用户注册登录功能
注册功能
- 用户信息:用户名和密码
- 在控制台输入信息
登录功能
- 让用户输入用户名和密码进行登录(用户名和密码同时匹配才能登录)
前提
- 连接mysql数据库的mysql-connector-java-5.1.45-bin.jar
- 怎么导包点击下面链接查看
如何导入mysql-connector-java-5.1.45-bin.jar
创建一个表t_user:id,username,password
drop table if exists t_user;
create table t_user(
id int(4) primary key auto_increment,
username varchar(32) not null,
password varchar(32) not null
);
1. 注册
package Test1;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
public class JDBCRegister {
public static void main(String[] args) throws IOException {
//--------从控制台获取用户输入的信息-----
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("欢迎注册!!!");
System.out.println("请输入用户名和密码进行注册");
System.out.println("请输入用户名:");
String username = br.readLine();
System.out.println("请输入密码:");
String pwd = br.readLine();
Connection conn = null;
Statement stmt = null;
int count = 0;
try {
//1.注册驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接
String url = "jdbc:mysql://localhost:3306/dany";
String user = "root";
String password = "root";
conn = DriverManager.getConnection(url,user,password);
//3. 获取数据库操作对象
stmt = conn.createStatement();
//4. 执行SQL语句DML语句
String sql_insert = "insert into t_user(username,password) values('"+username+"','"+pwd+"')";
count = stmt.executeUpdate(sql_insert);
System.out.println(count);
} catch (Exception e) {
e.printStackTrace();
}finally {
//关闭资源
if(stmt != null) {
try {
stmt.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(conn != null) {
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
if(count == 1) {
System.out.println("恭喜注册成功!!!");
}else {
System.out.println("对不起,您注册失败!!!");
}
}
}
2. 登录
原代码
package Test1;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class JDBCLogin {
public static void main(String[] args) throws IOException {
//--------从控制台获取用户输入的信息-----
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("欢迎登录!!!");
System.out.println("请输入用户名和密码进行登录");
System.out.println("请输入用户名:");
String username = br.readLine();
System.out.println("请输入密码:");
String pwd = br.readLine();
//-------连接数据库-------
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
boolean flag = false;
try {
//1.注册驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接
String url = "jdbc:mysql://localhost:3306/dany";
String user = "root";
String password = "root";
conn = DriverManager.getConnection(url,user,password);
//3. 获取数据库操作对象
stmt = conn.createStatement();
//4. 执行SQL语句DQL语句
String sql = "select username from t_user where username = '"+username+"' and password = '"+pwd+"'";
rs = stmt.executeQuery(sql);
//5.处理结果集
if(rs.next()) {
flag = true;
}
} catch (Exception e) {
e.printStackTrace();
}finally {
//关闭资源
if(rs != null) {
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(stmt != null) {
try {
stmt.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(conn != null) {
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
if(flag) {
System.out.println("登录成功!!!");
}else {
System.out.println("对不起,您输入的用户名或密码错误!!!");
}
}
}
- 此程序出现了Bug
使用debug调试
- 输入的用户名和密码组成了select语句为:
select username from t_user where username = 'asd' and password = 'asd' or '00'='00';
恒成立
修改后代码
package Test1;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
public class JDBCLogin {
public static void main(String[] args) throws IOException {
//--------从控制台获取用户输入的信息-----
BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
System.out.println("欢迎登录!!!");
System.out.println("请输入用户名和密码进行登录");
System.out.println("请输入用户名:");
String username = br.readLine();
System.out.println("请输入密码:");
String pwd = br.readLine();
//-------连接数据库-------
Connection conn = null;
ResultSet rs = null;
PreparedStatement ps = null;
boolean flag = false;
try {
//1.注册驱动
Class.forName("com.mysql.jdbc.Driver");
//2.获取数据库连接
String url = "jdbc:mysql://localhost:3306/dany";
String user = "root";
String password = "root";
conn = DriverManager.getConnection(url,user,password);
//3.定义SQL语句框架
String sql = "select username from t_user where username = ? and password = ?";
//4.进行SQL语句的预编译
ps = conn.prepareStatement(sql);
//5.对SQL语句进行赋值
ps.setString(1, username);
ps.setString(2, pwd);
//6.执行SQL语句
rs = ps.executeQuery();
if(rs.next()) {
flag = true;
}
} catch (Exception e) {
e.printStackTrace();
}finally {
//关闭资源
if(rs != null) {
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(ps != null) {
try {
ps.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if(conn != null) {
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
if(flag) {
System.out.println("登录成功!!!");
}else {
System.out.println("对不起,您输入的用户名或密码错误!!!");
}
}
}