Smart insert: Batch, every 1000 commits, SQL injection (security, use soft parsing, improve efficiency)
SQL injection attacks: Simple Example
SELECT * FROM table where name= ' "+un+" ' and psw= ' "+pw+" ' ",
If any character can be entered, un casually input 12345 ' or 1=1--so that the AA will be select * from table where name= ' 12345 ' or 1=1--password
String sql = "INSERT into employee (name, city, phone) values (?,?,?)"; Connection Connection=Newgetconnection (); PreparedStatement PS=connection.preparestatement (SQL);Final intbatchsize = 1000;intCount = 0; for(Employee employee:employees) {ps.setstring (1, Employee.getname ()); Ps.setstring (2, Employee.getcity ()); Ps.setstring (3, Employee.getphone ()); Ps.addbatch (); if(++count% BatchSize = = 0) {ps.executebatch (); }}ps.executebatch (); //Insert remaining Recordsps.close (); Connection.close ();
Java JDBCI BULK INSERT Data