I downloaded an open-source sql injection application. When I tried to run it gives me error "HTTP method POST is not supported by this URL" and some warnings as well. I am sharing my code and some images.
HTML:
<%@ page language="java" contentType="text/html; charset=ISO- 8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Login Page</title>
<form action="userCheck">
<div>
<input type="text" name="user" value=""/>
<input type="submit" value="Submit"/>
</div>
</form>
</head>
<body>
</body>
</html>
XML:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name></display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>userCheck</servlet-name>
<servlet-class>RKINJ.userCheck</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>userCheck</servlet-name>
<url-pattern>/userCheck</url-pattern>
</servlet-mapping>
</web-app>
Java:
package RKINJ;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.sql.*;
import java.sql.Connection;
public class userCheck extends HttpServlet {
protected void processRequest (HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {
response.setContentType("'text/html;charset=UTF-8'");
PrintWriter out = response.getWriter();
try {
String user = request.getParameter("name");
Connection conn = null;
String url = "jdbc:mysql://localhost:3306/logindb";
// String dbName = "logindb";
String driver = "com.mysql.jdbc.Driver";
String userName = "root";
String password = "test1234";
try {
Class.forName(driver).newInstance();
conn = DriverManager.getConnection(url, userName, password);
Statement st = conn.createStatement();
String query = "SELECT * FROM userdetail where id='' + user + ''";
// out.println("Query : " + query);
// System.out.printf(query);
ResultSet res = st.executeQuery(query);
// out.println("Results");
while (res.next()) {
String s = res.getString("name");
out.println("\t\t" + s);
}
conn.close();
} catch (Exception e) {
e.printStackTrace();
}
} finally {
out.close();
}
}}
These are few warnings I got when run the program
Build path specifies execution environment JavaSE-1.6. There are no JREs installed in the workspace that are strictly compatible with this environment.
Classpath entry C:/Java-Programs/mysql-connector-java-5.1.23-bin-folder.jar/mysql-connector-java-5.1.23-bin.jar will not be exported or published. Runtime ClassNotFoundExceptions may result.
Classpath entry C:/Java-Programs/mysql-connector-java-5.1.23-bin.jar will not be exported or published. Runtime ClassNotFoundExceptions may result.
Invalid location of tag (form). login.jsp /RKINJ/WebContent line 9 JSP Problem.
The serializable class userCheck does not declare a static final serialVersionUID field of type long
您需要重写servlet中的doPost方法。
public void doPost(HttpServletRequest req, HttpServletResponse res)
You need to specify the action method
<form action"something" Method="POST / Get">
And you need also to override doPost method that in the servlet.
public void doPost(HttpServletRequest req, HttpServletResponse res)
I wish i was helpfull
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.