0
点赞
收藏
分享

微信扫一扫

IDEA学习记录19--sql注入与防范措施

eelq 2022-01-17 阅读 43

1、sql注入

package net.xdclass.web.dao;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;

public class JDBCtest {
    public static void main(String [] args) throws Exception{
/*        //1 加载JDBC驱动程序
        String driverName = "com.mysql.cj.jdbc.Driver";
        Class.forName(driverName);
        //2 建⽴立数据库连接Connection
        String userName = "root";
        String userPwd = "123456";
        String dbName = "xd_class";
        //协议:子协议://ip:端⼝口/数据库名称?参数1=值1&参数2=值2
        String url1 = "jdbc:mysql://127.0.0.1:3306/"+dbName;
        String url3 = "?userUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8&useSSL=false";
        String url = url1+url3;

        Connection connection = DriverManager.getConnection(url,userName,userPwd);
        System.out.println("success");//检验数据库是否连接成功

        //3 创建执⾏行行SQL的语句句Statement
        Statement statement = connection.createStatement();
        //4 处理理执⾏行行结果ResultSet
        ResultSet resultSet = statement.executeQuery("select  * from user");
        while (resultSet.next()){
            System.out.println("用户名称 name="+resultSet.getString("username")+
                    " 联系方式 wechat+"+resultSet.getString("wechat"));
        }

        //5 释放连接资源
        resultSet.close();
        statement.close();
        connection.close();*/
        testInjectSQL();
    }

    private static void testInjectSQL()throws Exception{
        //1 加载JDBC驱动程序
        String driverName = "com.mysql.cj.jdbc.Driver";
        Class.forName(driverName);
        //2 建⽴立数据库连接Connection
        String userName = "root";
        String userPwd = "123456";
        String dbName = "xd_class";
        //协议:子协议://ip:端⼝口/数据库名称?参数1=值1&参数2=值2
        String url1 = "jdbc:mysql://127.0.0.1:3306/"+dbName;
        String url3 = "?userUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8&useSSL=false";
        String url = url1+url3;

        Connection connection = DriverManager.getConnection(url,userName,userPwd);
        //System.out.println("success");//检验数据库是否连接成功

        String uname="jack";
        String upwd="666' or 1=1 or'";
        String sql= "select * from user where username='"+uname+"' and pwd='"+upwd+"'";
        //3 创建执⾏行行SQL的语句句Statement
        Statement statement = connection.createStatement();
        //4 处理理执⾏行行结果ResultSet
        ResultSet resultSet = statement.executeQuery(sql);
        while (resultSet.next()){
            System.out.println("用户名称 name="+resultSet.getString("username")+
                    " 联系方式 wechat+"+resultSet.getString("wechat"));
        }

        //5 释放连接资源
        resultSet.close();
        statement.close();
        connection.close();

    }
}

在url里修改参数就可能引起数据库信息泄露,甚至修改数据库内容
在这里插入图片描述
2、防范措施:
在这里插入图片描述
这样就把传入的值(or 1=1 or)当成值拼起来,而不是当成sql指令,提高了安全性。在这里插入图片描述

举报

相关推荐

0 条评论