mark.george / jetty
Transfer to URL with SHA Find file
Newer
Older
jetty / src / java / servlets / LoginServlet.java
Mark George on 28 Sep 2017 5 KB Initial commit.
Raw Blame History 
/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package servlets;

import dao.JdbcConnection;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 *
 * This servlet is used to demonstrate SQL injection attacks.
 *
 *
 * @author mark
 */
public class LoginServlet extends HttpServlet {

   /**
    * Processes requests for both HTTP
    * <code>GET</code> and
    * <code>POST</code> methods.
    *
    * @param request servlet request
    * @param response servlet response
    * @throws ServletException if a servlet-specific error occurs
    * @throws IOException if an I/O error occurs
    */
   protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
		
      response.setContentType("text/html;charset=UTF-8");
      PrintWriter out = response.getWriter();

      String username = request.getParameter("username");
      String password = request.getParameter("password");

      String sql = "select name from users where username = '" + username + "' and password = '" + password + "';";
      try (
         Connection con = JdbcConnection.getConnection();
         Statement s = con.createStatement();
         ResultSet rs = s.executeQuery(sql);
         ) {

         if (rs.next()) {
            String uname = rs.getString("name");
            out.println("<!DOCTYPE html>");
				out.println("<html>");
				
				out.println("<head>");
				out.println("<link rel=\"stylesheet\" href=\"highlight.js/github.css\">");
				out.println("<script src=\"highlight.js/highlight.pack.js\"></script>");
				out.println("<script>hljs.initHighlightingOnLoad();</script>");
				out.println("</head>");
				
				out.println("<body>");
            out.println("<h1 style=\"color: green;\">Hi " + uname + ".  You have successfully logged in!</h1>");
            out.println("<p>Code for generating query:</p>");
				out.println("<pre><code class=\"java\">\"select * from users where username = '\" + username + \"' and password = '\" + password + \"';\"</code></pre>");
            out.println("<p>Generated query was:</p>");
            out.println("<pre><code class=\"sql\">" + sql + "</code></pre>");
            out.println("<p>Query found a matching result.</p>");
            out.println("<p><a href=\"index.jsp\">Back</a></p>");
            out.println("</body></html>");
         } else {
            out.println("<!DOCTYPE html>");
				out.println("<html>");
				
				out.println("<head>");
				out.println("<link rel=\"stylesheet\" href=\"highlight.js/github.css\">");
				out.println("<script src=\"highlight.js/highlight.pack.js\"></script>");
				out.println("<script>hljs.initHighlightingOnLoad();</script>");
				out.println("</head>");
				
				out.println("<body>");
            out.println("<h1 style=\"color: red;\">Log in failed!</h1>");
				out.println("<p>Code for generating query:</p>");
				out.println("<pre><code class=\"java\">\"select * from users where username = '\" + username + \"' and password = '\" + password + \"';\"</code></pre>");
            out.println("<p>Generated query was:</p>");
            out.println("<pre><code class=\"sql\">" + sql + "</code></pre>");
				out.println("<p>Query found no results matching those details.</p>");
            out.println("<p><a href=\"index.jsp\">Back</a></p>");
            out.println("</body></html>");
         }

      } catch (SQLException ex) {
         Logger.getLogger(LoginServlet.class.getName()).log(Level.SEVERE, null, ex);
      }
   }
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/**
 * Handles the HTTP
 * <code>GET</code> method.
 *
 * @param request servlet request
 * @param response servlet response
 * @throws ServletException if a servlet-specific error occurs
 * @throws IOException if an I/O error occurs
 */
@Override
   protected void doGet(HttpServletRequest request, HttpServletResponse response)
	   throws ServletException, IOException {
		processRequest(request, response);
	}

	/**
	 * Handles the HTTP <code>POST</code> method.
	 * @param request servlet request
	 * @param response servlet response
	 * @throws ServletException if a servlet-specific error occurs
	 * @throws IOException if an I/O error occurs
	 */
	@Override
   protected void doPost(HttpServletRequest request, HttpServletResponse response)
	   throws ServletException, IOException {
		processRequest(request, response);
	}

	/**
	 * Returns a short description of the servlet.
	 * @return a String containing servlet description
	 */
	@Override
   public String getServletInfo() {
		return "Short description";
	}// </editor-fold>
}