package com.zhiyou.dao; import com.zhiyou.entity.User; import com.zhiyou.util.BaseDao; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.ArrayList; import java.util.List; import java.util.Scanner; public class LoginDao extends BaseDao { //新增一个用户 public int insertUser() throws Exception { int i=0; super.getConnection();//创建链接 Scanner sc=new Scanner(System.in); System.out.println("输入要添加的用户名"); String username=sc.next(); System.out.println("输入密码"); String password=sc.next(); /*System.out.println("输入id"); int id = Integer.valueOf(sc.next()).intValue();*/ String sql = "insert into login values('"+username+"','"+password+"')"; this.st=conn.createStatement(); i=st.executeUpdate(sql); closeAll(); return i; } //新增一个用户 public int insertUser2(String username,String password) throws Exception { int i=0; super.getConnection();//创建链接 String sql = "insert into login values('"+username+"','"+password+"')"; this.st=conn.createStatement(); i=st.executeUpdate(sql); closeAll(); return i; } // 查 public List<User> getAll() { List<User> list = new ArrayList<User>(); this.getConnection(); try { this.st = conn.createStatement(); String sql = "select * from login"; rs=st.executeQuery(sql); while(rs.next()) { User user = new User(); user.setUsername(rs.getString("username")); user.setPassword(rs.getString("password")); list.add(user); } this.closeAll(); } catch (SQLException e) { e.printStackTrace(); } return list; } // 查 根据输入的username返回用户user public User getById(String username) throws Exception { User user = null; this.getConnection(); // 建立SQL语句 String sql = "select username,password from login where username='"+ username +"'"; System.out.println("sql语句:" + sql); // 建立执行语句 this.st = conn.createStatement(); // 执行SQL语句,返回结果集 rs = st.executeQuery(sql); // 遍历结果集 if(rs.next()) { user = new User(); user.setUsername(rs.getString("username")); user.setPassword(rs.getString("password")); } // 关闭资源 this.closeAll(); // 返回对象user return user; } // 删 public int deleteDao () throws Exception { int j = 0; // 得到链接 super.getConnection(); Scanner sc = new Scanner(System.in); System.out.println("输入要删除的用户名"); String username=sc.next(); // 建立SQL语句 String sql = "delete from login where username='"+username+"'"; // 建立执行语句 this.st = conn.createStatement(); // 执行SQL语句,返回结果 j = st.executeUpdate(sql); // 关闭资源 closeAll(); // 返回删除结果 return j; } // 改 public int updateDao() throws Exception { int a = 0; // 得到链接 super.getConnection(); Scanner sc = new Scanner(System.in); System.out.println("修改用户名输入:1 修改密码请输入:2"); String num = sc.next(); if(num != null && num.equals("1")) { System.out.println("输入要修改姓名的用户名"); String username1 = sc.next(); System.out.println("输入新的用户名"); String username2 = sc.next(); // SQL语句 String sql = "update login set username='"+username2+"' where username='"+username1+"' "; // 得到执行语句 this.st = conn.createStatement(); // 执行修改用户名语句 int k = st.executeUpdate(sql); a = k; // 关闭资源 closeAll(); }else if(num != null && num.equals("2")) { System.out.println("输入要修改密码的用户名"); String username1 = sc.next(); System.out.println("输入新的密码"); String password = sc.next(); // SQL语句 String sql = "update login set password='"+password+"' where username='"+username1+"' "; // 得到执行语句 this.st = conn.createStatement(); // 执行修改用户名语句 int k = st.executeUpdate(sql); a = k; // 关闭资源 closeAll(); } // 返回结果 return a; } // 登陆 public User login(String username,String password) { User user = null; this.getConnection(); try { st=conn.createStatement(); String sql = "select username,password from login where username='"+username+"' and password='"+ password+"'"; System.out.println("sql: "+sql); rs = st.executeQuery(sql); // 遍历结果集 if(rs.next()) { user = new User(); user.setUsername(rs.getString("username")); user.setPassword(rs.getString("password")); } } catch (SQLException e) { e.printStackTrace(); }finally { // 不管是否出现异常,都会执行finally中的代码 closeAll(); } return user; } // 登陆 :使用preparedStatement 避免SQL注入 public User login2(String username,String password) { User user = null; this.getConnection(); try { // SQL语句 String sql = "select username,password from login where username=? and password=?"; System.out.println("sql: "+sql); // 准备执行语句 ps = conn.prepareStatement(sql); // 设置第一个通配符为username, 至关于 给第一个通配符? 赋值 ps.setString(1, username); // 设置第二个通配符为password ps.setString(2, password); // 执行SQL语句,返回结果集 rs = ps.executeQuery(); // 遍历结果集 if(rs.next()) { user = new User(); user.setUsername(rs.getString("username")); user.setPassword(rs.getString("password")); } } catch (SQLException e) { e.printStackTrace(); }finally { // 不管是否出现异常,都会执行finally中的代码 closeAll(); } return user; } }