您的位置: 首页  >  技术问答  >  如何使用 AES_ENCRYPT 在 MySQL 中编写更新查询?

如何使用 AES_ENCRYPT 在 MySQL 中编写更新查询?

分类: 技术问答 2022-05-31 11:12:54
问题描述:

这是我在用户想要更改密码时编写的代码.

This is my code that I wrote when user wants to change his password.

s2.executeUpdate("UPDATE user SET AES_ENCRYPT(password='"+newpw1+"','key') WHERE uid='"+pubvar.uid+"')");

但它不起作用,有人可以帮我纠正并发布吗?谢谢.

But it doesn't work, can someone correct it for me and post it? Thanks.

你的意思是,

UPDATE user 
SET password = AES_ENCRYPT('" + newpw1 + "','key') 
WHERE uid = '" + pubvar.uid + "')

最好使用PreparedStatement来防止SQL注入.

String _upd = "UPDATE user SET password = AES_ENCRYPT(?,'key') WHERE uid = ?)";
PreparedStatement pstmt = con.prepareStatement(_upd);
pstmt.setString(1, newpw1);
pstmt.setString(2, pubvar.uid);
pstmt.executeUpdate();

相关推荐