Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- "SELECT FROM * TABLE;INSERT INTO TABLE;"
- String url = "jdbc:mysql://localhost:3306/";
- String dbName = "databaseinjection";
- String driver = "com.mysql.jdbc.Driver";
- String sqlUsername = "root";
- String sqlPassword = "abc";
- Class.forName(driver).newInstance();
- connection = DriverManager.getConnection(url+dbName, sqlUsername, sqlPassword);
- "SELECT FROM * TABLE;INSERT INTO TABLE;"
- String dbUrl = "jdbc:mysql:///test?allowMultiQueries=true";
- boolean hasMoreResultSets = stmt.execute( multiQuerySqlString );
- READING_QUERY_RESULTS: // label
- while ( hasMoreResultSets || stmt.getUpdateCount() != -1 ) {
- if ( hasMoreResultSets ) {
- Resultset rs = stmt.getResultSet();
- // handle your rs here
- } // if has rs
- else { // if ddl/dml/...
- int queryResult = stmt.getUpdateCount();
- if ( queryResult == -1 ) { // no more queries processed
- break READING_QUERY_RESULTS;
- } // no more queries processed
- // handle success, failure, generated keys, etc here
- } // if ddl/dml/...
- // check to continue in the loop
- hasMoreResultSets = stmt.getMoreResults();
- } // while results
- CallableStatement cstmt = con.prepareCall( "call multi_query()" );
- boolean hasMoreResultSets = cstmt.execute();
- READING_QUERY_RESULTS:
- while ( hasMoreResultSets ) {
- Resultset rs = stmt.getResultSet();
- // handle your rs here
- } // while has more rs
- Statement s = c.createStatement();
- String s1 = "update emp set name='abc' where salary=984";
- String s2 = "insert into emp values ('Osama',1420)";
- s.addBatch(s1);
- s.addBatch(s2);
- s.executeBatch();
- &
- url="jdbc:mysql://localhost/glyndwr?autoReconnect=true&allowMultiQueries=true"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
