public static int login(String strName, String strPass) throws ClassNotFoundException, SQLException
{
//加载驱动
Class.forName("oracle.jdbc.driver.OracleDriver");
//连接url
String strUrl="jdbc:oracle:thin:@localhost:1521:orcl";
//获取数据库连接
Connection con= DriverManager.getConnection(strUrl,"scott","tiger");
//获得statement对象(执行sql语句)
// Statement st=con.createStatement();
//查询或者更新
String strSql = "select * from userinfo where username = ? and password = ?";
PreparedStatement ps = con.prepareStatement(strSql);
ps.setString(1,strName);
ps.setString(2,strPass);
//处理结果
ResultSet rs = ps.executeQuery();
int nResult = 0;
if(rs.next())
{
nResult = 1;
}
//关闭连接
rs.close();
ps.close();
con.close();
return nResult;
}
public static void main(String[] args) throws ClassNotFoundException, SQLException
{
int n = login("neusoft", "' OR 1=1 OR '' = '");
if(n>0)
{
System.out.println("登录成功");
}
else
{
System.out.println("登录失败");
}
}
}
jdbcuser登陆端
最新推荐文章于 2023-02-20 13:34:41 发布