zoukankan      html  css  js  c++  java

  • JAVA JDBC prepareStatement 添加数据

    我们使用prepareStatement来操作数据库,可以防止sql注入,并且无需拼接sql语句.

    核心代码:

    String sql = "insert into customers(name,email,birth)values(?,?,?)";
ps = connection.prepareStatement(sql);
ps.setString(1,"哪吒");
ps.setString(2,"nezha@gamail.com");
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
Date date = sdf.parse("1000-01-01");
ps.setDate(3, new java.sql.Date(date.getTime()));
ps.execute();

    完整代码

    InputStream is = connectTest.class.getClassLoader().getResourceAsStream("jdbcInfo.properties");
        Properties pro = new Properties();
        pro.load(is);

        String user = pro.getProperty("user");
        String password = pro.getProperty("password");
        String url = pro.getProperty("url");
        String driverClass = pro.getProperty("driverClass");
        //利用反射
        Connection connection = null;
        PreparedStatement ps = null;
        try {
            Class.forName(driverClass);
            connection = DriverManager.getConnection(url,user,password);
            System.out.println(connection);

            String sql = "insert into customers(name,email,birth)values(?,?,?)";
            ps = connection.prepareStatement(sql);
            ps.setString(1,"哪吒");
            ps.setString(2,"nezha@gamail.com");
            SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
            Date date = sdf.parse("1000-01-01");
            ps.setDate(3, new java.sql.Date(date.getTime()));
            ps.execute();
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        } catch (SQLException e) {
            e.printStackTrace();
        } catch (ParseException e) {
            e.printStackTrace();
        } finally {
            if(ps!=null)
                try {
                    ps.close();
                } catch (SQLException e) {
                    e.printStackTrace();
                }
            if(connection!=null)
                try {
                    connection.close();
                } catch (SQLException e) {
                    e.printStackTrace();
                }
        }
    View Code
  • 相关阅读:
    my97date与struts2的结合使用
    window.frames["detailFrm"].isSubmitting = true;//?起什么作用
    apache ant
    JodaTime 简介
    dbgrid中没有数据原因1
    网页 BODY的topMargin 和leftMargin
    在java类中定义log
    discuz论坛移动后,如果不能连接上数据库。可能是连接数据库的用户密码不正确。
    在后台对字符串进行转码
    [转] 我们的企业比日本少了什么
  • 原文地址:https://www.cnblogs.com/superxuezhazha/p/12395673.html
Copyright © 2011-2022 走看看