一个简单的SQL注入

本例采用JSP+Servlet+Mysql:
 
1. 数据库:
 
数据库名:sqlinject
 
 
[plain] CREATE DATABASE sqlinject; 
 
CREATE DATABASE sqlinject;
建user表:
 
 
[plain]        Table: user 
Create Table: CREATE TABLE `user` ( 
  `id` int(11) NOT NULL AUTO_INCREMENT, 
  `name` varchar(20) NOT NULL, 
  `易做图` varchar(20) DEFAULT NULL, 
  PRIMARY KEY (`id`) 
) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8 
 
       Table: user
Create Table: CREATE TABLE `user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(20) NOT NULL,
  `易做图` varchar(20) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8
表中一些记录:
 
 
[plain] mysql> select * from user; 
+----+--------+------+ 
| id | name   | 易做图  | 
+----+--------+------+ 
|  1 | benson | m    | 
|  2 | jerry  | f    | 
|  3 | Mike   | m    | 
|  4 | Jenny  | f    | 
|  5 | Rose   | f    | 
+----+--------+------+ 
5 rows in set (0.00 sec) 
 
mysql> select * from user;
+----+--------+------+
| id | name   | 易做图  |
+----+--------+------+
|  1 | benson | m    |
|  2 | jerry  | f    |
|  3 | Mike   | m    |
|  4 | Jenny  | f    |
|  5 | Rose   | f    |
+----+--------+------+
5 rows in set (0.00 sec)
JSP页面和Servlet:
 
1.index.jsp:负责接受用户的输入(输入用户名和选择性别)
 
 
[html] <%@ page contentType="text/html; charset=UTF-8" %> 
<html> 
    <head> 
        <title>SQL注入测试</title> 
    </head> 
    <body> 
        <form action="query.do"> 
            姓名:<input type="text" name="name"><br/> 
            性别:<select name="易做图"> 
                <option value="m">男</option> 
                <option value="f">女</option> 
            </select> 
            <br/> 
            <input type="submit" value="搜索"/> 
        </form> 
    </body> 
</html> 
 
<%@ page contentType="text/html; charset=UTF-8" %>
<html>
       <head>
              <title>SQL注入测试</title>
       </head>
       <body>
              <form action="query.do">
                     姓名:<input type="text" name="name"><br/>
                     性别:<select name="易做图">
                            <option value="m">男</option>
                            <option value="f">女</option>
                     </select>
                     <br/>
                     <input type="submit" value="搜索"/>
              </form>
       </body>
</html>
QueryServlet处理类:
 
 
[java] package zjut.tsw.servlet; 
 
import java.io.IOException; 
import java.sql.Connection; 
import java.sql.DriverManager; 
import java.sql.ResultSet; 
import java.sql.SQLException; 
import java.sql.Statement; 
import java.util.ArrayList; 
 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServlet; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
 
import zjut.tsw.vo.User; 
 
public class QueryServlet extends HttpServlet { 
 
    /**
     * 
     */ 
    private static final long serialVersionUID = 1L; 
     
    ArrayList<User> users = null; 
 
    public void doGet(HttpServletRequest request, HttpServletResponse response) 
            throws ServletException, IOException { 
 
        request.setCharacterEncoding("utf-8"); 
        response.setContentType("text/html;charset=utf-8"); 
 
        // 获取姓名和性别  
        String name = request.getParameter("name"); 
        String 易做图 = request.getParameter("易做图"); 
 
        // debug  
        System.out.println("name is:" + name + "\n易做图 is:" + 易做图); 
 
        users = query(name, 易做图); 
 
        request.setAttribute("users", users); 
        request.getRequestDispatcher("/query.j

补充：综合编程 , 安全编程 ,