java操作数据库 jdbc

1. JDBC API 是一系列的接口，它使得应用程序能够进行数据库联接，执行SQL语句，并且得到返回结果。

   

2. Statement（存在sql注入风险）

   Class.forName("com.mysql.jdbc.Driver");
   Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/scott", "root", "123456");
   Statement statement = connection.createStatement();
   ResultSet resultSet = statement.executeQuery("select * from emp");
   while (resultSet.next()){
       int id = resultSet.getInt("id");
   }
   int i = statement.executeUpdate("update emp set sal=100 whre id =1 ");
   

3. PreparedStatement（不存在sql注入风险）

   conn = DriverManager.getConnection(
   					"jdbc:mysql://localhost:3306/scott", "root", "123456");
   //3.创建查询通道
   //创建prepareStatement的时候就会提供sql
   PreparedStatement ps = conn.prepareStatement("select * from dept "
                                                + "where "
                                                + " dname like concat('%',?,'%')");
   ps.setString(1, "ACCOUNTING");
   //4.获取结果集
   ResultSet rs = ps.executeQuery();
   while(rs.next()) {
     System.out.println(rs.getObject(1)+","+rs.getObject(2)+","+rs.getObject(3));
   }