Java实现控制台登录(控制台输入的数据与数据库中的数据匹配) 注册
2018-03-23 22:38
861 查看
登录
说明:从控制台输入用户名和密码,然后从数据库中查询该用户是否存在,如果存在, 将数据信息保存在User类的对象中,返回该类的对象控制台输出欢迎登录,如果不存在,控制台输出登录失败 前提:已建好一张数据库表,如下图所示:
User类
package com.lanou3g.jdbc;
import java.sql.Date;
public class User {
// 对象中声明的属性名尽量和数据库中的字段相同
private int id;
private String name;
private String password;
private String email;
private Date birthday;
public User() {
super();
// TODO Auto-generated constructor stub
}
public User(int id, String name, String password, String email, Date birthday) {
super();
this.id = id;
this.name = name;
this.password = password;
this.email = email;
this.birthday = birthday;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public Date getBirthday() {
return birthday;
}
public void setBirthday(Date birthday) {
this.birthday = birthday;
}
@Override
public String toString() {
return "User [id=" + id + ", name=" + name + ", password=" + password + ", email=" + email + ", birthday="
+ birthday + "]";
}
}登录类
package com.lanou3g.jdbc;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
public class Demo07 {
static {
try {
Class.forName("com.mysql.jdbc.Driver");
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
throw new RuntimeException("驱动加载失败");
}
}
public static User getUser(String name1,String password1) {
User user = null;
try {
String url = "jdbc:mysql://localhost:3306/myjdbc";
Connection connection = DriverManager.getConnection(url,"root","123456");
Statement statement = connection.createStatement();
String sql = "select * from users where name = '"+name1+"' "
+ "and password = '"+password1+"'";
ResultSet resultSet = statement.executeQuery(sql);
if(resultSet.next()) {
user = new User();
4000
user.setId(resultSet.getInt("id"));
user.setName(resultSet.getString("name"));
user.setPassword(resultSet.getString("password"));
user.setEmail(resultSet.getString("email"));
user.setBirthday(resultSet.getDate("birthday"));
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return user;
}
}测试登录类
package com.lanou3g.jdbc;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
public class Test {
public static void main(String[] args) {
System.out.println("请输入用户名");
Scanner scanner = new Scanner(System.in);
String name = scanner.nextLine();
System.out.println("请输入密码");
Scanner scanner2 = new Scanner(System.in);
String password = scanner.nextLine();
User user = Demo07.getUser(name, password);
if(user == null) {
System.out.println("登录失败");
}else {
System.out.println("欢迎登录");
}
}
}测试结果截图
存在缺陷
当密码输入为test'or'1'='1时,无论输入什么用户名,都会成功登录进去 原因:打印sql语句 如下图所示 select * from users where name = 'test' and password = 'test'or'1'='1' and 优先级高于 or ,无论前面是真是假, '1'='1'永远为真 即select语句返回的是真,所有查询返回的是真,虽然密码错误,任然可以登录进去
解决方案
用PreparedStatement类来代替Statement类,同时采用占位符? 可以将缺陷完美解决
加强后的代码 其余代码不变
package com.lanou3g.jdbc;
import java.io.Console;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import com.mysql.jdbc.PreparedStatement;
public class Demo07 {
static {
try {
Class.forName("com.mysql.jdbc.Driver");
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
throw new RuntimeException("驱动加载失败");
}
}
static Connection connection = null;
static java.sql.PreparedStatement statement = null;
public static User getUser(String name1,String password1) {
User user = null;
try {
String url = "jdbc:mysql://localhost:3306/myjdbc";
connection = DriverManager.getConnection(url,"root","123456");
String sql = "select * from users where name=? and password=?";
// 对sql语句进行预编译
statement = connection.prepareStatement(sql);
// 给sql语句的占位符 进行赋值
// 参数1 填索引 sql语句中问号索引
statement.setString(1, name1);
statement.setString(2, password1);
System.out.println(sql);
ResultSet resultSet = statement.executeQuery();
// 只返回一条数据
if(resultSet.next()) {
user = new User();
user.setId(resultSet.getInt("id"));
user.setName(resultSet.getString("name"));
user.setPassword(resultSet.getString("password"));
user.setEmail(resultSet.getString("email"));
user.setBirthday(resultSet.getDate("birthday"));
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}finally {
if(connection != null) {
try {
connection.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if(statement != null) {
try {
statement.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
return user;
}
}结果截图
注册
表中设置ID为主键,且为自增类型的,实现控制台输入数据,插入到数据库中
代码示例
public class Demo02 {
@Test
public static int test1(String name,String password,String email,String birthday) throws ClassNotFoundException, SQLException {
Class.forName("com.mysql.jdbc.Driver");
String url = "jdbc:mysql://localhost:3306/myjdbc";
Connection connection = DriverManager.getConnection(url,"root","123456");
String sql = "insert into users (name,password,email,birthday) values (?,?,?,?)";
PreparedStatement statement = connection.prepareStatement(sql);
statement.setString(1, "zhangsna");
statement.setString(2,"123");
statement.setString(3, "123@qq.com");
statement.setString(4, "1254-08-01");
int row = statement.executeUpdate();
return row;
}
}测试类
public class Demo01 {
public static void main(String[] args) throws ClassNotFoundException, SQLException {
Scanner scanner = new Scanner(System.in);
System.out.println("请输入用户名:");
String name = scanner.nextLine();
System.out.println("请输入密码:");
String password = scanner.nextLine();
System.out.println("请输入email:");
String email = scanner.nextLine();
System.out.println("请输入birthday:");
String birthday = scanner.nextLine();
int test1 = Demo02.test1(name, password, email, birthday);
if(test1 > 0) {
System.out.println("注册成功");
}else {
System.out.println("注册失败");
}
}
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- JavaDay10--Homework(无数据库实现用户注册、登录)
- java 与数据库连接 实现用户的注册和登录
- Java_IO 流 数据放入txt文档,实现登录注册
- 快速排序(Java语言实现)——从控制台输入数据,排序后输出
- 不二极端编程之JAVA基础总结(3)[数组循环实现控制台注册登录全功能]
- java 与数据库连接 实现用户的注册和登录
- JDBC应用、控制台连MySQL接数据库实现学生管理系统的登录注册、增删改查
- Java实现登录、注册(使用数组存储数据)
- Java基础-22总结登录注册IO版,数据操作流,内存操作流,打印流,标准输入输出流,转换流,随机访问流,合并流,序列化流,Properties
- javaWeb 简单注册登录(含数据库连接) -- (三) 实现用户注册请求的响应
- 小白Java求学之路之一:控制台实现用户注册、登录
- Java小程序之集合框架模拟数据库实现用户登录和注册功能
- java在线聊天项目1.2版 ——开启多个客户端,分别实现数据库注册和登录功能后,成功登陆则登录框消失,好友列表窗出现
- Java基础-22总结登录注册IO版,数据操作流,内存操作流,打印流,标准输入输出流,转换流,随机访问流,合并流,序列化流,Properties
- Java小程序之集合框架模拟数据库实现用户登录和注册功能
- ODBC + WIN32 API 访问MYSQL 数据库实现简单QQ用户注册和登录
- Java中从控制台输入数据的几种常用方法
- Java从控制台输入获取数据的几种常用方法
- 完成用户注册、登录页面,实现数据的真实操作。
- 关于java控制台获取输入数据