里面使用的工具类JUtils用于注册驱动和连接数据库以及资源释放。详情见连接:工具类详情
原始用户表:
package MS;
import jdbcUtil.JUtils;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
//用户登录
public class jdbc6 {
public static void main(String[] args) {
Scanner scanner=new Scanner(System.in);
System.out.println("请输入用户名");
String use= scanner.nextLine();
System.out.println("请输入密码");
String pwd=scanner.nextLine();
boolean flag = new jdbc6().login(use, pwd);
if(flag){
System.out.println("登录成功");
}else{
System.out.println("用户名或密码错误");
}
}
public boolean login(String username,String password){
if(username==null||password==null){
return false;
}
Connection connnection=null;
Statement statement=null;
ResultSet resultSet=null;
try {
connnection= JUtils.getConnnection();
statement = connnection.createStatement();
String sql="select * from user where username= '"+username+"' and password='"+password+"' ";
resultSet = statement.executeQuery(sql);
return resultSet.next();
} catch (SQLException e) {
e.printStackTrace();
}finally {
JUtils.close(statement,connnection,resultSet);
}
return false;
}
}
package MS;
import jdbcUtil.JUtils;
import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
//用户注册
public class jdbc6Add {
public static void main(String[] args) {
Scanner scanner=new Scanner(System.in);
System.out.println("请输入用户名");
String name= scanner.next();
System.out.println("请输入密码");
String pwd=scanner.next();
boolean flag = new jdbc6Add().register(name, pwd);
if (flag){
System.out.println("注册成功");
}else {
System.out.println("注册失败");
}
}
public boolean register(String name,String pwd) {
if(name==null||pwd==null){//保证注册的用户名和密码都必须填
return false;
}
Connection connnection = null;
Statement statement=null;
try {
connnection = JUtils.getConnnection();
statement = connnection.createStatement();
String sql="insert into user values(null,'"+name+"','"+pwd+"')";
statement.executeUpdate(sql);
} catch (SQLException e) {
e.printStackTrace();
}finally {
JUtils.close(statement,connnection);
}
return true;
}
}
package MS;
import jdbcUtil.JUtils;
import java.sql.*;
import java.util.Scanner;
public class jdbc6AddAdd {
public static void main(String[] args) {
Scanner scanner=new Scanner(System.in);
System.out.println("请输入用户名");
String use= scanner.nextLine();
System.out.println("请输入密码");
String pwd=scanner.nextLine();
boolean flag = new jdbc6AddAdd().login(use, pwd);
if(flag){
System.out.println("登录成功");
}else{
System.out.println("用户名或密码错误");
}
}
public boolean login(String username,String password){
if(username==null||password==null){
return false;
}
Connection connnection=null;
PreparedStatement statement=null;//Statement的子类,用于解决数据库注入
ResultSet resultSet=null;
try {
connnection= JUtils.getConnnection();
String sql="select * from user where username=? and password=?";
statement = connnection.prepareStatement(sql);
statement.setString(1,username);//1表示sql语句的第一个?
statement.setString(2,password);
resultSet = statement.executeQuery();//这里就不用再传入sql了,否则会与预编译的结果冲突,抛异常
return resultSet.next();
} catch (SQLException e) {
e.printStackTrace();
}finally {
JUtils.close(statement,connnection,resultSet);
}
return false;
}
}
现在就解决了数据库注入问题了。为了防止这个问题,如今的PreparedStatement以及取代了Statement。
本文地址:https://blog.csdn.net/weixin_44580398/article/details/107294867
如对本文有疑问, 点击进行留言回复!!
ScrollView和RecyclerView的滑动事件处理
配置JAVA环境+安装Android Studio全过程+踩坑记录
Android P Camera2当SD卡被拔出来自动切换到内部存储
android 多个edittext 判空监听 让Button动态是否可点击
Android开源项目滚轮选择器WheelPicker的基本用法总结
网友评论