1) 3 times wrong password---------------------------------------------------

1. 1) 3 times wrong password
2. ---------------------------------------------------
3. package myastfolder;
4.  
5. import java.awt.event.*;
6. import javax.swing.*;
7.  
8.  
9. public class Q1 {
10.  
11. public static int cnt=0;
12. public static boolean flag=false;
13. public static void main(String[] args) {
14.  
15.  
16. JFrame f=new JFrame("Button Example");
17. final JTextField tf=new JTextField();
18. tf.setBounds(50,50, 150,20);
19. JButton b=new JButton("Click Here");
20. b.setBounds(50,100,95,30);
21.  
22. JLabel l1;
23. l1=new JLabel("");
24. l1.setBounds(50,60, 150,50);
25.  
26. f.add(l1);
27. f.setSize(300,300);
28. f.setLayout(null);
29. f.setVisible(true);
30. b.addActionListener(new ActionListener(){
31. public void actionPerformed(ActionEvent e){
32. int p;
33.  
34.  
35. //int cnt=0;
36. cnt++;
37. if(tf.getText().equals("11"))
38. {
39. // break;
40. flag=true;
41. l1.setText("congoo correct pwd!!!");
42. }
43. else
44. {
45. l1.setText("oops wrong pwd!!!");
46. }
47.  
48. if(cnt==3 && flag==false)
49. {
50. System.exit(0);
51. }
52. tf.setText("");
53. }
54. });
55. f.add(b);f.add(tf);
56. f.setSize(400,400);
57. f.setLayout(null);
58. f.setVisible(true);
59. }
60. }
61. ------------------------------------------------
62. 2) SQLInjection
63.  
64. new.html
65.  
66. <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
67. pageEncoding="ISO-8859-1"%>
68. <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
69. <html>
70. <head>
71. <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
72. <title>Insert title here</title>
73. </head>
74. <body>
75. <form action='userCheck' method="post">
76. <input type='text' name='user' value=''/>
77. <input type='submit' value='Submit'/>
78. </form>
79. </body>
80. </html>
81.  
82.  
83. userCheck.java
84.  
85.  
86. import java.io.IOException;
87. import java.io.PrintWriter;
88. import java.sql.Connection;
89. import java.sql.DriverManager;
90. import java.sql.ResultSet;
91. import java.sql.Statement;
92.  
93. import javax.servlet.ServletException;
94. import javax.servlet.http.HttpServlet;
95. import javax.servlet.http.HttpServletRequest;
96. import javax.servlet.http.HttpServletResponse;
97.  
98. public class userCheck extends HttpServlet {
99. private static final long serialVersionUID = 1L;
100. protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
101. response.setContentType("text/html;charset=UTF-8");
102. PrintWriter out = response.getWriter();
103. try {
104.  
105. String user = request.getParameter("user");
106. //out.println(user);
107. Connection conn = null;
108. String url = "jdbc:mysql://192.168.100.75:3307/";
109. String dbName = "dac7";
110. String driver = "com.mysql.jdbc.Driver";
111. String userName = "dac7";
112. String password = "welcome";
113. try {
114. Class.forName(driver).newInstance();
115. conn = DriverManager.getConnection(url + dbName, userName, password);
116.  
117. Statement st = conn.createStatement();
118. String query = "SELECT * FROM user1 where username='"+user+"'";
119. out.println("Query : " + query);
120. System.out.printf(query);
121. ResultSet res = st.executeQuery(query);
122.  
123. out.println("Results");
124. while (res.next()) {
125. String s = res.getString("username");
126. out.println("\t\t" + s);
127. }
128. conn.close();
129.  
130. } catch (Exception e) {
131. e.printStackTrace();
132. }
133. } finally {
134. out.close();
135. }
136.  
137. }
138. }