Statement stmt;
String sql;
int rows; sql = "INSERT INTO tCust "
+ "(custId, custName, custAddr) "
+ "VALUES "
+ "('" + custId + "',"
+ "('" + custName + "',"
+ "('" + custAddr + "')";stmt = theConn.dbConn.createStatement();
rows = stmt.executeUpdate(sql);
theConn.dbConn.commit();
stmt.close();
A PreparedStatement is used to insert data containing QUOTES PreparedStatement stmt = null;
String sql;
int rows; try {
sql = "INSERT INTO tCust"
+ "(custName) "
+ "VALUES "
+ "(?)";
stmt = theConn.dbConn.prepareStatement(sql);
stmt.setString(1, "Name with \" are permitted!");
rows = stmt.executeUpdate();
theConn.dbConn.commit();
stmt.close();
System.out.println(sql);
}
catch (Exception e){
e,printStackTrace();
}
========================================
PreparedStatement prepstmt;
try {
prepstmt = theConn.dbConn.prepareStatement
("DELETE FROM tCust "+
" WHERE custId = ?");
prepstmt.setString(1,cust_id.getText());
prepstmt.executeUpdate();
theConn.dbConn.commit();
prepstmt.close();
}
catch (Exception e) {
e.printStackTrace();
}
String sql;
int rows; sql = "INSERT INTO tCust "
+ "(custId, custName, custAddr) "
+ "VALUES "
+ "('" + custId + "',"
+ "('" + custName + "',"
+ "('" + custAddr + "')";stmt = theConn.dbConn.createStatement();
rows = stmt.executeUpdate(sql);
theConn.dbConn.commit();
stmt.close();
A PreparedStatement is used to insert data containing QUOTES PreparedStatement stmt = null;
String sql;
int rows; try {
sql = "INSERT INTO tCust"
+ "(custName) "
+ "VALUES "
+ "(?)";
stmt = theConn.dbConn.prepareStatement(sql);
stmt.setString(1, "Name with \" are permitted!");
rows = stmt.executeUpdate();
theConn.dbConn.commit();
stmt.close();
System.out.println(sql);
}
catch (Exception e){
e,printStackTrace();
}
========================================
PreparedStatement prepstmt;
try {
prepstmt = theConn.dbConn.prepareStatement
("DELETE FROM tCust "+
" WHERE custId = ?");
prepstmt.setString(1,cust_id.getText());
prepstmt.executeUpdate();
theConn.dbConn.commit();
prepstmt.close();
}
catch (Exception e) {
e.printStackTrace();
}
try {
prepstmt = theConn.dbConn.prepareStatement
("UPDATE tCust SET custName = ? "+
" WHERE custId = ?");
prepstmt.setString(1,"Smith");
prepstmt.setString(2, cust_id.getText());
prepstmt.executeUpdate();
theConn.dbConn.commit();
prepstmt.close();
}
catch (Exception e) {
e.printStackTrace();
}
如果用一般的查询,直接用Connection conn = ....;
Statement stmt = conn.creatStatement();
String sql = "update into ... set ... ";
stmt.excuteUpdate(sql);就可以了。
简单的查询,一般不要用到事物处理和 perpareStatement(楼上的),因为事物处理和 perpareStatement 都需要额外的开销。