JavaEE 防SQL注入问题

首页 / ☕Java / 正文

登录功能

interfacer.java

public boolean login(user_manager um);

control_user.java

    @Override
    public boolean login(user_manager um) {
        // TODO Auto-generated method stub
        
        Connection con = JdbcUnit.openDb();
    
        try {
            PreparedStatement pst = null;
            pst = con.prepareStatement("select * from si_user where S_Number = ? and S_Name = ?");
            pst.setInt(1, Integer.parseInt(um.getS_Number()));
            pst.setString(2, um.getS_Name());
            ResultSet rs = pst.executeQuery();
            
            if (rs.next() == true) {
                return true;
            } else {
                return false;
            }
        } catch(Exception e) {
            e.printStackTrace();
        }
        return false;
    }
您阅读这篇文章共花了:
打赏
评论区
头像