标签:ping uname demo 函数 存储函数 spec 更换 pass cal
1.JDBC:Java DataBase Connectivity 可以为多种关系型数据库DBMS 提供统一的访问方式,用Java来操作数据库
2.JDBC API 主要功能:
三件事,具体是通过以下类/接口实现:
DriverManager : 管理jdbc驱动
Connection: 连接(通过DriverManager产生)
Result :返回的结果集 (上面的Statement等产生 )
Connection产生操作数据库的对象:
Statement操作数据库:
增删改:executeUpdate()
查询:executeQuery();
ResultSet:保存结果集 select * from xxx
next():光标下移,判断是否有下一条数据;true/false
previous(): true/false
getXxx(字段名|位置):获取具体的字段值
PreparedStatement操作数据库:
public interface PreparedStatement extends Statement
因此
增删改:executeUpdate()
查询:executeQuery();
--此外
赋值操作 setXxx();
PreparedStatement与Statement在使用时的区别:
1.Statement:
sql
executeUpdate(sql)
2.
PreparedStatement:
sql(可能存在占位符?)
在创建PreparedStatement 对象时,将sql预编译 prepareStatement(sql)
executeUpdate()
setXxx()替换占位符?
推荐使用PreparedStatement:原因如下:
1.编码更加简便(避免了字符串的拼接)
String name = "zs" ; int age = 23 ; stmt: String sql =" insert into student(stuno,stuname) values(‘"+name+"‘, "+age+" ) " ; stmt.executeUpdate(sql); pstmt: String sql =" insert into student(stuno,stuname) values(?,?) " ; pstmt = connection.prepareStatement(sql);//预编译SQL pstmt.setString(1,name); pstmt.setInt(2,age);
2.提高性能(因为 有预编译操作,预编译只需要执行一次)
需要重复增加100条数
stmt: String sql =" insert into student(stuno,stuname) values(‘"+name+"‘, "+age+" ) " ; for(100) stmt.executeUpdate(sql); pstmt: String sql =" insert into student(stuno,stuname) values(?,?) " ; pstmt = connection.prepareStatement(sql);//预编译SQL pstmt.setString(1,name); pstmt.setInt(2,age); for( 100){ pstmt.executeUpdate(); }
3.安全(可以有效防止sql注入)
sql注入: 将客户输入的内容 和 开发人员的SQL语句 混为一体
stmt:存在被sql注入的风险
(例如输入 用户名:任意值 ‘ or 1=1 --
密码:任意值)
分析:
select count(*) from login where uname=‘任意值 ‘ or 1=1 --‘ and upwd =‘任意值‘ ; select count(*) from login where uname=‘任意值 ‘ or 1=1 ; select count(*) from login ; select count(*) from login where uname=‘"+name+"‘ and upwd =‘"+pwd+"‘ pstmt:有效防止sql注入
推荐使用pstmt
3.jdbc访问数据库的具体步骤:
4.
数据库驱动
驱动jar 具体驱动类 连接字符串
MySQL mysql-connector-java-x.jar com.mysql.jdbc.Driver jdbc:mysql://localhost:3306/数据库实例名
使用jdbc操作数据库时,如果对数据库进行了更换,只需要替换:驱动、具体驱动类、连接字符串、用户名、密码
5.
测试JDBC基本功能代码
import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class JDBCDemo { private static final String URL = "jdbc:mysql://localhost:3306/mydatabase?serverTimezone=GMT%2B8"; private static final String USERNAME = "root"; private static final String PWD = "password"; public static void update() throws ClassNotFoundException, SQLException {// 增删改 // a. 导入驱动,加载具体的驱动类 Class.forName("com.mysql.cj.jdbc.Driver"); // b.与数据库建立连接 Connection connection = DriverManager.getConnection(URL, USERNAME, PWD); // c.发送sql,执行增删改查 Statement stmt = connection.createStatement(); //增加 String sql = "insert into student values(2,‘李四‘,21)"; //修改 String sql = "update student set name=‘张三‘ where id=1"; //删除 String sql = "delete from student where id=1"; int count = stmt.executeUpdate(sql); if (count > 0) { System.out.println("操作成功!"); } stmt.close(); connection.close(); } public static void query() throws ClassNotFoundException, SQLException {// 增删改 // a. 导入驱动,加载具体的驱动类 Class.forName("com.mysql.cj.jdbc.Driver"); // b.与数据库建立连接 Connection connection = DriverManager.getConnection(URL, USERNAME, PWD); // c.发送sql,执行增删改[查] Statement stmt = connection.createStatement(); char stuname=‘a‘; //模糊查询 String sql = "select id,name,age from student where name like ‘%"+stuname+"%‘"; ResultSet rs=stmt.executeQuery(sql); //int count = stmt.executeUpdate(sql); while (rs.next()) { int id=rs.getInt("id"); String name=rs.getString("name"); int age=rs.getInt("age"); System.out.println(id+"--"+name+"--"+age); } rs.close(); stmt.close(); connection.close(); } public static void main(String[] args) throws ClassNotFoundException, SQLException { // update(); query(); } }
错误记录:
Exception in thread "main" java.sql.SQLException: The server time zone value ‘?й???????‘ is unrecognized or represents more than one time zone. You must configure either the server or JDBC driver (via the serverTimezone configuration property) to use a more specifc time zone value if you want to utilize time zone support. at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:129) at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:97) at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:89) at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:63) at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:73) at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:76) at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:835) at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:455) at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:240) at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:199) at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:677) at java.sql/java.sql.DriverManager.getConnection(DriverManager.java:228) at JDBCDemo.query(JDBCDemo.java:35) at JDBCDemo.main(JDBCDemo.java:57)
解决办法
在连接数据库的URL结尾添加 ?serverTimezone=GMT%2B8 即可
标签:ping uname demo 函数 存储函数 spec 更换 pass cal
原文地址:https://www.cnblogs.com/deepend/p/12249997.html