java预编译原理

发表于2024-10-30更新于2024-11-01

调试准备

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
public class Main {
    public static Connection getConn(String url,String user,String password){

        try {
            // 加载MySQL JDBC驱动
            Class.forName("com.mysql.cj.jdbc.Driver");
            // 建立数据库连接
            Connection conn = DriverManager.getConnection(url, user, password);
        } catch (ClassNotFoundException | SQLException e) {
            throw new RuntimeException(e);
        }
        return null;
    }
    public static void main(String[] args) {
        // 数据库连接URL,格式为:jdbc:mysql://host:port/databaseName
        String url = "jdbc:mysql://localhost:3306/db";
        // 数据库用户名
        String user = "root";
        // 数据库密码
        String password = "root";
        Connection conn = getConn(url, user, password);
        try {
            PreparedStatement stms = conn.prepareStatement("select * from users where id=?");
            stms.setString(1, "1\"and 1=1");
            System.out.println("123456");

        }catch (Exception e){
            System.out.println(e.getMessage());
        }
    }
}
1
((ClientPreparedStatement) stms).getQueryBindings().getBindValues()[0].getValue()