import java.sql.*;
public class jdbcDemo6_preparedStatement {
public static void main(String[] args) throws Exception {
Class.forName("com.mysql.cj.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/news?serverTimezone=UTC";
String username = "root";
String password = "123456";
Connection connection = DriverManager.getConnection(url,username,password);
//用户接收的用户名和密码
String name = "root";
String pwd = "888888";
//定义sql语句
String sql = "select * from users where uname=? and passwd=?";
//获取preparedStatement对象
PreparedStatement preparedStatement = connection.prepareStatement(sql);
//设置?的值
preparedStatement.setString(1,name);
preparedStatement.setString(2,pwd);
//执行sql语句
ResultSet rs = preparedStatement.executeQuery();
//判断是否登录成功
if(rs.next()){
System.out.println("登录成功");
}else {
System.out.println("登录失败");
}
//释放资源
rs.close();
connection.close();
preparedStatement.close();
}
}
jdbc实现登录功能,并能进行sql注入
最新推荐文章于 2024-07-25 15:27:34 发布