jdbc preparedstatement 使用范例

jdbc preparedstatement 對(duì)象擴(kuò)展了 statement 對(duì)象，給 statement 對(duì)象增加幾個(gè)高級(jí)功能。

jdbc preparedstatement 對(duì) sql 語句進(jìn)行預(yù)編譯，效率更高。另外，可以接收動(dòng)態(tài)參數(shù)，避免 statement 中的 sql 注入問題。

1. preparedstatement 使用范例

//step 1. import required packages
import java.sql.*;

public class jdbcexample {
   // jdbc driver name and database url
   static final string jdbc_driver = "com.mysql.jdbc.driver";  
   static final string db_url = "jdbc:mysql://localhost/emp";

   //  database credentials
   static final string user = "username";
   static final string pass = "password";
   
   public static void main(string[] args) {
   connection conn = null;
   preparedstatement stmt = null;
   try{
      //step 2: register jdbc driver
      class.forname("com.mysql.jdbc.driver");

      //step 3: open a connection
      system.out.println("connecting to database...");
      conn = drivermanager.getconnection(db_url,user,pass);

      //step 4: execute a query
      system.out.println("creating statement...");
      string sql = "update employees set age=? where id=?";
      stmt = conn.preparestatement(sql);
      
      //bind values into the parameters.
      stmt.setint(1, 35);  // this would set age
      stmt.setint(2, 102); // this would set id
      
      // let us update age of the record with id = 102;
      int rows = stmt.executeupdate();
      system.out.println("rows impacted : " + rows );

      // let us select all the records and display them.
      sql = "select id, first, last, age from employees";
      resultset rs = stmt.executequery(sql);

      //step 5: extract data from result set
      while(rs.next()){
         //retrieve by column name
         int id  = rs.getint("id");
         int age = rs.getint("age");
         string first = rs.getstring("first");
         string last = rs.getstring("last");

         //display values
         system.out.print("id: " + id);
         system.out.print(", age: " + age);
         system.out.print(", first: " + first);
         system.out.println(", last: " + last);
      }
      //step 6: clean-up environment
      rs.close();
      stmt.close();
      conn.close();
   }catch(sqlexception se){
      //handle errors for jdbc
      se.printstacktrace();
   }catch(exception e){
      //handle errors for class.forname
      e.printstacktrace();
   }finally{
      //finally block used to close resources
      try{
         if(stmt!=null)
            stmt.close();
      }catch(sqlexception se2){
      }// nothing we can do
      try{
         if(conn!=null)
            conn.close();
      }catch(sqlexception se){
         se.printstacktrace();
      }//end finally try
   }//end try
   system.out.println("goodbye!");
}//end main
}//end jdbcexample

2. 編譯運(yùn)行

現(xiàn)在來編譯上面的例子：

c:>javac jdbcexample.java
c:>

當(dāng)運(yùn)行 jdbcexample，它會(huì)產(chǎn)生以下結(jié)果：

c:>java jdbcexample
connecting to database...
creating statement...
rows impacted : 1
id: 100, age: 18, first: zara, last: ali
id: 101, age: 25, first: mahnaz, last: fatma
id: 102, age: 35, first: zaid, last: khan
id: 103, age: 30, first: sumit, last: mittal
goodbye!
c:>