数据库身份验证中基于Java控制台的客户端服务器登录应用程序错误
从早上开始我就一直在努力解决这个问题。我有客户端和服务器应用程序,客户端发送用户名和密码,服务器接收用户名和密码,签入数据库,向正确的用户发送成功消息
但是,我无法处理来自客户端的请求
有什么问题?它在哪里?
等待专家的解决方案
这是服务器:
import java.io.*;
import java.net.*;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.ServerSocket;
import java.net.Socket;
import java.io.File;
import java.sql.*;
class TCPServer
{
public static void main(String argv[]) throws Exception
{
String clientSentence,clientpassword;
String capitalizedSentence;
ServerSocket welcomeSocket = new ServerSocket(4003);
Connection con = null;
String url = "jdbc:mysql://localhost:3306/";
String db = "database";
String driver = "com.mysql.jdbc.Driver";
String user = "root";
String pass = "root";
while(true)
{
Socket connectionSocket = welcomeSocket.accept();
BufferedReader inFromClient =
new BufferedReader(new InputStreamReader(connectionSocket.getInputStream()));
BufferedReader inFromClient1 =
new BufferedReader(new InputStreamReader(connectionSocket.getInputStream()));
DataOutputStream outToClient = new DataOutputStream(connectionSocket.getOutputStream());
clientSentence = inFromClient.readLine();
clientpassword = inFromClient.readLine();
System.out.println("Received User Name: " + clientSentence);
System.out.println("Received Password: " + clientpassword);
Class.forName(driver).newInstance();
con = DriverManager.getConnection(url+db, user, pass);
Statement st = con.createStatement();
ResultSet res = st.executeQuery("SELECT * FROM table WHERE user='clientSentence' AND password='clientpassword'");
while (res.next()) {
String u = res.getString("user");
String p = res.getString("password");
if (clientSentence.equals(u) && clientpassword.equals(p)){
capitalizedSentence = "Welcome "+clientSentence+" \n";
outToClient.writeBytes(capitalizedSentence);
}else{
capitalizedSentence = "Sorry, not authorized \n";
outToClient.writeBytes(capitalizedSentence);
}
}
}con.close();
}
}
客户:
import java.io.*;
import java.net.*;
import java.io.File;
import java.io.FileInputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.Socket;
import java.util.Arrays;
import java.lang.*;
import java.util.Scanner;
class TCPClient
{
public static void main(String argv[]) throws Exception
{
String sentence,sentence1;
String modifiedSentence;
BufferedReader inFromUser = new BufferedReader( new InputStreamReader(System.in));
BufferedReader inFromUser1 = new BufferedReader( new InputStreamReader(System.in));
Socket clientSocket = new Socket("localhost", 4003);
DataOutputStream outToServer = new DataOutputStream(clientSocket.getOutputStream());
DataOutputStream outToServer1 = new DataOutputStream(clientSocket.getOutputStream());
BufferedReader inFromServer = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));
Console console = System.console();
String username = console.readLine("Enter your Username :");
char pswd[] = console.readPassword("Enter your Password :");
String upwd=new String(pswd);
outToServer.writeBytes(username + '\n');
outToServer1.writeBytes(upwd + '\n');
modifiedSentence = inFromServer.readLine();
System.out.println("FROM SERVER: " + modifiedSentence);
}
clientSocket.close();
}
}
# 1 楼答案
如果在同一台计算机上运行客户端和服务器,则客户端和服务器套接字不应使用相同的端口。。使用不同的端口
# 2 楼答案
如果没有与JVM关联的
Console,代码将在TCPClient中生成NullPointerException这肯定行不通,除非你真的想一直使用用户名'ClientSession'和密码'clientpassword'
您应该传递在该行上方设置的相应java变量的实际值。此外,正确的方法是使用
PreparedStatement并将用户输入作为参数传递,这样驱动程序将负责清理输入,以避免SQL注入或类似ImbecilUserException的错误