package com.swift;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
public class LoginJDBC$PreparedStatement {
public static void main(String[] args) {
User userZhangsan=new User("swift","123456' or '1'='1");
if(login(userZhangsan)) {
System.out.println("账号密码正确,登陆成功");
}else {
System.out.println("登陆失败");
}
}
private static boolean login(User userZhangsan) {
Connection conn=null;
PreparedStatement ps=null;
ResultSet rs=null;
try {
//1、装载驱动
Class.forName("com.mysql.jdbc.Driver");
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
try {
//2、链接数据库,使用com.mysql.jdbc.Connection包会出错
conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/sw_database?user=root&password=root");
//3、创建连接语句
ps=conn.prepareStatement("select * from sw_user where username='"+userZhangsan.getUsername()+"' and password='"+userZhangsan.getPassword()+"'");
//4、执行SQL语句获得结果集
rs=ps.executeQuery();
if(rs.next()) {
return true;
}
} catch (SQLException e) {
e.printStackTrace();
}finally {
//关闭结果集
try {
if(rs!=null) {
rs.close();
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//关闭连接语句
try {
if(ps!=null) {
ps.close();
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//关闭数据库连接
try {
if(conn!=null) {
conn.close();
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return false;
}
}
上面代码中的sql语句通过字符串连接的方式,虽然已经使用了PreparedStatement,但依然不能防止注入,因为字符串连接可以加入'or '1'='1
ps=conn.prepareStatement("select * from sw_user where username='"+userZhangsan.getUsername()+"' and password='"+userZhangsan.getPassword()+"'");
将上面sql语句变为 select * from sw_user where username=? and password=?
就不存在字符串连接,password 加上其他字符sql也无法执行
所以代码修改如下:
package com.swift;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
public class LoginJDBC$PreparedStatement2 {
public static void main(String[] args) {
User userSwift=new User("zhangsan","123456");
if(login(userSwift)) {
System.out.println("账号密码正确,登陆成功");
}else {
System.out.println("登陆失败");
}
}
private static boolean login(User userSwift) {
Connection conn=null;
PreparedStatement ps=null;
ResultSet rs=null;
try {
//1、装载驱动
Class.forName("com.mysql.jdbc.Driver");
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
try {
//2、链接数据库,使用com.mysql.jdbc.Connection包会出错
conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/sw_database?user=root&password=root");
//3、创建连接语句
ps=conn.prepareStatement("select * from sw_user where username=? and password=?");
ps.setString(1, userSwift.getUsername());
ps.setString(2, userSwift.getPassword());
//4、执行SQL语句获得结果集
rs=ps.executeQuery();
if(rs.next()) {
return true;
}
} catch (SQLException e) {
e.printStackTrace();
}finally {
//关闭结果集
try {
if(rs!=null) {
rs.close();
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//关闭连接语句
try {
if(ps!=null) {
ps.close();
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//关闭数据库连接
try {
if(conn!=null) {
conn.close();
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return false;
}
}