement = connection.prepareStatement(sql);
resultSet = preparedStatement.executeQuery();
while (resultSet.next()){
int pid = resultSet.getInt("id");
String name = resultSet.getString("name");
int age = resultSet.getInt("age");
Date bornDate = resultSet.getDate("bornDate");
String email = resultSet.getString("email");
String address = resultSet.getString("address");
person = new Person(pid,name,age,bornDate,email,address);
personList.add(person);
}
return personList;
} catch (SQLException e) {
e.printStackTrace();
}finally {
DBUtils.closeAll(connection,preparedStatement,resultSet);
}
return null;
}
}
