SQL注入

最新推荐文章于 2024-10-05 00:24:42 发布

初学者.程序羊

最新推荐文章于 2024-10-05 00:24:42 发布

阅读量68

点赞数

文章标签： sql 数据库 oracle

本文链接：https://blog.csdn.net/m0_67961353/article/details/134579148

版权

定义

所谓SQL，就是把含有SQL语句的参数插入到所需要执行的SQL语句中，最终达到欺骗数据库服务器恶意操作数据库器执行恶意操作的SQL命令

如何实现SQL注入

public class SqlinjectTest {
    /*
    体现sql注入
     */
    public void sqlInject(String username,int userage) throws SQLException {
//
        Connection connection=null;
        Statement statement=null;
        try {
//            获取连接
            Class.forName("com.mysql.jdbc.Driver");
            String url = "jdbc:mysql://localhost:3306/bjsxt?useSSL=true&verifyServerCertificate=false";
            String user = "root";
            String password = "123456";
            connection = DriverManager.getConnection(url, user, password);
            statement=connection.createStatement();
            String sql="SELECT * FROM users where username='"+username+"' and userage='"+userage+"'";
//            执行SQL语句
            ResultSet resultSet=statement.executeQuery(sql);
//            处理结果集
            while (resultSet.next()){
                int userid=resultSet.getInt("userid");
                String name=resultSet.getString("username");
                int age=resultSet.getInt("userage");
                System.out.println(userid+" "+name+"    "+age);
            }

        }catch (Exception e){
            e.printStackTrace();
        }finally {
            connection.close();
            statement.close();

        }
    }

解决SQL注入问题

public void noSqlInject(String usrname,int userage) throws SQLException {
        Connection connection = null;
        PreparedStatement ps=null;
        ResultSet resultSet=null;
        try {
            Class.forName("com.mysql.jdbc.Driver");
            String url = "jdbc:mysql://localhost:3306/bjsxt?useSSL=true&verifyServerCertificate=false";
            String user = "root";
            String password = "123456";
            //            获取连接
            connection = DriverManager.getConnection(url, user, password);

//            创建PreparedStatement对象
            ps=connection.prepareStatement("select * from users where username=? and userage=?");
//            绑定参数
            ps.setString(1,usrname);
            ps.setInt(2,userage);
//          执行SQL
            resultSet=ps.executeQuery();
            //处理结果集
            while (resultSet.next()){
                int userid=resultSet.getInt("userid");
                String name=resultSet.getString("username");
                int age=resultSet.getInt("userage");
                System.out.println(userid+" "+name+"    "+age);
            }

        }catch (Exception e){
            e.printStackTrace();

        }finally {
            ps.close();
           connection.close();

        }

    }

测试代码

 public static void main(String[] args) throws SQLException {
        SqlinjectTest sqlinjectTest=new SqlinjectTest();
       // sqlinjectTest.sqlInject("一只猫' or 1=1 -- ",28);
        sqlinjectTest.noSqlInject("一只猫' or 1=1 -- ",28);
    }

总结

package YYu;

import java.sql.*;

/*
    Sql注入测试类
 */
public class SqlinjectTest {
    /*
    体现sql注入
     */
    public void sqlInject(String username,int userage) throws SQLException {
//
        Connection connection=null;
        Statement statement=null;
        try {
//            获取连接
            Class.forName("com.mysql.jdbc.Driver");
            String url = "jdbc:mysql://localhost:3306/bjsxt?useSSL=true&verifyServerCertificate=false";
            String user = "root";
            String password = "123456";
            connection = DriverManager.getConnection(url, user, password);
            statement=connection.createStatement();
            String sql="SELECT * FROM users where username='"+username+"' and userage='"+userage+"'";
//            执行SQL语句
            ResultSet resultSet=statement.executeQuery(sql);
//            处理结果集
            while (resultSet.next()){
                int userid=resultSet.getInt("userid");
                String name=resultSet.getString("username");
                int age=resultSet.getInt("userage");
                System.out.println(userid+" "+name+"    "+age);
            }

        }catch (Exception e){
            e.printStackTrace();
        }finally {
            connection.close();
            statement.close();

        }
    }
    public void noSqlInject(String usrname,int userage) throws SQLException {
        Connection connection = null;
        PreparedStatement ps=null;
        ResultSet resultSet=null;
        try {
            Class.forName("com.mysql.jdbc.Driver");
            String url = "jdbc:mysql://localhost:3306/bjsxt?useSSL=true&verifyServerCertificate=false";
            String user = "root";
            String password = "123456";
            //            获取连接
            connection = DriverManager.getConnection(url, user, password);

//            创建PreparedStatement对象
            ps=connection.prepareStatement("select * from users where username=? and userage=?");
//            绑定参数
            ps.setString(1,usrname);
            ps.setInt(2,userage);
//          执行SQL
            resultSet=ps.executeQuery();
            //处理结果集
            while (resultSet.next()){
                int userid=resultSet.getInt("userid");
                String name=resultSet.getString("username");
                int age=resultSet.getInt("userage");
                System.out.println(userid+" "+name+"    "+age);
            }

        }catch (Exception e){
            e.printStackTrace();

        }finally {
            ps.close();
           connection.close();

        }

    }

    public static void main(String[] args) throws SQLException {
        SqlinjectTest sqlinjectTest=new SqlinjectTest();
       // sqlinjectTest.sqlInject("一只猫' or 1=1 -- ",28);
        sqlinjectTest.noSqlInject("一只猫' or 1=1 -- ",28);
    }
}