PreparedStatement Based on JAVA

Overview: 1. this article uses the try-with-resource structure for clear code structure. Use it in Java 7 (or change it to the normal mode by yourself. pre-compiled SQL statements are stored in the PreparedStatement object. Therefore, the execution efficiency of PreparedStatement is higher than that of Statement 3. use placeholders (?) So that repeated statements in the structure do not need to be written repeatedly. For example, if I want to insert two stmt records in Statement. addBatch ("insert into t_student values ('11', 'xiaoming ', 'male')"); stmt. addBatch ("insert into t_student values ('22', 'xiaoming 2', 'male')"); Use placeholders in PreparedStatement. You only need to enter the placeholder data to con. prepareStatement ("insert into t_student values (?,?,?) "). For details, see Example 4. benefits: 1. prevent repeated compilation of SQL statements with similar structures. no worries about concatenating strings 3. prevent SQL injection (concatenated strings may cause SQL Injection problems) 4. SQL statements are pre-compiled in the PreparedStatement object, with good performance of 5. we recommend that you read the related Statement articles before using them. Many methods are similar to Java code: package com. cxy. jdbc; import java. SQL. connection; import java. SQL. driverManager; import java. SQL. preparedStatement; import java. SQL. resultSet; import java. SQL. resultSetMetaData; import java. SQL. SQLException;/*** @ author cxy */public class Prep AredStatementTest {public static void main (String [] args) {try (Connection con = DriverManager. getConnection ("jdbc: mysql: // localhost/dbtest", "root", "root"); PreparedStatement pstmt = con. prepareStatement ("insert into t_student values (?,?,?) ");) {// ExecuteUpdate execute the insert statement pstmt. setString (1, "123"); pstmt. setString (2, "Red"); pstmt. setObject (3, ""); // if you do not know what type of placeholder data is, use setObject. jdbc automatically converts it to the appropriate type pstmt.exe cuteUpdate (); System. out. println ("===================="); // clearParameters: clears the current parameter, if you run the command directly, the following error occurs: No value specified for parameter 1 // pstmt. clearParameters (); // pstmt.exe cuteUpdate (); // execute the query statement and return the result set PreparedStatement pstmt1 = con. prepareStatement ("select * from t_student"); printResultSet(pstmt1.exe cuteQuery (); System. out. println ("=================="); // ResultSetMetaData: resultSet object related information ResultSetMetaData rsmd = pstmt1.getMetaData (); System. out. println ("Number of result set fields:" + rsmd. getColumnCount (); System. out. println ("table name:" + rsmd. getTableName (1); // obtain the table name of the table where the specified parameter is located. // For more information, see ResultSetMetaData.} catch (Exception e) {e. printStackTrace (); System. out. println ("database operation exception");} www.2cto.com} public static void printResultSet (ResultSet rs2) {try {while (rs2.next () {System. out. println (rs2.getString (1) + "\ t" + rs2.getString (2) + "\ t" + rs2.getString (3);} catch (SQLException e) {e. printStackTrace ();}}}