Java-Mysql Getter / Setter
[英]Java - Mysql Getter/Setter
问题描述
I'm newbie in java, I use getter and setter, as the user authentic. 
我是Java的新手,我使用getter和setter作为用户真实身份。 - How to add a query in the getter and setter? -如何在getter和setter中添加查询? - How to use ResultSet, Statement on getter and setter? -如何使用ResultSet,getter和setter上的语句?
Excuse my English, is very lousy. 打扰一下,我的英语很糟糕。 Thanks for your reply 感谢您的回复
My Class Connection 我的班级联系
public class con {
String driver = "com.mysql.jdbc.Driver";
String url ="jdbc:mysql://localhost:3306/tienda";
String user = "root";
String pw = "";
Connection conn = null;
public ResultSet iList(String iSql){
try{
Class.forName(driver).newInstance();
Connection oCnn = DriverManager.getConnection(url,user,pw);
PreparedStatement oPst = oCnn.prepareStatement(iSql);
ResultSet oRst = oPst.executeQuery();
return oRst;
}catch(Exception e){
return null;
}
}
public String Exen(String iSql){
try{
Class.forName(driver).newInstance();
Connection oCnn = DriverManager.getConnection(url, user, pw);
PreparedStatement oPst = oCnn.prepareStatement(iSql);
int i= oPst.executeUpdate();
return null;
}catch(Exception e){
return "error "+e.getMessage();
}
}
}
My User Getter and setter 我的用户获取器和设置器
public class usuario {
conexion cn = new con();
private String id;
private String name;
private String lastn;
private String dir;
private String iPass;
public String Eliminau(){
String cad ="delete from tblusuario where idusuario='" + this.getId() + "'";
return cn.Ejecutar(cad);
}
public String Login(){
String cad = "SELECT * FROM tblusuario WHERE name '" + this.getname() + "' AND pass = '"+
this.getiPass() + "'";
return cn.Ejecutar(cad);
}
public String agregar(){
String cad = "INSERT INTO tblusuario VALUES('" +
this.getId() + "','" + this.getiPass() + "','" + this.getname() + "','" +
this.getlastn() + "','" + this.getDir() +"')";
return cn.Ejecutar(cad);
}
public String getId() { return id;}
public void setId(String id) {this.id = id;}
public String getname() { return name;}
public void setname(String name) {this.name = name;}
public String getlastn() {return lastn;}
public void setlastn(String lastn) {this.lastn = lastn;}
public String getDir() {return dir;}
public void setDir(String dir) {this.dir = dir; }
public String getiPass() { return iPass;}
public void setiPass(String iPass) {
String cript;
cript = DigestUtils.md5Hex(iPass);
this.iPass = cript;
}
}
1 个解决方案
解决方案1
0 已采纳 2013-11-23 01:09:57
First, your whole code is kinda badly composed. 首先,您的整个代码有点糟糕。 Don't return ResultSet or Statement at all. 根本不返回ResultSet或Statement 。 Best idea is to use DAO design pattern which will ensure clean code at least. 最好的想法是使用DAO设计模式 ,这将至少确保干净的代码。
Also, in that example, it's shown how to use PreparedStatement to prevent SQL injection vulnerability. 此外,在该示例中,还显示了如何使用PreparedStatement防止SQL注入漏洞。 And your code is quite vulnerable. 而且您的代码非常脆弱。 Here is mkyongs tutorial about JDBC too. 这也是关于JDBC的mkyongs教程。
Here is my GitHub project about JDBC too. 这也是我关于JDBC的GitHub项目 。 Made just for cases like yours. 专为像您这样的情况而设计。 Download it and test it. 下载并测试。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.