package com.stripbandunk.database.service;
public class ProgramInjection {
public static void main(String[] args) {
BarangService service = new BarangService();
String kode = "008' OR 'a' = 'a";
service.delete(kode);
String sql = "DELETE FROM barang WHERE kode = '"+kode+"'; ";
System.out.println(sql);
}
}
package
com.stripbandunk.database.service;
public class Program {
public static void main(String[] args) {
// TODO code application logic here
BarangService service = new BarangService();
service.insert("004", "Rexona Man", "Deodoran", 15000, 10);
service.insert("005", "Rexona Woman", "Deodoran", 17000, 10);
service.update("004", "Rexona Men", "Deodoran", 13000, 100);
service.delete("005");
}
}
public class Program {
public static void main(String[] args) {
// TODO code application logic here
BarangService service = new BarangService();
service.insert("004", "Rexona Man", "Deodoran", 15000, 10);
service.insert("005", "Rexona Woman", "Deodoran", 17000, 10);
service.update("004", "Rexona Men", "Deodoran", 13000, 100);
service.delete("005");
}
}
package com.stripbandunk.database.service;
import com.stripbandunk.database.util.DatabaseUtil;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
/**
*
* @author echo
*/
public class BarangService {
private Connection koneksi;
public BarangService(){
koneksi = DatabaseUtil.getKoneksi();
}
public void insert(String kode, String nama, String kategori, int harga, int stok){
Statement statement = null;
try{
statement = koneksi.createStatement();
System.out.println("Statement berhasil dibuat");
String sql = "INSERT INTO barang(kode, nama, kategori, harga, stok) VALUES ('"+kode+"', '"+nama+"', '"+kategori+"',"+harga+","+stok+" );";
statement.executeUpdate(sql);
}catch(SQLException ex){
System.out.println("Error : " + ex.getMessage());
}finally{
if(statement != null){
try{
statement.close();
System.out.println("Berhasil menutup statement");
}catch(SQLException ex){
System.out.println("Gagal menutup statement");
}
}
}
}
public void update(String kode, String nama, String kategori, int harga, int stok){
Statement statement = null;
try{
statement = koneksi.createStatement();
System.out.println("Statement berhasil dibuat");
String sql = "UPDATE barang SET nama = '"+nama+"', kategori = '"+kategori+"', harga = "+harga+", stok = "+stok+" WHERE kode = '"+kode+"'; ";
statement.executeUpdate(sql);
}catch(SQLException ex){
System.out.println("Error : " + ex.getMessage());
}finally{
if(statement != null){
try{
statement.close();
System.out.println("Berhasil menutup statement");
}catch(SQLException ex){
System.out.println("Gagal menutup statement");
}
}
}
}
public void delete(String kode){
Statement statement = null;
try{
statement = koneksi.createStatement();
System.out.println("Statement berhasil dibuat");
String sql = "DELETE FROM barang WHERE kode = '"+kode+"'; ";
statement.executeUpdate(sql);
}catch(SQLException ex){
System.out.println("Error : " + ex.getMessage());
}finally{
if(statement != null){
try{
statement.close();
System.out.println("Berhasil menutup statement");
}catch(SQLException ex){
System.out.println("Gagal menutup statement");
}
}
}
}
}
import com.stripbandunk.database.util.DatabaseUtil;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
/**
*
* @author echo
*/
public class BarangService {
private Connection koneksi;
public BarangService(){
koneksi = DatabaseUtil.getKoneksi();
}
public void insert(String kode, String nama, String kategori, int harga, int stok){
Statement statement = null;
try{
statement = koneksi.createStatement();
System.out.println("Statement berhasil dibuat");
String sql = "INSERT INTO barang(kode, nama, kategori, harga, stok) VALUES ('"+kode+"', '"+nama+"', '"+kategori+"',"+harga+","+stok+" );";
statement.executeUpdate(sql);
}catch(SQLException ex){
System.out.println("Error : " + ex.getMessage());
}finally{
if(statement != null){
try{
statement.close();
System.out.println("Berhasil menutup statement");
}catch(SQLException ex){
System.out.println("Gagal menutup statement");
}
}
}
}
public void update(String kode, String nama, String kategori, int harga, int stok){
Statement statement = null;
try{
statement = koneksi.createStatement();
System.out.println("Statement berhasil dibuat");
String sql = "UPDATE barang SET nama = '"+nama+"', kategori = '"+kategori+"', harga = "+harga+", stok = "+stok+" WHERE kode = '"+kode+"'; ";
statement.executeUpdate(sql);
}catch(SQLException ex){
System.out.println("Error : " + ex.getMessage());
}finally{
if(statement != null){
try{
statement.close();
System.out.println("Berhasil menutup statement");
}catch(SQLException ex){
System.out.println("Gagal menutup statement");
}
}
}
}
public void delete(String kode){
Statement statement = null;
try{
statement = koneksi.createStatement();
System.out.println("Statement berhasil dibuat");
String sql = "DELETE FROM barang WHERE kode = '"+kode+"'; ";
statement.executeUpdate(sql);
}catch(SQLException ex){
System.out.println("Error : " + ex.getMessage());
}finally{
if(statement != null){
try{
statement.close();
System.out.println("Berhasil menutup statement");
}catch(SQLException ex){
System.out.println("Gagal menutup statement");
}
}
}
}
}
Anda baru saja membaca artikel yang berkategori database
dengan judul Database Service. Anda bisa bookmark halaman ini dengan URL https://mbahjava.blogspot.com/2014/03/package-com.html. Terima kasih!
Ditulis oleh:
Unknown - Sabtu, 29 Maret 2014
Belum ada komentar untuk "Database Service"
Posting Komentar
Catatan: Hanya anggota dari blog ini yang dapat mengirim komentar.