import java.sql.*; public class Jdbc { public static void main(String[] args) { try { prep1(); } catch (ClassNotFoundException e) { e.printStackTrace(); } catch (SQLException e) { e.printStackTrace(); } } public static void prep1() throws ClassNotFoundException, SQLException { Class.forName("com.mysql.jdbc.Driver"); String url = "jdbc:mysql://localhost:3306/vip21?autoReconnect=true&failOverReadOnly=false&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=GMT%2B8"; String user = "root"; String passwd = "123456"; String username = "1 OR 1 = 1"; String password = "123456"; Connection connection = DriverManager.getConnection(url, user, passwd); String sql = "SELECT * FROM tb_users WHERE username = ? LIMIT 1"; //MYSQL 服务器会把这个SQL 编译成2进制 PreparedStatement preparedStatement = connection.prepareStatement(sql); preparedStatement.setString( 1, username ); ResultSet resultSet = preparedStatement.executeQuery(); while ( resultSet.next() ) { String password1 = resultSet.getString("password"); if ( password1.equals(password) ) { System.out.println( "用户登陆成功" ); return ; } } System.out.println( "用户登陆失败" ); } public static void resultSet() throws ClassNotFoundException, SQLException { Class.forName("com.mysql.jdbc.Driver"); String url = "jdbc:mysql://localhost:3306/vip21?autoReconnect=true&failOverReadOnly=false&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=GMT%2B8"; String user = "root"; String passwd = "123456"; String id = "3"; Connection connection = DriverManager.getConnection(url, user, passwd); Statement statement = connection.createStatement(); String sql = "SELECT * FROM tb_brand WHERE id = " + id; ResultSet resultSet = statement.executeQuery(sql); while ( resultSet.next() ) { System.out.println( resultSet.getInt("id") ); System.out.println( resultSet.getString("brand_name") ); System.out.println( resultSet.getString("company_name") ); System.out.println( resultSet.getString("description") ); } //System.out.println( resultSet ); } public static void prep() throws ClassNotFoundException, SQLException { Class.forName("com.mysql.jdbc.Driver"); String url = "jdbc:mysql://localhost:3306/vip21?autoReconnect=true&failOverReadOnly=false&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=GMT%2B8"; String user = "root"; String passwd = "123456"; String username = "1 OR 1 = 1"; String password = "123456"; Connection connection = DriverManager.getConnection(url, user, passwd); Statement statement = connection.createStatement(); String sql = "SELECT * FROM tb_users WHERE username = " + username + " LIMIT 1"; ResultSet resultSet = statement.executeQuery(sql); while ( resultSet.next() ) { String password1 = resultSet.getString("password"); if ( password1.equals(password) ) { System.out.println( "用户登陆成功" ); return ; } } System.out.println( "用户登陆失败" ); } public static void Jdbc() throws ClassNotFoundException, SQLException { Class.forName("com.mysql.jdbc.Driver"); String url = "jdbc:mysql://localhost:3306/test?autoReconnect=true&failOverReadOnly=false&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=GMT%2B8"; String user = "root"; String passwd = "123456"; Connection connection = DriverManager.getConnection(url, user, passwd); connection.setAutoCommit(false); Statement statement = connection.createStatement(); String sql = "INSERT INTO `t` (`name`, `age`) VALUES ('李四', 22)"; int i = statement.executeUpdate(sql); connection.commit(); System.out.println( i ); } }