1.登陆程序
login.jsp —- LoginServlet(web层) —- UserService(业务层) —- UserDAO(数据层)
1.1 login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<h1>登陆表单</h1>
<h3 style="color:red;">${msg }</h3>
<form action="/day13/login" method="post">
<table>
<tr>
<td>用户名</td>
<td><input type="text" name="name"/> </td>
</tr>
<tr>
<td>密码</td>
<td><input type="password" name="pwd" /></td>
</tr>
<tr>
<td colspan="2">
<input type="submit" value="登陆"/>
</td>
</tr>
</table>
</form>
</body>
</html>
1.2 LoginServlet(web层)
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
// 获得form表单对象 封装JavaBean
request.setCharacterEncoding("utf-8");
String name = request.getParameter("name");
String pwd = request.getParameter("pwd");
User user = new User();
user.setName(name);
user.setPwd(pwd);
// 传递 JavaBean 给 业务层
UserService userService = new UserService();
User existUser = userService.login(user);
// 根据结果决定跳转页面
if (existUser == null) {
// 登陆失败
request.setAttribute("msg", "用户名或者密码错误");
request.getRequestDispatcher("/login.jsp").forward(request,
response);
return;
} else {
// 登陆成功
request.getSession().setAttribute("existUser", existUser);
request.getRequestDispatcher("/welcome.jsp").forward(request,
response);
}
}
1.3 UserService(业务层)
public User login(User user) {
// 查询 将 user对象传递 DAO
//根据用户名 和 密码查询其它信息 如果返回null证明 用户名或者密码错误
UserDAO userDAO = new UserDAO();
return userDAO.login(user);
}
1.4 UserDAO(数据层)
public User login(User user) {
// JDBC查询
User existUser = null;
Connection conn = null;
PreparedStatement stmt = null;//预编译
ResultSet rs = null;
try {
conn = JDBCUtils.getConnection();
String sql = "select * from users where name = ? and pwd = ?"; // 数据库编译时
stmt = conn.prepareStatement(sql); // 将sql 发送给数据库进行编译
// 设置参数
stmt.setString(1, user.getName()); // or -- 传入数据值,不会作为关键字 --防止注入
stmt.setString(2, user.getPwd());
// 因为之前 将sql 传递数据库
rs = stmt.executeQuery();
// 如果登陆成功 只有一条记录
if (rs.next()) {
existUser = new User();
existUser.setId(rs.getInt("id"));
existUser.setName(rs.getString("name"));
existUser.setPwd(rs.getString("pwd"));
existUser.setEmail(rs.getString("email"));
}
} catch (Exception e) {
e.printStackTrace();
}
return existUser;
}
2.SQL注入
SQL注入
在form中提交信息时,根据SQL语法特殊性,编写关键字,而这些关键字拼接到sql中会改变原来sql运行效果 — 达到攻击目的
String sql = “select * from users where name = ” and pwd =””;
如果用户输入关键内容,改变登陆结果
用户名: ddd’ or ‘1’=’1
密码:xxx
select * from users where name = ‘ddd’ or ‘1’=’1’ and pwd =’xxx’
用注释注入 –
用户名: ddd’ –
密码: xxx
select * from users where name = ‘ddd’ – ’ and pwd =’xxx’
不知道账户登陆
用户名: xxx’ or ‘1’=’1’ –
密码: xxx
select * from users where name = ‘xxx’ or ‘1’=’1’ – ’ and pwd =’xxx’
在Java语言解决SQL 注入 —- 使用预编译 PreparedStatement
参见上面的登陆程序。