目前运用到的知识点
以解决SQL注入问题并且添加图形界面 -----> Javase JDBC mySQL JavaFX
未解决SQL注入问题( 无图形界面)-------> Javase JDBC mySQL
已解决SQL注入问题(无图形界面)--------> Javase JDBC mySQL
未来改进:
- 添加图形界面(已经完成)(2020/8/19)
- 提供注册功能
- 美化界面
提供三种系统以供对比:(以下的数据库名、数据库用户和密码请自行输入)
已解决SQL注入问题并且添加图形界面
package LoginSystem;
import javafx.application.Application;
import javafx.geometry.Insets;
import javafx.geometry.Pos;
import javafx.scene.Scene;
import javafx.scene.control.Button;
import javafx.scene.control.ContentDisplay;
import javafx.scene.control.Label;
import javafx.scene.control.TextField;
import javafx.scene.input.KeyCode;
import javafx.scene.layout.BorderPane;
import javafx.scene.layout.GridPane;
import javafx.scene.layout.HBox;
import javafx.scene.layout.StackPane;
import javafx.scene.text.Text;
import javafx.stage.Modality;
import javafx.stage.Stage;
import javafx.stage.StageStyle;
import java.sql.*;
public class LoginFX extends Application {
public static void main(String[] args) {
launch(args);
}
Label lblUserId = null;
Label lblPassWord = null;
TextField tfUserId = null;
TextField tfPassWord = null;
Stage stgSuccess = null;
Stage stgFail = null;
@Override
public void start(Stage primaryStage) {
//登录成功的窗口
stgSuccess = new Stage();
stgSuccess.setResizable(false);//设置无法调节窗口大小
stgSuccess.initStyle(StageStyle.UTILITY);//窗口只有退出
stgSuccess.initModality(Modality.APPLICATION_MODAL);//只能点改窗口
Text textSuccess = new Text("登录成功");
Button btSuccess = new Button("确定");
HBox hBoxForSuccessButton = new HBox();
hBoxForSuccessButton.getChildren().add(btSuccess);
hBoxForSuccessButton.setAlignment(Pos.CENTER);
hBoxForSuccessButton.setPadding(new Insets(5));
BorderPane paneForSuccess = new BorderPane();
StackPane paneForSuccessText = new StackPane();
paneForSuccessText.getChildren().add(textSuccess);
paneForSuccess.setCenter(paneForSuccessText);
paneForSuccess.setBottom(hBoxForSuccessButton);
Scene sceneForSuccess = new Scene(paneForSuccess,150,80);
stgSuccess.setScene(sceneForSuccess);
btSuccess.setOnAction(event -> {
//登录成功后点击确认的操作,之后可以加入更多的后续操作
stgSuccess.close();
});
btSuccess.setOnKeyPressed(event -> {if(event.getCode() == KeyCode.ENTER) stgSuccess.close();});
//登陆失败的窗口
stgFail = new Stage();
stgFail.setResizable(false);//设置无法调节窗口大小
stgFail.initStyle(StageStyle.UTILITY);//窗口只有退出
stgFail.initModality(Modality.APPLICATION_MODAL);//只能点改窗口
Text textFail = new Text("登录失败");
Button btFail = new Button("确定");
HBox hBoxForFailButton = new HBox();
hBoxForFailButton.getChildren().add(btFail);
hBoxForFailButton.setAlignment(Pos.CENTER);
hBoxForFailButton.setPadding(new Insets(5));
BorderPane paneForFail = new BorderPane();
StackPane paneForFailText = new StackPane();
paneForFailText.getChildren().add(textFail);
paneForFail.setCenter(paneForFailText);
paneForFail.setBottom(hBoxForFailButton);
Scene sceneForFail = new Scene(paneForFail,150,80);
stgFail.setScene(sceneForFail);
btFail.setOnAction(event -> {
//登录失败后点击确认的操作,之后可以加入更多的后续操作
stgFail.close();
});
btFail.setOnKeyPressed(event -> {if(event.getCode() == KeyCode.ENTER) stgFail.close();});
//登录的UI界面
tfUserId = new TextField();
lblUserId = new Label("用户名:",tfUserId);
lblUserId.setContentDisplay(ContentDisplay.RIGHT);
tfPassWord = new TextField();
lblPassWord = new Label("密码: ",tfPassWord);
lblPassWord.setContentDisplay(ContentDisplay.RIGHT);
GridPane gridPane = new GridPane();
gridPane.setAlignment(Pos.CENTER);
gridPane.setVgap(15);
gridPane.add(lblUserId,0,0);
gridPane.add(lblPassWord,0,1);
Button btSubmit = new Button("提交");
HBox hBox = new HBox(10);
hBox.setPadding(new Insets(5));
hBox.getChildren().addAll(btSubmit);
hBox.setAlignment(Pos.CENTER);
BorderPane pane = new BorderPane();
pane.setBottom(hBox);
pane.setCenter(gridPane);
btSubmit.setOnAction(event -> judge());
btSubmit.setOnKeyPressed(event -> {if(event.getCode() == KeyCode.ENTER) judge();});
tfPassWord.setOnKeyPressed(event -> {if(event.getCode() == KeyCode.ENTER) judge();});
tfUserId.setOnKeyPressed(event -> {if(event.getCode() == KeyCode.ENTER) judge();});
Scene scene = new Scene(pane,400,300);
primaryStage.setScene(scene);
primaryStage.setTitle("用户登录系统");
primaryStage.show();
}
public void judge(){
if (submit() == true){
//账号密码正确
stgSuccess.show();
}else {
//账号密码错误
stgFail.show();
}
}
private boolean submit() {
Connection conn = null;
//用PreparedStatement代替Statement
PreparedStatement ps= null;
ResultSet rs= null;
try {
//取出Map集合中用户输入的账户名和密码
String inputName = tfUserId.getText();
String inputPwd = tfPassWord.getText();
// 1、注册驱动
Class.forName("com.mysql.jdbc.Driver");
// 2、获取连接
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/输入数据库名","请输入用户名","请输入密码");
// 3、获取数据库操作对象
//先建立起一个sql框架,用?占位符占位
String sql = "select * from t_user where loginName = ? and loginPwd = ?";
ps = conn.prepareStatement(sql);
//给?占位符传值
ps.setString(1,inputName);
ps.setString(2,inputPwd);
// 4、执行sql语句
rs = ps.executeQuery();
// 5、获取查询结果集
if (rs.next() == true){
return true;
}
// 6、释放资源
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (ps != null) {
try {
ps.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
//账户密码不正确
return false;
}
}
未解决SQL注入问题( 无图形界面)
package com.jdbc;
import java.sql.*;
import java.util.HashMap;
import java.util.Map;
import java.util.Scanner;
public class jdbctest {
public static void main(String[] args) {
//初始化一个界面,得到用户输入的账户密码
Map<String,String> userLoginInfo = initUI();
//验证用户名和密码
boolean loginSuccess = login(userLoginInfo);
//最后输出结果
System.out.println(loginSuccess?"登录成功":"登录失败");
}
/**
* 用户登录
* @param userLoginInfo 用户登录信息
* @return 登录信息是否正确 正确返回true,错误返回false
*/
private static boolean login(Map<String, String> userLoginInfo) {
//JDBC代码
Connection conn = null;
Statement stmt = null;
ResultSet rs= null;
try {
// 1、注册驱动
Class.forName("com.mysql.jdbc.Driver");
// 2、获取连接
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/填入数据库名","填入账户","此处填入密码");
// 3、获取数据库操作对象
stmt = conn.createStatement();
// 4、执行sql语句
//取出Map集合中用户输入的账户名和密码
String inputName = userLoginInfo.get("loginName");
String inputPwd = userLoginInfo.get("loginPwd");
String sql = "select * from t_user where loginName = '"+inputName+"' and loginPwd = '"+inputPwd+"'";
rs = stmt.executeQuery(sql);
// 5、获取查询结果集
if (rs.next() == true){
return true;
}
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}finally {
// 6、释放资源
if (rs != null) {
try {
rs.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
//账户密码不正确
return false;
}
/**
* 初始化用户界面,,得到用户输入的账户密码
* @return 用户输入的用户名和密码等登录信息
*/
private static Map<String, String> initUI() {
Scanner s = new Scanner(System.in);
System.out.println("请输入用户名");
String loginName = s.nextLine();
System.out.println("请输入密码");
String loginPwd = s.nextLine();
Map<String,String> userLoginInfo = new HashMap<>();
userLoginInfo.put("loginName",loginName);
userLoginInfo.put("loginPwd",loginPwd);
return userLoginInfo;
}
}
已解决SQL注入问题(无图形界面)
package com.jdbc;
import java.sql.*;
import java.util.HashMap;
import java.util.Map;
import java.util.Scanner;
public class jdbctest {
public static void main(String[] args) {
//初始化一个界面,得到用户输入的账户密码
Map<String,String> userLoginInfo = initUI();
//验证用户名和密码
boolean loginSuccess = login(userLoginInfo);
//最后输出结果
System.out.println(loginSuccess?"登录成功":"登录失败");
}
/**
* 用户登录
* @param userLoginInfo 用户登录信息
* @return 登录信息是否正确 正确返回true,错误返回false
*/
private static boolean login(Map<String, String> userLoginInfo) {
//JDBC代码
Connection conn = null;
//用PreparedStatement代替Statement
PreparedStatement ps= null;
ResultSet rs= null;
try {
//取出Map集合中用户输入的账户名和密码
String inputName = userLoginInfo.get("loginName");
String inputPwd = userLoginInfo.get("loginPwd");
// 1、注册驱动
Class.forName("com.mysql.jdbc.Driver");
// 2、获取连接
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/数据库名","账号","密码");
// 3、获取数据库操作对象
//先建立起一个sql框架,用?占位符占位
String sql = "select * from t_user where loginName = ? and loginPwd = ?";
ps = conn.prepareStatement(sql);
//给?占位符传值
ps.setString(1,inputName);
ps.setString(2,inputPwd);
// 4、执行sql语句
rs = ps.executeQuery();
// 5、获取查询结果集
if (rs.next() == true){
return true;
}
// 6、释放资源
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException throwables) {
throwables.printStackTrace();
}finally {
if (rs != null) {
try {
rs.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (ps != null) {
try {
ps.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException throwables) {
throwables.printStackTrace();
}
}
}
//账户密码不正确
return false;
}
/**
* 初始化用户界面,,得到用户输入的账户密码
* @return 用户输入的用户名和密码等登录信息
*/
private static Map<String, String> initUI() {
Scanner s = new Scanner(System.in);
System.out.println("请输入用户名");
String loginName = s.nextLine();
System.out.println("请输入密码");
String loginPwd = s.nextLine();
Map<String,String> userLoginInfo = new HashMap<>();
userLoginInfo.put("loginName",loginName);
userLoginInfo.put("loginPwd",loginPwd);
return userLoginInfo;
}
}