Because the username and password are composed of A-Z, A-Z, 0-9 characters,
I will refer to the algorithm of the regular expression, so there is a negative idea:
Judging the username and password entered by the user, see if it is these characters,
If so, login verification
Otherwise, there is an illegal character.
code show as below:
//login.jsp
<% @ page contenttype = "text / html; charset = GBK" language = "java" import = "java.io. *" ErrorPage = "error.jsp"%>
<%!
Boolean Regex (String Str) {
Java.util.regex.pattern p = null; // Regular expression
Java.util.Regex.matcher m = null; // Operation string
Boolean value = true;
Try {
P = java.util.Regex.pattern.Compile ("[^ 0-9a-za-z]");
m = p.matcher (str);
IF (m.find ()) {
Value = false;
}
} catch (exception e) {}
Return Value;
}
%>
No title document </ Title></p>
<p></ hEAD></p>
<p><body></p>
<p><Table Width = "100%" height = "100%" border = "0"></p>
<p><tr></p>
<p><TD align = "center" valign = "middle"></p>
<p><% String action = request.getParameter ("action");</p>
<p>IF (Action! = Null && Action.equals ("Login")) {</p>
<p>String Username = Request.getParameter ("UserName");</p>
<p>String password = Request.getParameter ("password");</p>
<p>IF (! regex (username) ||! regex (password)) {</p>
<p>OUT.PRINTLN ("<script language ='javascript'>");</p>
<p>Out.println ("</p>
<p>Alert ('1. Username can only be A-Z, A-Z, 0-9 characters // N2. The password can only be A-Z, A-Z, 0-9 characters // n3. Do not allow space ') ");</p>
<p>OUT.PRINTLN ("History.go (-1)");</p>
<p>OUT.PRINTLN ("</ script>");</p>
<p>Out.print ("Username can only be A-Z, A-Z, 0-9 characters");</p>
<p>Return; // Take out the program</p>
<p>}</p>
<p>Out.println (action); // Login Verification</p>
<p>Out.println ("User Name is" UserName "<br>");</p>
<p>Out.println ("Password" password);</p>
<p>Else {</p>
<p>%></p>
<p><form name = "form1" method = "post" action = "#"></p>
<p><Table Width = "70%" Border = "0"></p>
<p><tr></p>
<p><TD> UserName </ TD></p>
<p><TD> <input name = "username" type = "text" id = "username"></p>
<p></ td></p>
<p></ TR></p>
<p><tr></p>
<p><TD> Password </ TD></p>
<p><TD> <input name = "password" type = "text" id = "password"> </ td></p>
<p></ TR></p>
<p><tr></p>
<p><TD> </ td></p>
<p><TD> <Input Name = "Action" type = "hidden" id = "action" value = "login"></p>
<p>User name and password can only be A-Z, A-Z, 0-9 characters </ TD></p>
<p></ TR></p>
<p><tr></p>
<p><TD> <input type = "submit" name = "submit" value = "o k"> </ td></p>
<p><TD> <input type = "reset" name = "submit2" value = "caland"> </ td></p>
<p></ TR></p>
<p></ TABLE></p>
<p></ form> <%}%> </ td></p>
<p></ TR></p>
<p></ TABLE></p>
<p></ body></p>
<p></ html></p></div><div class="text-center mt-3 text-grey">
转载请注明原文地址:https://www.9cbs.com/read-132458.html</div><div class="plugin d-flex justify-content-center mt-3"></div><hr><div class="row"><div class="col-lg-12 text-muted mt-2"><i class="icon-tags mr-2"></i><span class="badge border border-secondary mr-2"><h2 class="h6 mb-0 small"><a class="text-secondary" href="tag-2.html">9cbs</a></h2></span></div></div></div></div><div class="card card-postlist border-white shadow"><div class="card-body"><div class="card-title"><div class="d-flex justify-content-between"><div><b>New Post</b>(<span class="posts">0</span>)
</div><div></div></div></div><ul class="postlist list-unstyled">
</ul></div></div><div class="d-none threadlist"><input type="checkbox" name="modtid" value="132458" checked /></div></div></div></div></div><footer class="text-muted small bg-dark py-4 mt-3" id="footer"><div class="container"><div class="row"><div class="col">CopyRight © 2020 All Rights Reserved
</div><div class="col text-right">Processed:
<b>0.042</b>, SQL:
<b>9</b></div></div></div></footer><script src="./lang/en-us/lang.js?2.2.0"></script><script src="view/js/jquery.min.js?2.2.0"></script><script src="view/js/popper.min.js?2.2.0"></script><script src="view/js/bootstrap.min.js?2.2.0"></script><script src="view/js/xiuno.js?2.2.0"></script><script src="view/js/bootstrap-plugin.js?2.2.0"></script><script src="view/js/async.min.js?2.2.0"></script><script src="view/js/form.js?2.2.0"></script><script>
var debug = DEBUG = 0;
var url_rewrite_on = 1;
var url_path = './';
var forumarr = {"1":"Tech"};
var fid = 1;
var uid = 0;
var gid = 0;
xn.options.water_image_url = 'view/img/water-small.png';
</script><script src="view/js/wellcms.js?2.2.0"></script><a class="scroll-to-top rounded" href="javascript:void(0);"><i class="icon-angle-up"></i></a><a class="scroll-to-bottom rounded" href="javascript:void(0);" style="display: inline;"><i class="icon-angle-down"></i></a></body></html><script>
var forum_url = 'list-1.html';
var safe_token = 'SM_2BYAiAfLlUKSVHlymh2rv62VFcbEjCeh_2BZXzzWzWC8ubOaMGHGqGfuNOK2R791JvO9cSITnImXovoVpy_2FaD4Q_3D_3D';
var body = $('body');
body.on('submit', '#form', function() {
var jthis = $(this);
var jsubmit = jthis.find('#submit');
jthis.reset();
jsubmit.button('loading');
var postdata = jthis.serializeObject();
$.xpost(jthis.attr('action'), postdata, function(code, message) {
if(code == 0) {
location.reload();
} else {
$.alert(message);
jsubmit.button('reset');
}
});
return false;
});
function resize_image() {
var jmessagelist = $('div.message');
var first_width = jmessagelist.width();
jmessagelist.each(function() {
var jdiv = $(this);
var maxwidth = jdiv.attr('isfirst') ? first_width : jdiv.width();
var jmessage_width = Math.min(jdiv.width(), maxwidth);
jdiv.find('img, embed, iframe, video').each(function() {
var jimg = $(this);
var img_width = this.org_width;
var img_height = this.org_height;
if(!img_width) {
var img_width = jimg.attr('width');
var img_height = jimg.attr('height');
this.org_width = img_width;
this.org_height = img_height;
}
if(img_width > jmessage_width) {
if(this.tagName == 'IMG') {
jimg.width(jmessage_width);
jimg.css('height', 'auto');
jimg.css('cursor', 'pointer');
jimg.on('click', function() {
});
} else {
jimg.width(jmessage_width);
var height = (img_height / img_width) * jimg.width();
jimg.height(height);
}
}
});
});
}
function resize_table() {
$('div.message').each(function() {
var jdiv = $(this);
jdiv.find('table').addClass('table').wrap('<div class="table-responsive"></div>');
});
}
$(function() {
resize_image();
resize_table();
$(window).on('resize', resize_image);
});
var jmessage = $('#message');
jmessage.on('focus', function() {if(jmessage.t) { clearTimeout(jmessage.t); jmessage.t = null; } jmessage.css('height', '6rem'); });
jmessage.on('blur', function() {jmessage.t = setTimeout(function() { jmessage.css('height', '2.5rem');}, 1000); });
$('#nav li[data-active="fid-1"]').addClass('active');
</script>
