0.前言
1. 加载数据库驱动类
Java与不同数据库的交互依赖于特定的JDBC驱动。以Oracle数据库为例,您需要下载并配置ojdbc5.jar文件。
步骤:
-
下载驱动:
-
通常,您可以在Oracle数据库的安装目录下找到
ojdbc5.jarojdbc5.jar
ojdbc5.jar -
文件,路径可能类似于:
app\Administrator\product\11.2.0\dbhome_1\jdbc\lib\ojdbc5.jarapp\Administrator\product\11.2.0\dbhome_1\jdbc\lib\ojdbc5.jar
app\Administrator\product\11.2.0\dbhome_1\jdbc\lib\ojdbc5.jar
-
-
添加到项目:
-
将
ojdbc5.jar复制到您的Java项目目录中。 -
在IDE中(如Eclipse或IntelliJ),右键点击项目,选择
Build Path -> Configure Build Path -> Libraries -> Add JARs,然后选择刚才添加的jar包。
-
-
-
在代码中使用以下方式加载驱动:
加载驱动:
Class.forName("oracle.jdbc.driver.OracleDriver");Class.forName("oracle.jdbc.driver.OracleDriver");Class.forName("oracle.jdbc.driver.OracleDriver");
-
2. 创建SQL语句
在连接数据库之前,您需要准备要执行的SQL语句。根据需求,SQL语句可以是插入、更新、删除或查询。
示例:
// 插入一条记录String insertSql = "INSERT INTO emp(empno, ename) VALUES (8888, 'aa')";// 查询所有员工String selectSql = "SELECT * FROM emp";// 插入一条记录 String insertSql = "INSERT INTO emp(empno, ename) VALUES (8888, 'aa')"; // 查询所有员工 String selectSql = "SELECT * FROM emp";// 插入一条记录 String insertSql = "INSERT INTO emp(empno, ename) VALUES (8888, 'aa')"; // 查询所有员工 String selectSql = "SELECT * FROM emp";
3. 创建数据库连接
使用DriverManager类创建数据库连接。以下是连接Oracle数据库的示例代码:
示例代码:
// 数据库连接信息String url = "jdbc:oracle:thin:@localhost:1521:ORCL"; // 数据库URLString userName = "SCOTT"; // 数据库用户名String userPass = "tiger"; // 数据库密码// 创建连接Connection conn = DriverManager.getConnection(url, userName, userPass);// 数据库连接信息 String url = "jdbc:oracle:thin:@localhost:1521:ORCL"; // 数据库URL String userName = "SCOTT"; // 数据库用户名 String userPass = "tiger"; // 数据库密码 // 创建连接 Connection conn = DriverManager.getConnection(url, userName, userPass);// 数据库连接信息 String url = "jdbc:oracle:thin:@localhost:1521:ORCL"; // 数据库URL String userName = "SCOTT"; // 数据库用户名 String userPass = "tiger"; // 数据库密码 // 创建连接 Connection conn = DriverManager.getConnection(url, userName, userPass);
4. 执行SQL语句
连接成功后,可以使用Statement、PreparedStatement或CallableStatement来执行SQL语句。
4.1 使用Statement
Statement适用于简单的SQL语句,但不推荐用于用户输入的内容,以避免SQL注入。
示例:
// 创建Statement对象Statement stmt = conn.createStatement();// 执行插入操作int result = stmt.executeUpdate(insertSql);if (result > 0) {System.out.println("插入成功");}// 执行查询操作ResultSet rs = stmt.executeQuery(selectSql);while (rs.next()) {String name = rs.getString("ename");double salary = rs.getDouble("sal");Date hireDate = rs.getDate("hiredate");System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate);}// 创建Statement对象 Statement stmt = conn.createStatement(); // 执行插入操作 int result = stmt.executeUpdate(insertSql); if (result > 0) { System.out.println("插入成功"); } // 执行查询操作 ResultSet rs = stmt.executeQuery(selectSql); while (rs.next()) { String name = rs.getString("ename"); double salary = rs.getDouble("sal"); Date hireDate = rs.getDate("hiredate"); System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate); }// 创建Statement对象 Statement stmt = conn.createStatement(); // 执行插入操作 int result = stmt.executeUpdate(insertSql); if (result > 0) { System.out.println("插入成功"); } // 执行查询操作 ResultSet rs = stmt.executeQuery(selectSql); while (rs.next()) { String name = rs.getString("ename"); double salary = rs.getDouble("sal"); Date hireDate = rs.getDate("hiredate"); System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate); }
4.2 使用PreparedStatement
PreparedStatement可以防止SQL注入,并且在执行多次相同SQL时性能更好。
示例:
// 创建PreparedStatement对象String preparedSql = "INSERT INTO emp(empno, ename) VALUES (?, ?)";PreparedStatement pstmt = conn.prepareStatement(preparedSql);// 设置参数pstmt.setInt(1, 8888);pstmt.setString(2, "aa");int insertResult = pstmt.executeUpdate();if (insertResult > 0) {System.out.println("插入成功");}// 查询示例String querySql = "SELECT * FROM emp WHERE ename LIKE ?";pstmt = conn.prepareStatement(querySql);pstmt.setString(1, "%aa%");ResultSet rs = pstmt.executeQuery();while (rs.next()) {String name = rs.getString("ename");System.out.println("查询结果: " + name);}// 创建PreparedStatement对象 String preparedSql = "INSERT INTO emp(empno, ename) VALUES (?, ?)"; PreparedStatement pstmt = conn.prepareStatement(preparedSql); // 设置参数 pstmt.setInt(1, 8888); pstmt.setString(2, "aa"); int insertResult = pstmt.executeUpdate(); if (insertResult > 0) { System.out.println("插入成功"); } // 查询示例 String querySql = "SELECT * FROM emp WHERE ename LIKE ?"; pstmt = conn.prepareStatement(querySql); pstmt.setString(1, "%aa%"); ResultSet rs = pstmt.executeQuery(); while (rs.next()) { String name = rs.getString("ename"); System.out.println("查询结果: " + name); }// 创建PreparedStatement对象 String preparedSql = "INSERT INTO emp(empno, ename) VALUES (?, ?)"; PreparedStatement pstmt = conn.prepareStatement(preparedSql); // 设置参数 pstmt.setInt(1, 8888); pstmt.setString(2, "aa"); int insertResult = pstmt.executeUpdate(); if (insertResult > 0) { System.out.println("插入成功"); } // 查询示例 String querySql = "SELECT * FROM emp WHERE ename LIKE ?"; pstmt = conn.prepareStatement(querySql); pstmt.setString(1, "%aa%"); ResultSet rs = pstmt.executeQuery(); while (rs.next()) { String name = rs.getString("ename"); System.out.println("查询结果: " + name); }
5. 处理返回结果
在执行查询后,您将获得一个ResultSet对象。通过ResultSet,可以遍历查询结果。
示例:
while (rs.next()) {String name = rs.getString("ename");double salary = rs.getDouble("sal");Date hireDate = rs.getDate("hiredate");System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate);}while (rs.next()) { String name = rs.getString("ename"); double salary = rs.getDouble("sal"); Date hireDate = rs.getDate("hiredate"); System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate); }while (rs.next()) { String name = rs.getString("ename"); double salary = rs.getDouble("sal"); Date hireDate = rs.getDate("hiredate"); System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate); }
6. 释放资源
在完成数据库操作后,务必释放资源,以避免内存泄漏。
示例:
// 释放ResultSet、Statement和Connectionif (rs != null) {rs.close();}if (stmt != null) {stmt.close();}if (conn != null) {conn.close();}// 释放ResultSet、Statement和Connection if (rs != null) { rs.close(); } if (stmt != null) { stmt.close(); } if (conn != null) { conn.close(); }// 释放ResultSet、Statement和Connection if (rs != null) { rs.close(); } if (stmt != null) { stmt.close(); } if (conn != null) { conn.close(); }
注意事项
SQL注入
使用Statement时,拼接SQL语句可能导致SQL注入问题。例如:
String e_name = "C OR '1'='1"; // 潜在的SQL注入String sql = "SELECT * FROM EMP WHERE ENAME LIKE '%" + e_name + "%'";String e_name = "C OR '1'='1"; // 潜在的SQL注入 String sql = "SELECT * FROM EMP WHERE ENAME LIKE '%" + e_name + "%'";String e_name = "C OR '1'='1"; // 潜在的SQL注入 String sql = "SELECT * FROM EMP WHERE ENAME LIKE '%" + e_name + "%'";
为了避免此类问题,建议使用PreparedStatement,它会自动处理参数,防止SQL注入。
事务管理
在进行多表操作时,建议使用事务管理,以确保数据一致性。
示例:
try {conn.setAutoCommit(false); // 关闭自动提交// 执行多个SQL操作pstmt.executeUpdate(insertSql);pstmt.executeUpdate(anotherSql); // 另一个SQL操作conn.commit(); // 手动提交} catch (SQLException e) {conn.rollback(); // 发生异常时回滚e.printStackTrace();} finally {// 释放资源if (pstmt != null) {pstmt.close();}if (conn != null) {conn.close();}}try { conn.setAutoCommit(false); // 关闭自动提交 // 执行多个SQL操作 pstmt.executeUpdate(insertSql); pstmt.executeUpdate(anotherSql); // 另一个SQL操作 conn.commit(); // 手动提交 } catch (SQLException e) { conn.rollback(); // 发生异常时回滚 e.printStackTrace(); } finally { // 释放资源 if (pstmt != null) { pstmt.close(); } if (conn != null) { conn.close(); } }try { conn.setAutoCommit(false); // 关闭自动提交 // 执行多个SQL操作 pstmt.executeUpdate(insertSql); pstmt.executeUpdate(anotherSql); // 另一个SQL操作 conn.commit(); // 手动提交 } catch (SQLException e) { conn.rollback(); // 发生异常时回滚 e.printStackTrace(); } finally { // 释放资源 if (pstmt != null) { pstmt.close(); } if (conn != null) { conn.close(); } }
整体代码示例
import java.sql.Connection;import java.sql.DriverManager;import java.sql.PreparedStatement;import java.sql.ResultSet;import java.sql.SQLException;public class OracleDatabaseExample {public static void main(String[] args) {// 数据库连接信息String url = "jdbc:oracle:thin:@localhost:1521:ORCL"; // 数据库URLString userName = "SCOTT"; // 数据库用户名String userPass = "tiger"; // 数据库密码Connection conn = null;PreparedStatement pstmt = null;ResultSet rs = null;try {// 加载Oracle JDBC驱动Class.forName("oracle.jdbc.driver.OracleDriver");// 创建数据库连接conn = DriverManager.getConnection(url, userName, userPass);System.out.println("数据库连接成功");// 插入一条记录String insertSql = "INSERT INTO emp(empno, ename) VALUES (?, ?)";pstmt = conn.prepareStatement(insertSql);pstmt.setInt(1, 8888); // 设置员工编号pstmt.setString(2, "aa"); // 设置员工姓名int insertResult = pstmt.executeUpdate();if (insertResult > 0) {System.out.println("插入成功");}// 查询所有员工String selectSql = "SELECT * FROM emp";pstmt = conn.prepareStatement(selectSql);rs = pstmt.executeQuery(); // 执行查询// 处理结果集while (rs.next()) {String name = rs.getString("ename");double salary = rs.getDouble("sal");java.sql.Date hireDate = rs.getDate("hiredate");System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate);}} catch (ClassNotFoundException e) {System.err.println("数据库驱动加载失败: " + e.getMessage());} catch (SQLException e) {System.err.println("数据库操作失败: " + e.getMessage());} finally {// 释放资源try {if (rs != null) rs.close();if (pstmt != null) pstmt.close();if (conn != null) conn.close();System.out.println("资源已释放");} catch (SQLException e) {System.err.println("释放资源失败: " + e.getMessage());}}}}import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; public class OracleDatabaseExample { public static void main(String[] args) { // 数据库连接信息 String url = "jdbc:oracle:thin:@localhost:1521:ORCL"; // 数据库URL String userName = "SCOTT"; // 数据库用户名 String userPass = "tiger"; // 数据库密码 Connection conn = null; PreparedStatement pstmt = null; ResultSet rs = null; try { // 加载Oracle JDBC驱动 Class.forName("oracle.jdbc.driver.OracleDriver"); // 创建数据库连接 conn = DriverManager.getConnection(url, userName, userPass); System.out.println("数据库连接成功"); // 插入一条记录 String insertSql = "INSERT INTO emp(empno, ename) VALUES (?, ?)"; pstmt = conn.prepareStatement(insertSql); pstmt.setInt(1, 8888); // 设置员工编号 pstmt.setString(2, "aa"); // 设置员工姓名 int insertResult = pstmt.executeUpdate(); if (insertResult > 0) { System.out.println("插入成功"); } // 查询所有员工 String selectSql = "SELECT * FROM emp"; pstmt = conn.prepareStatement(selectSql); rs = pstmt.executeQuery(); // 执行查询 // 处理结果集 while (rs.next()) { String name = rs.getString("ename"); double salary = rs.getDouble("sal"); java.sql.Date hireDate = rs.getDate("hiredate"); System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate); } } catch (ClassNotFoundException e) { System.err.println("数据库驱动加载失败: " + e.getMessage()); } catch (SQLException e) { System.err.println("数据库操作失败: " + e.getMessage()); } finally { // 释放资源 try { if (rs != null) rs.close(); if (pstmt != null) pstmt.close(); if (conn != null) conn.close(); System.out.println("资源已释放"); } catch (SQLException e) { System.err.println("释放资源失败: " + e.getMessage()); } } } }import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; public class OracleDatabaseExample { public static void main(String[] args) { // 数据库连接信息 String url = "jdbc:oracle:thin:@localhost:1521:ORCL"; // 数据库URL String userName = "SCOTT"; // 数据库用户名 String userPass = "tiger"; // 数据库密码 Connection conn = null; PreparedStatement pstmt = null; ResultSet rs = null; try { // 加载Oracle JDBC驱动 Class.forName("oracle.jdbc.driver.OracleDriver"); // 创建数据库连接 conn = DriverManager.getConnection(url, userName, userPass); System.out.println("数据库连接成功"); // 插入一条记录 String insertSql = "INSERT INTO emp(empno, ename) VALUES (?, ?)"; pstmt = conn.prepareStatement(insertSql); pstmt.setInt(1, 8888); // 设置员工编号 pstmt.setString(2, "aa"); // 设置员工姓名 int insertResult = pstmt.executeUpdate(); if (insertResult > 0) { System.out.println("插入成功"); } // 查询所有员工 String selectSql = "SELECT * FROM emp"; pstmt = conn.prepareStatement(selectSql); rs = pstmt.executeQuery(); // 执行查询 // 处理结果集 while (rs.next()) { String name = rs.getString("ename"); double salary = rs.getDouble("sal"); java.sql.Date hireDate = rs.getDate("hiredate"); System.out.println("员工姓名: " + name + ", 薪水: " + salary + ", 入职日期: " + hireDate); } } catch (ClassNotFoundException e) { System.err.println("数据库驱动加载失败: " + e.getMessage()); } catch (SQLException e) { System.err.println("数据库操作失败: " + e.getMessage()); } finally { // 释放资源 try { if (rs != null) rs.close(); if (pstmt != null) pstmt.close(); if (conn != null) conn.close(); System.out.println("资源已释放"); } catch (SQLException e) { System.err.println("释放资源失败: " + e.getMessage()); } } } }
© 版权声明
- 本博客所拥有的文章除特别声明外,均默认采用 CC BY 4.0 许可协议。
- 文章部分内容可能来源于公共网络,如有侵权,请联系博主在核实后进行修改或删除。
THE END
暂无评论内容