JDBC：Statement问题

1、Statement问题

 2、解决办法：通过PreparedStatement代替

 实践：

package com.dgd.test;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.sql.*;import java.util.Scanner;

public class Test {
    public static void main(String[] args) throws SQLException, ClassNotFoundException, FileNotFoundException {

        Scanner sc = new Scanner(System.in);
        System.out.print("输入序号：");
        int id=sc.nextInt();
        System.out.print("输入名称：");
        String name=sc.next();


        // System.out.println("1111");
        Class.forName("com.mysql.cj.jdbc.Driver");

        String url="jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&serverTimezone=GMT";
        Connection conn = DriverManager.getConnection(url, "root", "123456");
        System.out.println(conn.getClass());

        String sql="INSERT INTO stu VALUES(?,?,?)";
        PreparedStatement s = conn.prepareStatement(sql);
        s.setObject(1,id);
        s.setObject(2,name);
        FileInputStream fis=new FileInputStream("C:/Users/Zhang/Pictures/IMG_20190930_053816.jpg");
        s.setObject(3,fis);

        int len=s.executeUpdate();
        System.out.println(len>0?"插入成功":"插入失败");


        s.close();
        conn.close();
        sc.close();

/*
        String sql="INSERT INTO stu VALUES(2,'zhangkun')";
        String sql2="SELECT * FROM stu";
        Statement s=conn.createStatement();
        int len=s.executeUpdate(sql);
        System.out.println(len>0?"添加成功":"添加失败");

        ResultSet set=s.executeQuery(sql2);
        while(set.next())
        {
            System.out.print("学号："+set.getInt(1)+"	"+"姓名："+set.getString(2)+"
");
        }
        set.close();;
        s.close();
        conn.close();
 */

     }
}

总结JDBC的步骤：

1　　获取连接      注册驱动，DriverManager ，url , username, password

2　　编写SQL      String sql="    ?"

3　　预编译SQL    PreparedStatement

4　　设置参数       .setObject

5　　执行SQL       .executeQuery   or   executeUpdate   

6　　封装结果        ResultSet

7　　关闭连接        .close()