0

我正在尝试使用正则表达式搜索字符串。例如:这是我的示例字符串

  **if (c == 0) {
                count = 0;
                du.insert(ipAddress, c);
            } else {
                count = c;
            }
            getDate();
            String query1 = "select * from loginmaster where  username = '" + username + "' and password = '" + password + "' ;";
            //out.println(query1);
            //out.println(request.getParameter("Group1"));
            session.setAttribute("group", request.getParameter("Group1"));
            if (count < 3) {
                if (request.getParameter("Group1").equals("With")) {
                    LoginQuery q = new LoginQuery();
                    checked = q.Checker(query1);
                    if (checked == false) {
                        connection.getConnection();
                        connection.getDML("insert into attack values('"+ipAddress+"','"+date+"','Attack Detected')");
                    }
                }**

我正在尝试使用正则表达式在此字符串中查找查询

String regExp = "\b(ALTER|CREATE|DELETE|DROP|EXEC(UTE){0,1}|INSERT( +INTO){0,1}|MERGE|SELECT|UPDATE|UNION( +ALL){0,1})\b";


String regExp = "(;|\\s)(exec|execute|select|insert|update|delete|create|alter|drop|rename|truncate|backup|restore)\\s";

但我没有得到任何输出或错误。

剩下的代码是:

    Pattern p = Pattern.compile(regExp, Pattern.CASE_INSENSITIVE);                
                while ((line = reader.readLine()) != null) {
                    Matcher m = p.matcher(line);
                    if (m.matches()) {
                        JOptionPane.showMessageDialog(this, "innnnnnnnnnn");
                        System.err.println(m.group(1));
                    }
}

请帮忙

4

1 回答 1

0

由于case mismatch ,您的正则表达式将与输入字符串不匹配。

您的正则表达式以大写形式编写,但您的输入字符串包含小写匹配项。因此,要么使正则表达式不区分大小写,要么将其转换为小写

顺便说一句,您的正则表达式无法分离查询insert into attack ...和方法:du.insert(ipAddress, c);

于 2012-08-06T11:04:52.233 回答