JSP动态网站开发与项目实战

JSP动态网站开发与项目实战

使用占位符更加安全

package com.cs.model;

import java.sql.DriverManager;
import java.sql.PreparedStatement;

import com.mysql.jdbc.Connection;
import com.mysql.jdbc.Driver;
import com.mysql.jdbc.Statement;

public class JdbcTest {

	/**
	 * @param args
	 */
	public static void main(String[] args) {

		jdbcDelete("as", "as");

	}

	public static void jdbcDelete( String name, String sex) {
		try {
			Class.forName("com.mysql.jdbc.Driver");
			Connection connection = (Connection) DriverManager.getConnection(
					"jdbc:mysql://127.0.0.1:3306/lol", "root", "123456");
			String sql="insert into hero (name ,sex) value (?,?)";//?是占位符
			PreparedStatement pst=connection.prepareStatement(sql);
			pst.setString(1, name);
			pst.setString(2, sex);
			pst.execute();
			pst.close();
			connection.close();


		} catch (Exception e) {
			e.printStackTrace();
		}
	}

}