mirror of
https://gitee.com/many2many/java-web.git
synced 2025-01-12 07:00:55 +08:00
221 lines
8.3 KiB
Markdown
221 lines
8.3 KiB
Markdown
|
## 6. 数据库访问
|
|||
|
### 6.1 JDBC
|
|||
|
|
|||
|
#### 6.1.3 实现第一个JDBC程序
|
|||
|
|
|||
|
**练习任务**:
|
|||
|
|
|||
|
1. **创建数据库表**:
|
|||
|
- 根据PetClinic中的`Owner`实体模型创建一个表,包含`id`(整数,主键,自增)、`firstName`(字符串,长度255,不可为空)、`lastName`(字符串,长度255,不可为空)、`address`(字符串,长度255)、`city`(字符串,长度255)、`telephone`(字符串,长度255)字段。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
private static void createOwnerTable(Connection conn) throws SQLException {
|
|||
|
String sql = "CREATE TABLE IF NOT EXISTS owners (" +
|
|||
|
"id INT AUTO_INCREMENT PRIMARY KEY," +
|
|||
|
"firstName VARCHAR(255) NOT NULL," +
|
|||
|
"lastName VARCHAR(255) NOT NULL," +
|
|||
|
"address VARCHAR(255)," +
|
|||
|
"city VARCHAR(255)," +
|
|||
|
"telephone VARCHAR(255))";
|
|||
|
try (PreparedStatement stmt = conn.prepareStatement(sql)) {
|
|||
|
stmt.executeUpdate();
|
|||
|
}
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
2. **插入业主记录**:
|
|||
|
- 向`owners`表中插入两条记录。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
private static void insertOwners(Connection conn) throws SQLException {
|
|||
|
String sql = "INSERT INTO owners (firstName, lastName, address, city, telephone) VALUES (?, ?, ?, ?, ?)";
|
|||
|
try (PreparedStatement pstmt = conn.prepareStatement(sql)) {
|
|||
|
pstmt.setString(1, "Alice");
|
|||
|
pstmt.setString(2, "Johnson");
|
|||
|
pstmt.setString(3, "123 Main St");
|
|||
|
pstmt.setString(4, "Springfield");
|
|||
|
pstmt.setString(5, "555-1234");
|
|||
|
pstmt.executeUpdate();
|
|||
|
|
|||
|
pstmt.setString(1, "Bob");
|
|||
|
pstmt.setString(2, "Smith");
|
|||
|
pstmt.setString(3, "456 Elm St");
|
|||
|
pstmt.setString(4, "Springfield");
|
|||
|
pstmt.setString(5, "555-5678");
|
|||
|
pstmt.executeUpdate();
|
|||
|
}
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
3. **查询业主记录**:
|
|||
|
- 查询`owners`表中的所有记录,并打印出每条记录的信息。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
private static void queryOwners(Connection conn) throws SQLException {
|
|||
|
String sql = "SELECT * FROM owners";
|
|||
|
try (PreparedStatement pstmt = conn.prepareStatement(sql);
|
|||
|
ResultSet rs = pstmt.executeQuery()) {
|
|||
|
while (rs.next()) {
|
|||
|
int id = rs.getInt("id");
|
|||
|
String firstName = rs.getString("firstName");
|
|||
|
String lastName = rs.getString("lastName");
|
|||
|
String address = rs.getString("address");
|
|||
|
String city = rs.getString("city");
|
|||
|
String telephone = rs.getString("telephone");
|
|||
|
System.out.println("ID: " + id + ", First Name: " + firstName + ", Last Name: " + lastName + ", Address: " + address + ", City: " + city + ", Telephone: " + telephone);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
4. **更新业主记录**:
|
|||
|
- 更新`owners`表中名字为"Alice Johnson"的业主的电话号码为"555-1111"。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
private static void updateOwner(Connection conn) throws SQLException {
|
|||
|
String sql = "UPDATE owners SET telephone = ? WHERE firstName = ? AND lastName = ?";
|
|||
|
try (PreparedStatement pstmt = conn.prepareStatement(sql)) {
|
|||
|
pstmt.setString(1, "555-1111");
|
|||
|
pstmt.setString(2, "Alice");
|
|||
|
pstmt.setString(3, "Johnson");
|
|||
|
int rowsUpdated = pstmt.executeUpdate();
|
|||
|
System.out.println(rowsUpdated + " row(s) updated.");
|
|||
|
}
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
5. **删除业主记录**:
|
|||
|
- 删除`owners`表中名字为"Bob Smith"的业主记录。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
private static void deleteOwner(Connection conn) throws SQLException {
|
|||
|
String sql = "DELETE FROM owners WHERE firstName = ? AND lastName = ?";
|
|||
|
try (PreparedStatement pstmt = conn.prepareStatement(sql)) {
|
|||
|
pstmt.setString(1, "Bob");
|
|||
|
pstmt.setString(2, "Smith");
|
|||
|
int rowsDeleted = pstmt.executeUpdate();
|
|||
|
System.out.println(rowsDeleted + " row(s) deleted.");
|
|||
|
}
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
6. **完整程序**:
|
|||
|
- 将以上步骤整合到一个完整的程序中,确保正确加载MySQL驱动、建立数据库连接,并处理异常。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
import java.sql.Connection;
|
|||
|
import java.sql.DriverManager;
|
|||
|
import java.sql.SQLException;
|
|||
|
|
|||
|
public class JdbcCrudExample {
|
|||
|
private static final String DB_URL = "jdbc:mysql://localhost:3306/petclinic";
|
|||
|
private static final String USER = "root";
|
|||
|
private static final String PASS = "password";
|
|||
|
|
|||
|
public static void main(String[] args) {
|
|||
|
Connection conn = null;
|
|||
|
try {
|
|||
|
// 加载MySQL驱动
|
|||
|
Class.forName("com.mysql.cj.jdbc.Driver");
|
|||
|
|
|||
|
// 获取数据库连接
|
|||
|
conn = DriverManager.getConnection(DB_URL, USER, PASS);
|
|||
|
|
|||
|
// 创建表
|
|||
|
createOwnerTable(conn);
|
|||
|
|
|||
|
// 插入记录
|
|||
|
insertOwners(conn);
|
|||
|
|
|||
|
// 查询记录
|
|||
|
queryOwners(conn);
|
|||
|
|
|||
|
// 更新记录
|
|||
|
updateOwner(conn);
|
|||
|
|
|||
|
// 删除记录
|
|||
|
deleteOwner(conn);
|
|||
|
|
|||
|
// 再次查询记录
|
|||
|
queryOwners(conn);
|
|||
|
|
|||
|
} catch (ClassNotFoundException | SQLException e) {
|
|||
|
e.printStackTrace();
|
|||
|
} finally {
|
|||
|
if (conn != null) {
|
|||
|
try {
|
|||
|
conn.close();
|
|||
|
} catch (SQLException e) {
|
|||
|
e.printStackTrace();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// 其他方法...
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
### 6.3 SQL注入的预防措施
|
|||
|
|
|||
|
**练习任务**:
|
|||
|
|
|||
|
1. **使用PreparedStatement防止SQL注入**:
|
|||
|
- 修改上述的`queryOwners`方法,使用`PreparedStatement`来执行查询。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
private static void queryOwners(Connection conn) throws SQLException {
|
|||
|
String sql = "SELECT * FROM owners WHERE firstName = ? AND lastName = ?";
|
|||
|
try (PreparedStatement pstmt = conn.prepareStatement(sql)) {
|
|||
|
pstmt.setString(1, "Alice");
|
|||
|
pstmt.setString(2, "Johnson");
|
|||
|
ResultSet rs = pstmt.executeQuery();
|
|||
|
while (rs.next()) {
|
|||
|
int id = rs.getInt("id");
|
|||
|
String firstName = rs.getString("firstName");
|
|||
|
String lastName = rs.getString("lastName");
|
|||
|
String address = rs.getString("address");
|
|||
|
String city = rs.getString("city");
|
|||
|
String telephone = rs.getString("telephone");
|
|||
|
System.out.println("ID: " + id + ", First Name: " + firstName + ", Last Name: " + lastName + ", Address: " + address + ", City: " + city + ", Telephone: " + telephone);
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
```
|
|||
|
|
|||
|
### 6.2 数据库连接池
|
|||
|
|
|||
|
#### 6.2.4 使用HikariCP实现数据库连接池
|
|||
|
|
|||
|
**练习任务**:
|
|||
|
|
|||
|
1. **配置HikariCP连接池**:
|
|||
|
- 使用HikariCP配置一个连接池,并使用它来获取数据库连接。
|
|||
|
- 示例代码:
|
|||
|
```java
|
|||
|
import com.zaxxer.hikari.HikariConfig;
|
|||
|
import com.zaxxer.hikari.HikariDataSource;
|
|||
|
import java.sql.Connection;
|
|||
|
import java.sql.SQLException;
|
|||
|
|
|||
|
public class HikariCpExample {
|
|||
|
public static void main(String[] args) {
|
|||
|
HikariConfig config = new HikariConfig();
|
|||
|
config.setJdbcUrl("jdbc:mysql://localhost:3306/petclinic");
|
|||
|
config.setUsername("root");
|
|||
|
config.setPassword("password");
|
|||
|
config.setMaximumPoolSize(10);
|
|||
|
config.setConnectionTimeout(30000);
|
|||
|
|
|||
|
HikariDataSource ds = new HikariDataSource(config);
|
|||
|
|
|||
|
try (Connection conn = ds.getConnection()) {
|
|||
|
// 使用连接执行数据库操作
|
|||
|
System.out.println("Database connection established.");
|
|||
|
} catch (SQLException e) {
|
|||
|
e.printStackTrace();
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
```
|