用户登录数据库验证（JAVA WEB开发）

第一步：建立数据库

---

 

 

（这部分已经在《关于oracle中自增字段问题总结》一文中写过。点此查看

 

---

第二步：创建一个查询过程，因为在登录时要根据用户名查询用户密码

---

此步要用到pl/sql编程知识，代码如下：

create or replace procedure sel_user(uname in varchar2,pass out varchar2) is
begin
select users.password into pass from users where users.username=uname and rownum = 1;
end;

---

第三步：编写登录页面（login.java）（采用纯java+servlet编写）

 

---

//login.java如下

 

package cn.hnu;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class testhtml extends HttpServlet {

 @Override
 protected void doGet(HttpServletRequest req, HttpServletResponse resp)
   throws ServletException, IOException {
  resp.setContentType("text/html;charset=gbk");
  try {
   PrintWriter pw = resp.getWriter();
   pw.println("<html>");
   pw.println("<head>");
   pw.println("<title>");
   pw.println("用户登录");
   pw.println("</title>");
   pw.println("</head>");
   pw.println("<body>");
   pw.println("<h1>用户登录</h1>");
   pw.println("<hr>");
   pw.println("<form method=post action=loginCl>");
   pw.println("用户名：<input type=text name=userName><br>");
   pw.println("密&nbsp&nbsp码：<input type=password name=password><br>");
   pw.println("<input type=submit value=登录>");
   pw.println("<input type=reset value=重置>");
   pw.println("</form>");
   pw.println("</body>");
   pw.println("</html>");
  } catch (Exception e) {
   e.printStackTrace();
   // TODO: handle exception
  }
 }

 @Override
 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
   throws ServletException, IOException {
  // TODO Auto-generated method stub
  this.doGet(req, resp);
 }
 

}

 

---

 

第四步：编程成功登录页面（wel.java） //wel.java如下，它主要用于用户正常登录后显示信息给用户

---

 

package cn.hnu;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class Wel extends HttpServlet {

 @Override
 protected void doGet(HttpServletRequest req, HttpServletResponse resp)
   throws ServletException, IOException {
  // TODO Auto-generated method stub

  //防止用户非法登录
  HttpSession hs = req.getSession();
  String s = (String)hs.getAttribute("pass");
  if(s == null){
   resp.sendRedirect("login");
  }
  PrintWriter pw = resp.getWriter();
  pw.write("welcome,hello");
 }

 @Override
 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
   throws ServletException, IOException {
  // TODO Auto-generated method stub
  this.doGet(req, resp);
 }

}

 

第五步：编写login处理页面（loginCl.java）

---

package cn.hnu;

import java.io.IOException;
import java.sql.*;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class loginCl extends HttpServlet {

 @Override
 protected void doGet(HttpServletRequest req, HttpServletResponse resp)
   throws ServletException, IOException {
  // TODO Auto-generated method stub
  String u = req.getParameter("userName");
  String p = req.getParameter("password");

  //查询数据库
  String pa=null;
  Connection ct = null;
  CallableStatement cs = null;

  try {
   Class.forName("oracle.jdbc.driver.OracleDriver");
   ct = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:oracle",
       "scott", "tiger");
   cs = ct.prepareCall("{call sel_user(?,?)}");
   cs.setString(1, u);
   cs.registerOutParameter(2, oracle.jdbc.OracleTypes.VARCHAR);
   cs.execute();
   pa = cs.getString(2);

   System.out.println("u=" + u + " p=" + pa);

  } catch (Exception e) {
   // TODO Auto-generated catch block
   e.printStackTrace();
  } finally {

   try {
    if (cs != null) {
     cs.close();
    }
    if (ct != null) {
     ct.close();
    }
   } catch (SQLException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
   }
  }

  //验证用户信息是否合法

  if (p.equals(pa)) {
   HttpSession hs = req.getSession(true);//防止用户非法登录
   hs.setAttribute("pass", "OK");
   resp.sendRedirect("wel");
  } else {
   resp.sendRedirect("login");
  }
 }

 @Override
 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
   throws ServletException, IOException {
  // TODO Auto-generated method stub
  this.doGet(req, resp);
 }

}

 

---

sql注入漏洞：

用下列语句可以将数据库中所有的数据查出来 

select * from users where username='adad' and users.password='1' or 1='1';

这里'username等于一个任意字符串，只要users.password为一个任意字符串+ 'or 1='1就可将数据库中所有的数据查出来。

因此如果用以下代码来验证用户是否合法，就不行了：

String u = req.getParameter("userName");
String p = req.getParameter("password");

Connection ct = null;

Statement st = null;

ResultSet rs = null;

try{

     Class.forName("oracle.jdbc.driver.OracleDriver");
     ct = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:oracle","scott", "tiger");

     st = ct.createStatement();

     rs = st.executeQuery("select top 1 * from users where username='"+u"' and password = '"+p+"'");

catch (Exception e) {
   // TODO Auto-generated catch block
   e.printStackTrace();
  } finally {

   try {
    if (rs != null) {
     rs.close();
    }
    if (st != null) {
     st.close();
    }

    if (ct != null) {
     ct.close();
    }
   } catch (SQLException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
   }
  }

  if (rs.next()){
   HttpSession hs = req.getSession(true);
   hs.setAttribute("pass", "OK");
   resp.sendRedirect("wel");
  } else {
   resp.sendRedirect("login");
  }