SQL injection vulnerability process example and solution
|
Code example:
public class JDBCDemo3 {
public static void demo3_1(){
boolean flag = login("aaa' OR ' ","1651561"); //If the username is known, this method can be used to log in successfully without knowing the password if (flag) {
System.out.println("Login successful");
}else{
System.out.println("Login failed");
}
}
public static boolean login(String username,String password){
Connection conn=null;
Statement stat=null;
ResultSet rs=null;
boolean flag=false;
try {
conn = JDBCUtils.getConnection();
String sql="SELECT * FROM user WHERE username='"+username+"'AND password='"+password+"'"; //This is the key to the SQL injection vulnerability. Because it is a string concatenation, the query statement will become: SELECT * FROM user WHERE username='aaa' OR '' AND password='1651561'. This query statement can get a result set, so this vulnerability occursstat=conn.createStatement();
rs=stat.executeQuery(sql);
if(rs.next()){
flag=true;
}else{
flag=false;
}
} catch (SQLException e) {
e.printStackTrace();
}
return flag;
}Solution, use PrepareStatment:
public static void demo3_1(){
boolean flag=login1("aaa' OR ' ","1651561");
if (flag){
System.out.println("Login successful");
}else{
System.out.println("Login failed");
}
}
public static boolean login1(String username,String password){
Connection conn=null;
PreparedStatement pstat=null;
ResultSet rs=null;
boolean flag=false;
try {
conn = JDBCUtils.getConnection();
String sql="SELECT * FROM user WHERE username=? AND password=?"; //Use ? instead of parameter, pre-set sql format, even if you enter sql keywords, sql will not recognize it pstat=conn.prepareStatement(sql);
pstat.setString(1,username); //Set the value of the question mark pstat.setString(2,password);
rs=pstat.executeQuery();
if(rs.next()){
flag=true;
}else{
flag=false;
}
} catch (SQLException e) {
e.printStackTrace();
}
return flag;
}
}Using the above solution, it is impossible to successfully log in the user through the SQL injection vulnerability. The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM. You may also be interested in:
|
<<: Vue implements file upload and download
Recommend
4 solutions to mysql import csv errors
This is to commemorate the 4 pitfalls I stepped o...
Programs to query port usage and clear port usage in Windows operating system
In Windows operating system, the program to query...
Web designers also need to learn web coding
Often, after a web design is completed, the desig...
Introduction to the use of MySQL pt-slave-restart tool
Table of contents When setting up a MySQL master-...
A complete list of meta tag settings for mobile devices
Preface When I was studying the front end before,...
Vue implements drag progress bar
This article example shares the specific code of ...
How to manage docker through UI
Docker is being used in more and more scenarios. ...
Postman data encryption and decryption to implement APP login interface simulation request
Table of contents Mainly used Postman functions D...
Detailed explanation of inline-block layout implementation of CSS display attribute
CSS display property Note: If !DOCTYPE is specifi...
Simply understand the writing and execution order of MySQL statements
There is a big difference between the writing ord...
Vue page monitoring user preview time function implementation code
A recent business involves such a requirement tha...
Python Flask WeChat applet login process and login api implementation code
1. Let’s take a look at the effect first Data ret...
7 useful new TypeScript features
Table of contents 1. Optional Chaining 2. Null va...
MySQL multi-instance deployment and installation guide under Linux
What is MySQL multi-instance Simply put, MySQL mu...
Detailed explanation of the use of Vue's new built-in components
Table of contents 1. Teleport 1.1 Introduction to...