mysql之sql注入

本人理解的sql注入就是拼写代码,使sql的条件限制失效,查到重要的信息

package com.yeyue.lesson02;

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

//sql存在漏洞,会被攻击造成信息泄露
public class SQL注入 {
    public static void main(String[] args) {
        //login("we","332");
        login("' OR '1=1 ","' OR '1=1");
    }

    //登录
    public static void login(String username,String password){
        Connection conn = null;
        Statement st = null;
        ResultSet rs = null;
        try {
            conn = JdbcUtils.getConnection();

            st = conn.createStatement();
            //SELECT NAME,PASSWORD FROM users WHERE NAME = 'we' AND PASSWORD = '332';
            String sql = "SELECT NAME,PASSWORD FROM users WHERE NAME ='" + username+ "' AND password = '"+ password+"'";

            rs = st.executeQuery(sql);
            while(rs.next()){
                System.out.println(rs.getString("name"));
                System.out.println(rs.getString("password"));
                System.out.println("==============================================================================");
            }
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }finally {
            JdbcUtils.release(conn,st,rs);
        }
    }
}

引入对象【PreparedStatement】可以防止sql注入

package com.yeyue.lesson03;

import com.yeyue.lesson02.JdbcUtils;

import java.sql.*;

public class SQL注入 {
    public static void main(String[] args) {
        //login("lisi","3214");
        login("' OR '1=1 ","' OR '1=1");
    }

    //登录
    public static void login(String username,String password){
        Connection conn = null;
        PreparedStatement st = null;
        ResultSet rs = null;
        try {
            conn = JdbcUtils.getConnection();

            //PreparedStatement 防止sql注入的本质,把传递进来的参数当做字符
            //假设其中存在转义字符,比如 ' 就会被直接转义
            String sql = "SELECT NAME,PASSWORD FROM users WHERE NAME =? AND password = ?";

            st = conn.prepareStatement(sql);

            st.setString(1,username);
            st.setString(2,password);


            rs = st.executeQuery();
            while(rs.next()){
                System.out.println(rs.getString("name"));
                System.out.println(rs.getString("password"));
                System.out.println("==============================================================================");
            }
        } catch (SQLException throwables) {
            throwables.printStackTrace();
        }finally {
            JdbcUtils.release(conn,st,rs);
        }
    }
}
posted @ 2021-08-29 19:08  深夜暗月  阅读(97)  评论(0)    收藏  举报