This is my code that I wrote when user wants to change his password.
s2.executeUpdate("UPDATE user SET AES_ENCRYPT(password='"+newpw1+"','key') WHERE uid='"+pubvar.uid+"')");
But it doesn't work, can someone correct it for me and post it? Thanks.
you mean,
UPDATE user
SET password = AES_ENCRYPT('" + newpw1 + "','key')
WHERE uid = '" + pubvar.uid + "')
better use PreparedStatement
to prevent from SQL Injection
.
String _upd = "UPDATE user SET password = AES_ENCRYPT(?,'key') WHERE uid = ?)";
PreparedStatement pstmt = con.prepareStatement(_upd);
pstmt.setString(1, newpw1);
pstmt.setString(2, pubvar.uid);
pstmt.executeUpdate();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.