📄 userbean.java
字号:
package com.xdf.supermarket.service;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.Statement;
import com.xdf.supermarket.db.DBConnection;
import com.xdf.supermarket.dto.UserDTO;
import com.xdf.supermarket.util.Tools;
public class UserBean extends BaseBean{
public UserDTO findUser(String username,String password){
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
UserDTO ud = null;
try {
conn = DBConnection.getConnection();
stmt = conn.createStatement();
//有漏洞
String sql = "select * from shop_user where username='"
+Tools.dan(username)+"' and password='"+Tools.dan(password)+"'";
rs = stmt.executeQuery(sql);
if(rs.next()){
ud = new UserDTO();
ud.setUsername(username);
ud.setPassword(password);
ud.setFlag(rs.getString("flag"));
}
} catch (Exception e) {
e.printStackTrace();
}finally{
close(rs);
close(stmt);
close(conn);
}
return ud;
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -