注:此博客不再更新,所有最新文章将发表在个人独立博客limengting.site。分享技术,记录生活,欢迎大家关注
使用login登录成功,即sql攻击:
因为组合在一起的sql语句是:
SELECT * FROM user WHERE username='a' or 'a'='a' and password='a' or 'a'='a'
使用login1函数失败:
package sunnietest;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import org.junit.Test;
/**
* 测试sql注入问题
*
*/
public class TestLogin {
@Test
public void testLogin() {
try {
login("a' or 'a'='a", "a' or 'a'='a");
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 用户登录方法
*
* @param username
* @param password
* @throws ClassNotFoundException
* @throws SQLException
*/
public void login(String username, String password) throws SQLException {
// 1.注册驱动
//Class.forName("com.mysql.jdbc.Driver");
// 2.获取连接
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/sunnie?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC&useSSL=true", "root", "wangji1997");
// 3.创建执行sql语句的对象
Statement stmt = conn.createStatement();
// 4.书写一个sql语句
String sql = "select * from user where " + "name='" + username + "' and password='" + password + "'";
// 5.执行sql语句
ResultSet rs = stmt.executeQuery(sql);
// 6.对结果集进行处理
if (rs.next()) {
System.out.println("恭喜您," + username + ",登录成功!");
System.out.println(sql);
} else {
System.out.println("账号或密码错误!");
}
if (rs != null)
rs.close();
if (stmt != null)
stmt.close();
if (conn != null)
conn.close();
}
public void login1(String username, String password) throws SQLException {
// 1.注册驱动
//Class.forName("com.mysql.jdbc.Driver");
// 2.获取连接
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/sunnie?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC&useSSL=true", "root", "wangji1997");
// 3.编写sql语句
String sql = "select * from user where name=? and password=?";
// 4.创建预处理对象
PreparedStatement pstmt = conn.prepareStatement(sql);
// 5.设置参数(给占位符)
pstmt.setString(1, username);
pstmt.setString(2, password);
// 6.执行查询操作
ResultSet rs = pstmt.executeQuery();
// 7.对结果集进行处理
if (rs.next()) {
System.out.println("恭喜您," + username + ",登录成功!");
System.out.println(sql);
} else {
System.out.println("账号或密码错误!");
}
if (rs != null)
rs.close();
if (pstmt != null)
pstmt.close();
if (conn != null)
conn.close();
}
}