public void insert(Usuario user) {
// string para inserção
String sql = "insert into usuario(nome, login, senha) values (?, ?, md5(?))";
// prepare statement para o sql
try (PreparedStatement ps = con.prepareStatement(sql)) {
ps.setString(1, user.getNome());
ps.setString(2, user.getLogin());
ps.setString(3, user.getSenha());
// executa no banco
ps.execute();
} catch (SQLException e) {
e.printStackTrace();
}
}
public void update(Usuario user) {
// string para inserção
String sql = "update usuario set nome = ?, login = ?, senha = md5(?) where id = ?";
// prepare statement para o sql
try (PreparedStatement ps = con.prepareStatement(sql)) {
ps.setString(1, user.getNome());
ps.setString(2, user.getLogin());
ps.setString(3, user.getSenha());
ps.setInt(4, user.getId());
// executa no banco
ps.execute();
} catch (SQLException e) {
e.printStackTrace();
}
}
public Usuario authentic(Usuario usuConsulta) {
String sql = "select * from usuario where login=? and senha=md5(?)";
try (PreparedStatement ps = con.prepareStatement(sql)) {
ps.setString(1, usuConsulta.getLogin());
ps.setString(2, usuConsulta.getSenha());
ResultSet rs = ps.executeQuery();
if (rs.next()) {
Usuario userBanco = new Usuario();
userBanco.setId(rs.getInt("id"));
userBanco.setNome(rs.getString("nome"));
userBanco.setLogin(rs.getString("login"));
userBanco.setSenha(rs.getString("senha"));
return userBanco;
}
} catch (SQLException e) {
e.printStackTrace();
}
return null;
}