Troubleshooting SQL injection issues-SQL-php.cn

Home

Database

SQL

Troubleshooting SQL injection issues

coldplay.xixi

Jan 12, 2021 am 09:22 AM

sql injection

<img src="/static/imghwm/default1.png" data-src="https://img.php.cn/upload/article/000/000/052/5ffcf9b492b47340.jpg?x-oss-process=image/resize,p_40" class="lazy" alt="Troubleshooting SQL injection issues" >

Recommended (free):<a href="https://www.php.cn/sql/" target="_blank">SQL tutorial</a>

SQL What is injection?

Look at the definition of Baidu Encyclopedia:
Troubleshooting SQL injection issues
Ah, it’s such a long paragraph. I don’t want to read it. Let’s use an example to explain what SQL injection is. :

Create a new database, create a table, and add two rows of data:

use db1;create table user(
	id int primary key auto_increment,
	username varchar(32),
	password varchar(32));insert into user values(null,'zhangsan','123');insert into user values(null,'lisi','234');

The table is as shown below:
Troubleshooting SQL injection issues
Use it casually JDBCWrite a login operation:

package com.wzq.jdbc;import com.wzq.util.JDBCUtils;import java.sql.Connection;import java.sql.ResultSet;import java.sql.SQLException;import java.sql.Statement;import java.util.Scanner;/*
 *   需求：
 *       1、通过键盘录入用户名和密码
 *       2、判断用户是否登陆成功
 * */public class JDBCDemo05 {

    public static void main(String[] args) {
        Scanner cin = new Scanner(System.in);
        System.out.println("请输入用户名：");
        String username = cin.nextLine();
        System.out.println("请输入密码：");
        String password = cin.nextLine();

        boolean res = new JDBCDemo05().login(username, password);
        if (res) System.out.println("登陆成功！");
        else System.out.println("登陆失败！");

    }

    public boolean login(String username, String password) {
        if (username == null || password == null) {
            return false;
        }
        Connection conn = null;
        Statement stmt = null;
        ResultSet rs = null;
        try {
            //1、获取数据库连接
            conn = JDBCUtils.getConnection();   //JDBCUtils工具类
            //2、定义sql
            String sql = "select * from user where username = '" + username + "' and password = '" + password + "'";
            //3、获取执行sql的对象
            stmt = conn.createStatement();
            //4、执行sql
            rs = stmt.executeQuery(sql);
            return rs.next();
        } catch (SQLException e) {
            e.printStackTrace();
        } finally {
            JDBCUtils.close(rs, stmt, conn);
        }
        return false;
    }}

Test it:
Troubleshooting SQL injection issues
You can see that there is no problem with the ordinary test. Now use SQL injection:

Enter the account name casually, enter the password: a' or 'a'='a
Troubleshooting SQL injection issues
I was surprised to find that the login was successful. Output sql and take a look:

select * from user where username = 'askjdhjksahd' and password = 'a' or 'a' = 'a'

You can see the conditions after where. No matter what result is true, the entire table will be output:
Troubleshooting SQL injection issues
So, to sum up: when splicing sql, some sql special keywords participate in string splicing, which will cause security problems. This This is the reason why the login is successful above.

So how to solve this problem?

Answer: Use the PreparedStatement object instead of the Statement object.

PreparedStatement object is a subclass of Statement object. It is precompiled sql, so it runs faster than StatemnetFaster.

PerpaerdStatementUse ? as a placeholder and use setXxx(index, value) to assign a value## to ?

#So let’s replace

Statement and write the code:

    public boolean login(String username, String password) {        if (username == null || password == null) {            return false;
        }
        Connection conn = null;
        PreparedStatement pstmt = null;
        ResultSet rs = null;
        try {            //1、获取数据库连接
            conn = JDBCUtils.getConnection();   //JDBCUtils类
            //2、定义sql
            String sql = "select * from user where username = ? and password = ?";
            //3、获取执行sql的对象
            pstmt = conn.prepareStatement(sql);
            pstmt.setString(1,username);
            pstmt.setString(2,password);
            //4、执行sql
            rs = pstmt.executeQuery();
            return rs.next();
        } catch (SQLException e) {
            e.printStackTrace();
        } finally {
            JDBCUtils.close(rs, pstmt, conn);
        }        return false;
    }

Test it:

Troubleshooting SQL injection issues Successfully solved!

The above is the detailed content of Troubleshooting SQL injection issues. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:CSDN. If there is any infringement, please contact admin@php.cn delete

OLTP vs OLAP: What about big data?May 14, 2025 am 12:06 AM

OLTPandOLAParebothessentialforbigdata:OLTPhandlesreal-timetransactions,whileOLAPanalyzeslargedatasets.1)OLTPrequiresscalingwithtechnologieslikeNoSQLforbigdata,facingchallengesinconsistencyandsharding.2)OLAPusesHadoopandSparktoprocessbigdata,withsetup

What is Pattern Matching in SQL and How Does It Work?May 13, 2025 pm 04:09 PM

PatternmatchinginSQLusestheLIKEoperatorandregularexpressionstosearchfortextpatterns.Itenablesflexibledataqueryingwithwildcardslike%and_,andregexforcomplexmatches.It'sversatilebutrequirescarefulusetoavoidperformanceissuesandoveruse.

Learning SQL: Understanding the Challenges and RewardsMay 11, 2025 am 12:16 AM

Learning SQL requires mastering basic knowledge, core queries, complex JOIN operations and performance optimization. 1. Understand basic concepts such as tables, rows, and columns and different SQL dialects. 2. Proficient in using SELECT statements for querying. 3. Master the JOIN operation to obtain data from multiple tables. 4. Optimize query performance, avoid common errors, and use index and EXPLAIN commands.

SQL: Unveiling Its Purpose and FunctionalityMay 10, 2025 am 12:20 AM

The core concepts of SQL include CRUD operations, query optimization and performance improvement. 1) SQL is used to manage and operate relational databases and supports CRUD operations. 2) Query optimization involves the parsing, optimization and execution stages. 3) Performance improvement can be achieved through the use of indexes, avoiding SELECT*, selecting the appropriate JOIN type and pagination query.

SQL Security Best Practices: Protecting Your Database from VulnerabilitiesMay 09, 2025 am 12:23 AM

Best practices to prevent SQL injection include: 1) using parameterized queries, 2) input validation, 3) minimum permission principle, and 4) using ORM framework. Through these methods, the database can be effectively protected from SQL injection and other security threats.

MySQL: A Practical Application of SQLMay 08, 2025 am 12:12 AM

MySQL is popular because of its excellent performance and ease of use and maintenance. 1. Create database and tables: Use the CREATEDATABASE and CREATETABLE commands. 2. Insert and query data: operate data through INSERTINTO and SELECT statements. 3. Optimize query: Use indexes and EXPLAIN statements to improve performance.

Comparing SQL and MySQL: Syntax and FeaturesMay 07, 2025 am 12:11 AM

The difference and connection between SQL and MySQL are as follows: 1.SQL is a standard language used to manage relational databases, and MySQL is a database management system based on SQL. 2.SQL provides basic CRUD operations, and MySQL adds stored procedures, triggers and other functions on this basis. 3. SQL syntax standardization, MySQL has been improved in some places, such as LIMIT used to limit the number of returned rows. 4. In the usage example, the query syntax of SQL and MySQL is slightly different, and the JOIN and GROUPBY of MySQL are more intuitive. 5. Common errors include syntax errors and performance issues. MySQL's EXPLAIN command can be used for debugging and optimizing queries.

SQL: A Guide for Beginners - Is It Easy to Learn?May 06, 2025 am 12:06 AM

SQLiseasytolearnforbeginnersduetoitsstraightforwardsyntaxandbasicoperations,butmasteringitinvolvescomplexconcepts.1)StartwithsimplequerieslikeSELECT,INSERT,UPDATE,DELETE.2)PracticeregularlyusingplatformslikeLeetCodeorSQLFiddle.3)Understanddatabasedes

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

How to fix KB5055612 fails to install in Windows 10?

4 weeks agoByDDD

Roblox: Grow A Garden - Complete Mutation Guide

3 weeks agoByDDD

Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys

3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Nordhold: Fusion System, Explained

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Mandragora: Whispers Of The Witch Tree - How To Unlock The Grappling Hook

3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.