防止sql注入方法 如何防止java中将MySQL的数据库验证密码加上 ' or '1'= '1 就可以出现万能密码 的PreparedStatement

package com.swift;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class LoginJDBC$PreparedStatement {

    public static void main(String[] args) {
        User userZhangsan=new User("swift","123456' or '1'='1");
        if(login(userZhangsan)) {
            System.out.println("账号密码正确,登陆成功");
        }else {
            System.out.println("登陆失败");
        } 
    }

    private static boolean login(User userZhangsan) {
        
        Connection conn=null;
        PreparedStatement ps=null;
        ResultSet rs=null;
        try {
            //1、装载驱动
            Class.forName("com.mysql.jdbc.Driver");
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        }
        try {
            //2、链接数据库,使用com.mysql.jdbc.Connection包会出错
            conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/sw_database?user=root&password=root");
            //3、创建连接语句
            ps=conn.prepareStatement("select * from sw_user where username='"+userZhangsan.getUsername()+"' and password='"+userZhangsan.getPassword()+"'");
            //4、执行SQL语句获得结果集
            rs=ps.executeQuery();
            if(rs.next()) {
                return true;
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }finally {
            //关闭结果集
            try {
                if(rs!=null) {
                   rs.close();
                }
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
            //关闭连接语句
            try {
                if(ps!=null) {
                   ps.close();
                }
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
            //关闭数据库连接
            try {
                if(conn!=null) {
                    conn.close();
                }
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
        }
        return false;
        
    }

}
上面代码中的sql语句通过字符串连接的方式,虽然已经使用了PreparedStatement,但依然不能防止注入,因为字符串连接可以加入'or '1'='1
ps=conn.prepareStatement("select * from sw_user where username='"+userZhangsan.getUsername()+"' and password='"+userZhangsan.getPassword()+"'");
将上面sql语句变为 select * from sw_user where username=? and password=?
就不存在字符串连接,password 加上其他字符sql也无法执行
所以代码修改如下:
package com.swift;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

public class LoginJDBC$PreparedStatement2 {

    public static void main(String[] args) {
        User userSwift=new User("zhangsan","123456");
        if(login(userSwift)) {
            System.out.println("账号密码正确,登陆成功");
        }else {
            System.out.println("登陆失败");
        } 
    }

    private static boolean login(User userSwift) {
        
        Connection conn=null;
        PreparedStatement ps=null;
        ResultSet rs=null;
        try {
            //1、装载驱动
            Class.forName("com.mysql.jdbc.Driver");
        } catch (ClassNotFoundException e) {
            e.printStackTrace();
        }
        try {
            //2、链接数据库,使用com.mysql.jdbc.Connection包会出错
            conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/sw_database?user=root&password=root");
            //3、创建连接语句
            ps=conn.prepareStatement("select * from sw_user where username=? and password=?");
            ps.setString(1, userSwift.getUsername());
            ps.setString(2, userSwift.getPassword());
            //4、执行SQL语句获得结果集
            rs=ps.executeQuery();
            if(rs.next()) {
                return true;
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }finally {
            //关闭结果集
            try {
                if(rs!=null) {
                   rs.close();
                }
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
            //关闭连接语句
            try {
                if(ps!=null) {
                   ps.close();
                }
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
            //关闭数据库连接
            try {
                if(conn!=null) {
                    conn.close();
                }
            } catch (SQLException e) {
                // TODO Auto-generated catch block
                e.printStackTrace();
            }
        }
        return false;
        
        
    }

}

 

 
posted @ 2017-09-21 17:59  Advancing-Swift  阅读(1233)  评论(0编辑  收藏  举报