zoukankan      html  css  js  c++  java

  • java sql

    import java.sql.Connection;
    import java.sql.DriverManager;
    import java.sql.PreparedStatement;
    import java.sql.ResultSet;
    import java.sql.SQLException;
    import java.sql.Savepoint;
    import java.sql.Statement;

    import com.mysql.jdbc.Driver;

    public class Sqltest {

    private final static String DRIVER="com.mysql.jdbc.Driver";
    private final static String URL = "jdbc:mysql://127.0.0.1:3306/signin";
    private final static String USERNAME = "root";
    private final static String PASSWORD = "21424019";
    public static void main(String[] args) {
    // TODO Auto-generated method stub
    try {
    Driver driver = (Driver)Class.forName(DRIVER).newInstance();
    DriverManager.registerDriver(driver);
    Connection con = DriverManager.getConnection(URL, USERNAME, PASSWORD);
    con.setAutoCommit(false);
    //String sql="select user_id from `test`.`new_table` where user_id=";
    String sql="insert into test.new_table(user_id,password) values(?,?)";
    String sql2=" and password=";
    String user_id1="harry1",password1="123456";
    String user_id2="'potter1' or '1'='1'--";
    String password2="'23456790'";
    StringBuffer sb=new StringBuffer();
    sb.append(sql);
    sb.append(user_id1);
    sb.append(sql2);
    sb.append(password1);
    PreparedStatement preparestatement = con.prepareStatement(sql);
    preparestatement.setString(1,user_id1);
    preparestatement.setString(2, password1);
    Savepoint svpt=con.setSavepoint();
    int lines=preparestatement.executeUpdate();
    if(lines>=1)
    {
    System.out.println(lines);
    con.rollback();
    //con.rollback(svpt);
    }

    con.commit();

    con.releaseSavepoint(svpt);
    /*Statement statement = con.createStatement();
    System.out.println("sql: "+sb.toString());
    ResultSet result= statement.executeQuery(sb.toString());
    while(result.next())
    {
    System.out.println("USER_ID1");
    System.out.println(result.getString(1));
    }
    sb.setLength(0);
    sb.append(sql);
    sb.append(user_id2);
    sb.append(sql2);
    sb.append(password2);
    ResultSet result2 = statement.executeQuery(sb.toString());
    while(result2.next())
    {
    System.out.println("USER_ID2");
    System.out.println(result2.getString(1));
    }*/
    } catch (InstantiationException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    } catch (IllegalAccessException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    } catch (ClassNotFoundException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    } catch (SQLException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
    }
    }

    }
  • 相关阅读:
    CFgym102394I
    Infinite Fraction Path (后缀数组)
    2016ACM/ICPC亚洲区沈阳站-重现赛
    2sat学习笔记
    bzoj4176
    bzoj3309
    6C
    3U
    3T
    3R
  • 原文地址:https://www.cnblogs.com/earendil/p/4509667.html
Copyright © 2011-2022 走看看