MySQL數據庫干貨_29——SQL注入
SQL注入
什么是SQL注入
所謂 SQL 注入,就是通過把含有 SQL 語句片段的參數插入到需要執行的 SQL 語句中,最終達到欺騙數據庫服務器執行惡意操作的 SQL 命令。
SQL注入案例
/**
* SQL注入測試類
*/
public class SqlInjectTest {
/**
* 體現sql注入
*/
public void sqlInject(String username,int userage){
Connection connection =null;
Statement statement =null;
ResultSet resultSet =null;
try{
//獲取連接
connection = JdbcUtils.getConnection();
//創建Statement對象
statement = connection.createStatement();
//定義sql語句
String sql ="select * from users where username ='"+username+"' and userage = "+userage;
System.out.println(sql);
//執行sql語句
resultSet = statement.executeQuery(sql);
//處理結果集
while(resultSet.next()){
int userid = resultSet.getInt("userid");
String name = resultSet.getString("username");
int age = resultSet.getInt("userage");
System.out.println(userid+" "+name+" "+age);
}
}catch(Exception e){
e.printStackTrace();
}finally{
JdbcUtils.closeResource(resultSet,statement,connection);
}
}
public static void main(String[] args) {
SqlInjectTest sit = new SqlInjectTest();
sit.sqlInject("java' or 1=1 -- ",28);
}
}
解決SQL注入
public void noSqlInject(String username,int userage){
Connection connection = null;
PreparedStatement ps =null;
ResultSet resultSet = null;
try{
//獲取連接
connection = JdbcUtils.getConnection();
//創建PreparedStatement對象
ps = connection.prepareStatement("select * from users where username = ? and userage = ?");
//綁定參數
ps.setString(1,username);
ps.setInt(2,userage);
//執行sql
resultSet = ps.executeQuery();
//處理結果集
while(resultSet.next()){
int userid = resultSet.getInt("userid");
String name = resultSet.getString("username");
int age = resultSet.getInt("userage");
System.out.println(userid+" "+name+" "+age);
}
}catch(Exception e){
e.printStackTrace();
}finally{
JdbcUtils.closeResource(resultSet,ps,connection);
}
}
PreparedStatement操作數據庫時是語句和參數分離的發送給數據庫驅動進行編譯的(這句話很關鍵,面試中很有可能會提及!大家自行理解)
浙公網安備 33010602011771號