Java实现控制台登录(控制台输入的数据与数据库中的数据匹配) 注册
2018-03-23 22:38
861 查看
登录
说明:从控制台输入用户名和密码,然后从数据库中查询该用户是否存在,如果存在, 将数据信息保存在User类的对象中,返回该类的对象控制台输出欢迎登录,如果不存在,控制台输出登录失败 前提:已建好一张数据库表,如下图所示:
User类
package com.lanou3g.jdbc; import java.sql.Date; public class User { // 对象中声明的属性名尽量和数据库中的字段相同 private int id; private String name; private String password; private String email; private Date birthday; public User() { super(); // TODO Auto-generated constructor stub } public User(int id, String name, String password, String email, Date birthday) { super(); this.id = id; this.name = name; this.password = password; this.email = email; this.birthday = birthday; } public int getId() { return id; } public void setId(int id) { this.id = id; } public String getName() { return name; } public void setName(String name) { this.name = name; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } public Date getBirthday() { return birthday; } public void setBirthday(Date birthday) { this.birthday = birthday; } @Override public String toString() { return "User [id=" + id + ", name=" + name + ", password=" + password + ", email=" + email + ", birthday=" + birthday + "]"; } }
登录类
package com.lanou3g.jdbc; import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; public class Demo07 { static { try { Class.forName("com.mysql.jdbc.Driver"); } catch (ClassNotFoundException e) { // TODO Auto-generated catch block throw new RuntimeException("驱动加载失败"); } } public static User getUser(String name1,String password1) { User user = null; try { String url = "jdbc:mysql://localhost:3306/myjdbc"; Connection connection = DriverManager.getConnection(url,"root","123456"); Statement statement = connection.createStatement(); String sql = "select * from users where name = '"+name1+"' " + "and password = '"+password1+"'"; ResultSet resultSet = statement.executeQuery(sql); if(resultSet.next()) { user = new User(); 4000 user.setId(resultSet.getInt("id")); user.setName(resultSet.getString("name")); user.setPassword(resultSet.getString("password")); user.setEmail(resultSet.getString("email")); user.setBirthday(resultSet.getDate("birthday")); } } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); } return user; } }
测试登录类
package com.lanou3g.jdbc; import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.Scanner; public class Test { public static void main(String[] args) { System.out.println("请输入用户名"); Scanner scanner = new Scanner(System.in); String name = scanner.nextLine(); System.out.println("请输入密码"); Scanner scanner2 = new Scanner(System.in); String password = scanner.nextLine(); User user = Demo07.getUser(name, password); if(user == null) { System.out.println("登录失败"); }else { System.out.println("欢迎登录"); } } }
测试结果截图
存在缺陷
当密码输入为test'or'1'='1时,无论输入什么用户名,都会成功登录进去 原因:打印sql语句 如下图所示 select * from users where name = 'test' and password = 'test'or'1'='1' and 优先级高于 or ,无论前面是真是假, '1'='1'永远为真 即select语句返回的是真,所有查询返回的是真,虽然密码错误,任然可以登录进去
解决方案
用PreparedStatement类来代替Statement类,同时采用占位符? 可以将缺陷完美解决
加强后的代码 其余代码不变
package com.lanou3g.jdbc; import java.io.Console; import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import com.mysql.jdbc.PreparedStatement; public class Demo07 { static { try { Class.forName("com.mysql.jdbc.Driver"); } catch (ClassNotFoundException e) { // TODO Auto-generated catch block throw new RuntimeException("驱动加载失败"); } } static Connection connection = null; static java.sql.PreparedStatement statement = null; public static User getUser(String name1,String password1) { User user = null; try { String url = "jdbc:mysql://localhost:3306/myjdbc"; connection = DriverManager.getConnection(url,"root","123456"); String sql = "select * from users where name=? and password=?"; // 对sql语句进行预编译 statement = connection.prepareStatement(sql); // 给sql语句的占位符 进行赋值 // 参数1 填索引 sql语句中问号索引 statement.setString(1, name1); statement.setString(2, password1); System.out.println(sql); ResultSet resultSet = statement.executeQuery(); // 只返回一条数据 if(resultSet.next()) { user = new User(); user.setId(resultSet.getInt("id")); user.setName(resultSet.getString("name")); user.setPassword(resultSet.getString("password")); user.setEmail(resultSet.getString("email")); user.setBirthday(resultSet.getDate("birthday")); } } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); }finally { if(connection != null) { try { connection.close(); } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); } } if(statement != null) { try { statement.close(); } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } return user; } }
结果截图
注册
表中设置ID为主键,且为自增类型的,实现控制台输入数据,插入到数据库中
代码示例
public class Demo02 { @Test public static int test1(String name,String password,String email,String birthday) throws ClassNotFoundException, SQLException { Class.forName("com.mysql.jdbc.Driver"); String url = "jdbc:mysql://localhost:3306/myjdbc"; Connection connection = DriverManager.getConnection(url,"root","123456"); String sql = "insert into users (name,password,email,birthday) values (?,?,?,?)"; PreparedStatement statement = connection.prepareStatement(sql); statement.setString(1, "zhangsna"); statement.setString(2,"123"); statement.setString(3, "123@qq.com"); statement.setString(4, "1254-08-01"); int row = statement.executeUpdate(); return row; } }
测试类
public class Demo01 { public static void main(String[] args) throws ClassNotFoundException, SQLException { Scanner scanner = new Scanner(System.in); System.out.println("请输入用户名:"); String name = scanner.nextLine(); System.out.println("请输入密码:"); String password = scanner.nextLine(); System.out.println("请输入email:"); String email = scanner.nextLine(); System.out.println("请输入birthday:"); String birthday = scanner.nextLine(); int test1 = Demo02.test1(name, password, email, birthday); if(test1 > 0) { System.out.println("注册成功"); }else { System.out.println("注册失败"); } } }
相关文章推荐
- JavaDay10--Homework(无数据库实现用户注册、登录)
- java 与数据库连接 实现用户的注册和登录
- Java_IO 流 数据放入txt文档,实现登录注册
- 快速排序(Java语言实现)——从控制台输入数据,排序后输出
- 不二极端编程之JAVA基础总结(3)[数组循环实现控制台注册登录全功能]
- java 与数据库连接 实现用户的注册和登录
- JDBC应用、控制台连MySQL接数据库实现学生管理系统的登录注册、增删改查
- Java实现登录、注册(使用数组存储数据)
- Java基础-22总结登录注册IO版,数据操作流,内存操作流,打印流,标准输入输出流,转换流,随机访问流,合并流,序列化流,Properties
- javaWeb 简单注册登录(含数据库连接) -- (三) 实现用户注册请求的响应
- 小白Java求学之路之一:控制台实现用户注册、登录
- Java小程序之集合框架模拟数据库实现用户登录和注册功能
- java在线聊天项目1.2版 ——开启多个客户端,分别实现数据库注册和登录功能后,成功登陆则登录框消失,好友列表窗出现
- Java基础-22总结登录注册IO版,数据操作流,内存操作流,打印流,标准输入输出流,转换流,随机访问流,合并流,序列化流,Properties
- Java小程序之集合框架模拟数据库实现用户登录和注册功能
- ODBC + WIN32 API 访问MYSQL 数据库实现简单QQ用户注册和登录
- Java中从控制台输入数据的几种常用方法
- Java从控制台输入获取数据的几种常用方法
- 完成用户注册、登录页面,实现数据的真实操作。
- 关于java控制台获取输入数据