日期:2014-05-20 浏览次数:20998 次
public class ParameterizedQuery {
public static void main(String[] args) throws IOException, ClassNotFoundException, SQLException {
InputStreamReader isr=new InputStreamReader(System.in);
BufferedReader br=new BufferedReader(isr);
//提示用户输入用户名和密码
System.out.println("请输入用户名:");
String name=br.readLine();
System.out.println("请输入密码:");
String pwd=br.readLine();
//建立数据库链接
String driver="com.mtsql.jdbc.Driver";
//访问数据库
String url="jdbc:mysql://127.0.0.1:3306/users";
String user="root";
String password="root";
//加载驱动
Class.forName(driver);
//连续数据库
Connection conn=DriverManager.getConnection(url,user,password);
if(!conn.isClosed())
System.out.println("Succeeded connecting to the Datebase");
//statement用来执行SQL语句
Statement statement=conn.createStatement();
String sql="select count(*) from users where name='"+name+"'and password='"+pwd+"'";
//将name的数据赋值给查询语句中name
//将pwd的数据赋值给查询语句中password
String name=br.readLine();
String pwd=br.readLine();
Connection conn=null;
PreparedStatement prpst=conn.prepareStatement("select count(*) from users where name=? and password=?");
prpst.setString(1, name); //给第一个问号赋值
prpst.setString(2, pwd); //给第二个问号赋值
prpst.executeQuery();