/* * To change this template, choose Tools | Templates * and open the template in the editor. */ package servlets; import dao.JdbcConnection; import java.io.File; import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.logging.Level; import java.util.logging.Logger; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * * This servlet is used to demonstrate SQL injection attacks. * * * @author mark */ public class LoginServlet extends HttpServlet { /** * Processes requests for both HTTP * <code>GET</code> and * <code>POST</code> methods. * * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); PrintWriter out = response.getWriter(); String username = request.getParameter("username"); String password = request.getParameter("password"); String sql = "select name from users where username = '" + username + "' and password = '" + password + "';"; try ( Connection con = JdbcConnection.getConnection(); Statement s = con.createStatement(); ResultSet rs = s.executeQuery(sql); ) { if (rs.next()) { String uname = rs.getString("name"); out.println("<!DOCTYPE html>"); out.println("<html>"); out.println("<head>"); out.println("<link rel=\"stylesheet\" href=\"highlight.js/github.css\">"); out.println("<script src=\"highlight.js/highlight.pack.js\"></script>"); out.println("<script>hljs.initHighlightingOnLoad();</script>"); out.println("</head>"); out.println("<body>"); out.println("<h1 style=\"color: green;\">Hi " + uname + ". You have successfully logged in!</h1>"); out.println("<p>Code for generating query:</p>"); out.println("<pre><code class=\"java\">\"select * from users where username = '\" + username + \"' and password = '\" + password + \"';\"</code></pre>"); out.println("<p>Generated query was:</p>"); out.println("<pre><code class=\"sql\">" + sql + "</code></pre>"); out.println("<p>Query found a matching result.</p>"); out.println("<p><a href=\"index.jsp\">Back</a></p>"); out.println("</body></html>"); } else { out.println("<!DOCTYPE html>"); out.println("<html>"); out.println("<head>"); out.println("<link rel=\"stylesheet\" href=\"highlight.js/github.css\">"); out.println("<script src=\"highlight.js/highlight.pack.js\"></script>"); out.println("<script>hljs.initHighlightingOnLoad();</script>"); out.println("</head>"); out.println("<body>"); out.println("<h1 style=\"color: red;\">Log in failed!</h1>"); out.println("<p>Code for generating query:</p>"); out.println("<pre><code class=\"java\">\"select * from users where username = '\" + username + \"' and password = '\" + password + \"';\"</code></pre>"); out.println("<p>Generated query was:</p>"); out.println("<pre><code class=\"sql\">" + sql + "</code></pre>"); out.println("<p>Query found no results matching those details.</p>"); out.println("<p><a href=\"index.jsp\">Back</a></p>"); out.println("</body></html>"); } } catch (SQLException ex) { Logger.getLogger(LoginServlet.class.getName()).log(Level.SEVERE, null, ex); } } // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code."> /** * Handles the HTTP * <code>GET</code> method. * * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { processRequest(request, response); } /** * Handles the HTTP <code>POST</code> method. * @param request servlet request * @param response servlet response * @throws ServletException if a servlet-specific error occurs * @throws IOException if an I/O error occurs */ @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { processRequest(request, response); } /** * Returns a short description of the servlet. * @return a String containing servlet description */ @Override public String getServletInfo() { return "Short description"; }// </editor-fold> }