Java 根据不同的id开头更改数据库中的密码
我有3张表(医生、护士、病人),他们都有不同的id起始,医生id起始为101,护士id起始为102,病人id起始为200。 我想根据他们id的开头更改密码。 在我的JFrame中,我有5个jComponent、4个Jtextfields和1个Jbutton 1个用于id的Jtextfields(名称:idField) 1当前密码的Jtextfields(名称:currentPass) 新密码的2个Jtextfields(名称:newPass1,newPass2) 1个用于操作的Jbutton(名称:changeButton) 我在代码中使用了两种不同的方法,但这两种方法都不适用于我。 你能帮我解决这个问题吗 第一种方式:Java 根据不同的id开头更改数据库中的密码,java,mysql,database,drag-and-drop,Java,Mysql,Database,Drag And Drop,我有3张表(医生、护士、病人),他们都有不同的id起始,医生id起始为101,护士id起始为102,病人id起始为200。 我想根据他们id的开头更改密码。 在我的JFrame中,我有5个jComponent、4个Jtextfields和1个Jbutton 1个用于id的Jtextfields(名称:idField) 1当前密码的Jtextfields(名称:currentPass) 新密码的2个Jtextfields(名称:newPass1,newPass2) 1个用于操作的Jbutton(名
private void changeButtonActionPerformed(java.awt.event.ActionEvent evt) {
id=idField.getText();
newpass1=newPass1.getText();
newpass2=newPass2.getText();
try {
con = DriverManager.getConnection("jdbc:derby://localhost:1527/hj", "xxx", "xxx");
st = con.createStatement();
if (newpass1.equals(newpass2)){
ResultSet rs = st.executeQuery("update patient set patient_Password="+ newpass1 +" where patient_Id="+id+" and patient_Id like '200%'");
JOptionPane.showMessageDialog(this , "Successfully changed", "Patient password successfuly changed !",JOptionPane.PLAIN_MESSAGE);
ResultSet rs1 = st.executeQuery("update Nurse set nurse_password="+ newpass1 +" where nurse_id="+id+" and nurse_id like '102%'");
JOptionPane.showMessageDialog(this , "Successfully changed", "Nurse password successfuly changed !",JOptionPane.PLAIN_MESSAGE);
ResultSet rs2 = st.executeQuery("update doctor set doctor_password="+ newpass1 +" where doctor_id="+id+" and doctor_id like '101%'");
JOptionPane.showMessageDialog(this , "Successfully changed", "Doctor password successfuly changed !",JOptionPane.PLAIN_MESSAGE);
} else
JOptionPane.showMessageDialog(this , "Not equal", "Your new passwords are not equal!! , try again",JOptionPane.ERROR_MESSAGE );
}catch (Exception x){
JOptionPane.showMessageDialog(this, x.getStackTrace());
}
}
第二种方式:
private void changeButtonActionPerformed(java.awt.event.ActionEvent evt) {
id=idField.getText();
newpass1=newPass1.getText();
newpass2=newPass2.getText();
try {
con = DriverManager.getConnection("jdbc:derby://localhost:1527/hj", "xxx", "xxx");
st = con.createStatement();
if (newpass1.equals(newpass2)){
if (id.startsWith("200")){
ResultSet rs = st.executeQuery("update patient set patient_Password="+ newpass1 +" where patient_Id="+id+"");
JOptionPane.showMessageDialog(this , "Successfully changed", "Patient password successfuly changed !",JOptionPane.PLAIN_MESSAGE);
}
else if (id.startsWith("102")){
ResultSet rs = st.executeQuery("update Nurse set nurse_password="+ newpass1 +" where nurse_id="+id+"");
JOptionPane.showMessageDialog(this , "Successfully changed", "Nurse password successfuly changed !",JOptionPane.PLAIN_MESSAGE);
}
else if (id.startsWith("101")){
ResultSet rs = st.executeQuery("update doctor set doctor_password="+ newpass1 +" where doctor_id="+id+"");
JOptionPane.showMessageDialog(this , "Successfully changed", "Doctor password successfuly changed !",JOptionPane.PLAIN_MESSAGE);
}
} else
JOptionPane.showMessageDialog(this , "Not equal", "Your new passwords are not equal!! , try again",JOptionPane.ERROR_MESSAGE );
}catch (Exception x){
JOptionPane.showMessageDialog(this, x.getStackTrace());
}
}
务必使用
PreparedStatement
if (id.startsWith("200")){
try (PreparedStatement pstmt = conn.prepareStatement("UPDATE patient SET patient_passwort=? WHERE patient_id=?");) {
pstmt.setString(1, newpass1);
pstmt.setString(2, id);
int rows = pstmt.executeUpdate();
JOptionPane.showMessageDialog(this , "Successfully changed",
"Patient password successfuly changed! (updated rows: "+rows+")", JOptionPane.PLAIN_MESSAGE);
}
}
通过连接查询,您将获得updatepatient set patient\u Password=abcdefghi,其中patient\u Id=200340和patient\u Id如“200%”
。
新密码(此处为abcdefghi
)不带引号,这是查询中字符串必须使用的密码。patient_id
也没有被引用,但它可能是一个数字字段,不需要被引用
顺便说一句:
- 不需要像“200%”这样的查询部分
患者id
- 您应该关闭任何PreparedStatement/语句实例,这可以通过使用try with resources(
)来完成。try(PreparedStatement xxx=…){…您的代码}//自动关闭
和连接
也是如此结果集
- 由于
是一个整数,因此您可能希望这样使用它:id
int updId=integer.parseInt(id)。。。pstmt.setInt(2,updId)代码>
org.apache.commons.dbutils.QueryRunner
QueryRunner r = new QueryRunner();
int rows = r.update(conn,
"UPDATE patient SET patient_passwort=? WHERE patient_id=?",
newpass1, id);
您应该使用
“
对varchar
值进行转义。更好的是,考虑使用<代码> PraveReals> ,它将为您提供值(并防止SQL注入)。