JDBC 的 PreparedStatement 与 Statement
1 import java.sql.Connection; 2 import java.sql.DriverManager; 3 import java.sql.PreparedStatement; 4 import java.sql.ResultSet; 5 import java.sql.Statement; 6 import java.util.Date; 7 8 public class StatmentExample { 9 10 public static void main(String[] args) throws Exception { 11 mysqlConnection3(); 12 } 13 14 // mysql 获取自增id的值的方法 15 public static void mysqlConnection1() throws Exception { 16 Class.forName("com.mysql.jdbc.Driver"); 17 String url = "jdbc:mysql://localhost/test?useUnicode=true&&characterEncoding=UTF-8&autoReconnect=true"; 18 String user = "root"; 19 String password = "123456"; 20 Connection conn = null; 21 Statement stmt = null; 22 ResultSet rs = null; 23 24 try { 25 conn = DriverManager.getConnection(url, user, password); 26 stmt = conn.createStatement(); 27 stmt.executeUpdate("insert into dept (deptname) values ('市场部')", Statement.RETURN_GENERATED_KEYS); 28 rs = stmt.getGeneratedKeys();// mysql 获取自增id的值的方法 29 if (rs.next()) { 30 System.out.println(rs.getInt(1)); 31 } 32 } catch (Exception e) { 33 throw e; 34 } finally { 35 rs.close(); 36 stmt.close(); 37 conn.close(); 38 } 39 } 40 // 建议始终以 PreparedStatement 代替 Statement 41 // 1.虽然代码多出几行,但可读性和可维护性得到提升 42 // 2.防止SQL注入提高安全性,占位符中的内容都会被转义,['w' or '1' = '1']会被转义成[\'\\'w\\' or \\'1\\' = \\'1\\'\'] 43 // 3.虽然预编译要耗费时间,但sql编译后的执行代码被缓存下来,下次调用时就不需要编译,从而提升性能 44 public static void mysqlConnection2() throws Exception { 45 Class.forName("com.mysql.jdbc.Driver"); 46 String url = "jdbc:mysql://localhost/test?useUnicode=true&&characterEncoding=UTF-8&autoReconnect=true"; 47 String user = "root"; 48 String password = "123456"; 49 Connection conn = null; 50 PreparedStatement perstmt2 = null; 51 ResultSet rs2 = null; 52 53 try { 54 conn = DriverManager.getConnection(url, user, password); 55 String sql2 = "select deptno,deptname from dept where deptno = ? ";// dept这张表有deptno,deptname字段 56 perstmt2 = conn.prepareStatement(sql2); 57 perstmt2.setInt(1,11); 58 rs2 = perstmt2.executeQuery(); 59 while (rs2.next()) { 60 System.out.print(rs2.getInt("deptno") + " "); 61 System.out.println(rs2.getString("deptname")); 62 } 63 } catch (Exception e) { 64 throw e; 65 } finally { 66 // 不要只关闭conn,因为数据库那边的资源确实释放了,但是java这边的操作系统中的连接资源不会即时释放 67 rs2.close(); 68 perstmt2.close(); 69 conn.close(); 70 } 71 } 72 // 使用PreparedStatement的AddBatch()方法一次性发送多个sql给数据库 73 public static void mysqlConnection3() throws Exception { 74 Class.forName("com.mysql.jdbc.Driver"); 75 String url = "jdbc:mysql://localhost/test?useUnicode=true&&characterEncoding=UTF-8&autoReconnect=true"; 76 String user = "root"; 77 String password = "123456"; 78 Connection conn = null; 79 PreparedStatement perstmt2 = null; 80 81 try { 82 conn = DriverManager.getConnection(url, user, password); 83 System.out.println((new Date()).getTime()); 84 perstmt2 = conn.prepareStatement("insert into dept (deptname) values (?)"); 85 for (int n = 0; n < 1000; n++) { 86 perstmt2.setString(1, "信息部" + n); 87 perstmt2.addBatch(); 88 } 89 perstmt2.executeBatch(); 90 System.out.println((new Date()).getTime()); 91 } catch (Exception e) { 92 throw e; 93 } finally { 94 perstmt2.close(); 95 conn.close(); 96 } 97 } 98 }
posted on 2016-08-21 01:01 guodefu909 阅读(182) 评论(0) 编辑 收藏 举报
