Home Database SQL Learn about SQL injection and how to fix it

Learn about SQL injection and how to fix it

Jan 28, 2021 pm 06:17 PM
sql injection

Learn about SQL injection and how to fix it

Recommendation (free): sql tutorial

##SQL injection refers to the intrusion of user-entered data by web applications. There is no judgment on legality or lax filtering. Attackers can add additional SQL statements at the end of the predefined query statements in the web application to achieve illegal operations without the administrator's knowledge, thereby deceiving the database. The server performs unauthorized arbitrary queries to further obtain corresponding data information.

1. SQL injection case

Simulate a SQL injection case of user login. The user enters the user name and password on the console, and then uses Statement string concatenation. Implement user login.

1.1 First create the user table and data in the database

-- 创建一张用户表
CREATE TABLE `users` (
  `id` INT(11) NOT NULL AUTO_INCREMENT,
  `username` VARCHAR(20),
  `password` VARCHAR(50),
  PRIMARY KEY (`id`)
) ENGINE=INNODB DEFAULT CHARSET=utf8;


-- 插入数据
INSERT INTO  users(username,`password`) VALUES('张飞','123321'),('赵云','qazxsw'),('诸葛亮','123Qwe');
INSERT INTO  users(username,`password`) VALUES('曹操','741258'),('刘备','plmokn'),('孙权','!@#$%^');


-- 查看数据
SELECT  * FROM users;
Copy after login

Learn about SQL injection and how to fix it

##1.2 Write a login Program

import java.sql.*;
import java.util.Scanner;


public class TestSQLIn {
    public static void main(String[] args) throws ClassNotFoundException, SQLException {
        Class.forName("com.mysql.jdbc.Driver");
        String url = "jdbc:mysql://127.0.0.1:3306/testdb?characterEncoding=UTF-8";
        Connection conn = DriverManager.getConnection(url,"root","123456");
        //System.out.println(conn);
        // 获取语句执行平台对象 Statement
        Statement smt = conn.createStatement();


        Scanner sc = new Scanner(System.in);
        System.out.println("请输入用户名:");
        String userName = sc.nextLine();
        System.out.println("请输入密码:");
        String password = sc.nextLine();


        String sql = "select  * from users where username = '" + userName + "'  and  password = '" + password +"'";
        //打印出SQL
        System.out.println(sql);
        ResultSet resultSet = smt.executeQuery(sql);
        if(resultSet.next()){
            System.out.println("登录成功!!!");
        }else{
            System.out.println("用户名或密码错误,请重新输入!!!");
        }


        resultSet.close();
        smt.close();
        conn.close();


    }


}
Copy after login

1.3 Normal login

After entering the correct user name and password, it will prompt "Login successful"

Learn about SQL injection and how to fix it

1.4 Login failure

When the user name or password is entered incorrectly, the prompt "User name or password is incorrect, please re-enter"

Learn about SQL injection and how to fix it

1.5 Simulating SQL injection

The concatenated string contains or '1'='1', which is a constant condition, so even if the previous user and password do not exist, it will All records are taken out, so the prompt "Login successful"

Learn about SQL injection and how to fix it

1.6 SQL syntax error

Using the splicing method, SQL will also appear Syntax errors and other errors, such as

Learn about SQL injection and how to fix it

2. Solution

Using the Statement method, the user can change the original text through string splicing. The true meaning of SQL leads to the risk of SQL injection. To solve SQL injection, you can use the preprocessing object PreparedStatement instead of Statement for processing.

1.1 Write a new program

import java.sql.*;
import java.util.Scanner;


public class TestSQLIn {
    public static void main(String[] args) throws ClassNotFoundException, SQLException {
        Class.forName("com.mysql.jdbc.Driver");
        String url = "jdbc:mysql://127.0.0.1:3306/testdb?characterEncoding=UTF-8";
        Connection conn = DriverManager.getConnection(url,"root","123456");
        //System.out.println(conn);
        // 获取语句执行平台对象 Statement
        // Statement smt = conn.createStatement();


        Scanner sc = new Scanner(System.in);
        System.out.println("请输入用户名:");
        String userName = sc.nextLine();
        System.out.println("请输入密码:");
        String password = sc.nextLine();


        String sql = "select  * from users where username = ? and  password = ? ";
        // System.out.println(sql);
        // ResultSet resultSet = smt.executeQuery(sql);
        PreparedStatement preparedStatement = conn.prepareStatement(sql);
        preparedStatement.setString(1,userName);
        preparedStatement.setString(2,password);


        ResultSet  resultSet = preparedStatement.executeQuery();
        if(resultSet.next()){
            System.out.println("登录成功!!!");
        }else{
            System.out.println("用户名或密码错误,请重新输入!!!");
        }




        preparedStatement.close();
        resultSet.close();
        // smt.close();
        conn.close();


    }


}
Copy after login

2.2 Log in normally

Learn about SQL injection and how to fix it

2.3 Incorrect username and password

When the username or password is entered incorrectly, it will prompt "The username or password is incorrect, please re-enter"

Learn about SQL injection and how to fix it

2.4 Simulate SQL injection

According to the previous situation, write SQL injection. After the test, SQL injection will no longer occur.

Learn about SQL injection and how to fix it

2.5 Simulating SQL syntax error

After using the preprocessing class, inputting content with single quotes or double quotes will not work SQL syntax errors will appear again

Learn about SQL injection and how to fix it

3. Summary

The main differences between Statement and PreparedStatement are as follows:

    Statement is used to execute static SQL statements. During execution, a prepared SQL statement must be specified.
  • PrepareStatement is a precompiled SQL statement object. The statement can contain the dynamic parameter "?", and the parameter value can be dynamically set for "?" during execution
  • PrepareStatement can reduce the number of compilations and improve database performance

The above is the detailed content of Learn about SQL injection and how to fix it. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

How to use exp for SQL error injection How to use exp for SQL error injection May 12, 2023 am 10:16 AM

0x01 Preface Overview The editor discovered another Double data overflow in MySQL. When we get the functions in MySQL, the editor is more interested in the mathematical functions. They should also contain some data types to save values. So the editor ran to test to see which functions would cause overflow errors. Then the editor discovered that when a value greater than 709 is passed, the function exp() will cause an overflow error. mysql>selectexp(709);+-----------------------+|exp(709)|+---------- ------------+|8.218407461554972

PHP Programming Tips: How to Prevent SQL Injection Attacks PHP Programming Tips: How to Prevent SQL Injection Attacks Aug 17, 2023 pm 01:49 PM

PHP Programming Tips: How to Prevent SQL Injection Attacks Security is crucial when performing database operations. SQL injection attacks are a common network attack that exploit an application's improper handling of user input, resulting in malicious SQL code being inserted and executed. To protect our application from SQL injection attacks, we need to take some precautions. Use parameterized queries Parameterized queries are the most basic and most effective way to prevent SQL injection attacks. It works by comparing user-entered values ​​with a SQL query

Nginx basic security knowledge: preventing SQL injection attacks Nginx basic security knowledge: preventing SQL injection attacks Jun 10, 2023 pm 12:31 PM

Nginx is a fast, high-performance, scalable web server, and its security is an issue that cannot be ignored in web application development. Especially SQL injection attacks, which can cause huge damage to web applications. In this article, we will discuss how to use Nginx to prevent SQL injection attacks to protect the security of web applications. What is a SQL injection attack? SQL injection attack is an attack method that exploits vulnerabilities in web applications. Attackers can inject malicious code into web applications

How to prevent SQL injection attacks using PHP How to prevent SQL injection attacks using PHP Jun 24, 2023 am 10:31 AM

In the field of network security, SQL injection attacks are a common attack method. It exploits malicious code submitted by malicious users to alter the behavior of an application to perform unsafe operations. Common SQL injection attacks include query operations, insert operations, and delete operations. Among them, query operations are the most commonly attacked, and a common method to prevent SQL injection attacks is to use PHP. PHP is a commonly used server-side scripting language that is widely used in web applications. PHP can be related to MySQL etc.

PHP form filtering: SQL injection prevention and filtering PHP form filtering: SQL injection prevention and filtering Aug 07, 2023 pm 03:49 PM

PHP form filtering: SQL injection prevention and filtering Introduction: With the rapid development of the Internet, the development of Web applications has become more and more common. In web development, forms are one of the most common ways of user interaction. However, there are security risks in the processing of form submission data. Among them, one of the most common risks is SQL injection attacks. A SQL injection attack is an attack method that uses a web application to improperly process user input data, allowing the attacker to perform unauthorized database queries. The attacker passes the

Detection and repair of PHP SQL injection vulnerabilities Detection and repair of PHP SQL injection vulnerabilities Aug 08, 2023 pm 02:04 PM

Overview of detection and repair of PHP SQL injection vulnerabilities: SQL injection refers to an attack method in which attackers use web applications to maliciously inject SQL code into the input. PHP, as a scripting language widely used in web development, is widely used to develop dynamic websites and applications. However, due to the flexibility and ease of use of PHP, developers often ignore security, resulting in the existence of SQL injection vulnerabilities. This article will introduce how to detect and fix SQL injection vulnerabilities in PHP and provide relevant code examples. check

Laravel Development Notes: Methods and Techniques to Prevent SQL Injection Laravel Development Notes: Methods and Techniques to Prevent SQL Injection Nov 22, 2023 pm 04:56 PM

Laravel Development Notes: Methods and Techniques to Prevent SQL Injection With the development of the Internet and the continuous advancement of computer technology, the development of web applications has become more and more common. During the development process, security has always been an important issue that developers cannot ignore. Among them, preventing SQL injection attacks is one of the security issues that requires special attention during the development process. This article will introduce several methods and techniques commonly used in Laravel development to help developers effectively prevent SQL injection. Using parameter binding Parameter binding is Lar

Strategies to deal with SQL injection vulnerabilities in PHP Strategies to deal with SQL injection vulnerabilities in PHP Aug 09, 2023 pm 03:09 PM

SQL injection is a common network attack method that uses the application's imperfect processing of input data to successfully inject malicious SQL statements into the database. This attack method is particularly common in applications developed using the PHP language, because PHP's handling of user input is usually relatively weak. This article will introduce some strategies for dealing with SQL injection vulnerabilities and provide PHP code examples. Using prepared statements Prepared statements are a recommended way to defend against SQL injection. It uses binding parameters to combine input data with

See all articles