下面列出了javax.servlet.http.HttpServletRequest#getParameterNames() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* Only interested in the parameters and values for POST requests.
*/
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
// Just echo the parameters and values back as plain text
resp.setContentType("text/plain");
PrintWriter out = resp.getWriter();
// Assume one value per attribute
Enumeration<String> names = req.getParameterNames();
while (names.hasMoreElements()) {
String name = names.nextElement();
out.println(name + "=" + req.getParameter(name));
}
}
private HttpEntity createEntity(HttpServletRequest servletRequest) throws IOException {
final String contentType = servletRequest.getContentType();
// body with 'application/x-www-form-urlencoded' is handled by tomcat therefore we cannot
// obtain it through input stream and need some workaround
if (ContentType.APPLICATION_FORM_URLENCODED.getMimeType().equals(contentType)) {
List<NameValuePair> entries = new ArrayList<>();
// obviously that we also copy params from url, but we cannot differentiate its
Enumeration<String> names = servletRequest.getParameterNames();
while (names.hasMoreElements()) {
String name = names.nextElement();
entries.add(new BasicNameValuePair(name, servletRequest.getParameter(name)));
}
return new UrlEncodedFormEntity(entries, servletRequest.getCharacterEncoding());
}
// Add the input entity (streamed)
// note: we don't bother ensuring we close the servletInputStream since the container handles it
return new InputStreamEntity(servletRequest.getInputStream(),
servletRequest.getContentLength(),
ContentType.create(contentType));
}
/**
* Set the admin login next url
*
* @param request
* the HTTP request
*/
public void setLoginNextUrl( HttpServletRequest request )
{
String strNextUrl = request.getRequestURI( );
UrlItem url = new UrlItem( strNextUrl );
Enumeration enumParams = request.getParameterNames( );
while ( enumParams.hasMoreElements( ) )
{
String strParamName = (String) enumParams.nextElement( );
url.addParameter( strParamName, request.getParameter( strParamName ) );
}
HttpSession session = request.getSession( true );
session.setAttribute( ATTRIBUTE_ADMIN_LOGIN_NEXT_URL, url.getUrl( ) );
}
/**
* 异步将访问信息丢到卡夫卡
* @param request
* @throws Exception
*/
private void saveLogToKafka(HttpServletRequest request) throws Exception {
// TODO 按照约定好的格式存放日志数据
Map<String, String> map = new HashMap<>();
map.put("userId", (String) request.getSession().getAttribute(GlobalConstant.USE_ID));
map.put("ip", ApiTools.getIpAddr(request));
map.put("url", request.getRequestURI());
map.put("time", DateUtils.getDateTime());
map.put("agent", request.getHeader("USER-AGENT"));
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.append("参数:");
Enumeration<String> paramers = request.getParameterNames();
while (paramers.hasMoreElements()) {
String key = paramers.nextElement();
stringBuilder.append(key + "=" + request.getParameter(key));
}
map.put("paramers", stringBuilder.toString());
log.info("saveToKafka : " + JSONObject.toJSONString(map));
kafkaClientUtil.send(JSONObject.toJSONString(map));
}
/**
* Iterates through and logs (at the given level) all attributes and
* parameters of the given request onto the given Logger
*
* @param request
* @param logger
*/
public static void logRequestContents(Logger logger, Level level, HttpServletRequest request) {
if (logger.isEnabledFor(level)) {
logger.log(level, "--------------------");
logger.log(level, "HttpRequest attributes:");
for (Enumeration e = request.getAttributeNames(); e.hasMoreElements();) {
String attrName = (String) e.nextElement();
Object attrValue = request.getAttribute(attrName);
if (attrValue.getClass().isArray()) {
logCollection(logger, level, attrName, Arrays.asList((Object[]) attrValue));
}
else if (attrValue instanceof Collection) {
logCollection(logger, level, attrName, (Collection) attrValue);
}
else if (attrValue instanceof Map) {
logMap(logger, level, attrName, (Map) attrValue);
}
else {
logObject(logger, level, attrName, attrValue);
}
}
logger.log(level, "--------------------");
logger.log(level, "HttpRequest parameters:");
for (Enumeration i = request.getParameterNames(); i.hasMoreElements();) {
String paramName = (String) i.nextElement();
String[] paramValues = (String[]) request.getParameterValues(paramName);
logArray(logger, level, paramName, paramValues);
}
logger.log(level, "--------------------");
}
}
@Override
protected void doGet(
HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
if (_log.isInfoEnabled()) {
_log.info("VNPostNGSPServlet doGet");
} else {
System.out.println("VNPostNGSPServlet doGet sys");
}
try {
Enumeration<String> enumeration = request.getParameterNames();
Map<String, Object> modelMap = new HashMap<>();
while (enumeration.hasMoreElements()) {
String parameterName = enumeration.nextElement();
modelMap.put(
parameterName, request.getParameter(parameterName));
_log.info(
parameterName +
"=" +
request.getParameter(parameterName));
}
String tokenUrl = request.getParameter("tokenUrl");
String consumer_key = request.getParameter("consumer_key");
String secret_key = request.getParameter("secret_key");
System.out.println(tokenUrl + consumer_key + secret_key);
getToken(tokenUrl, consumer_key, secret_key);
}
catch (Exception e) {
_log.error(e);
}
_writeSampleHTML(response);
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest02341")) {
param = name;
flag = false;
}
}
}
}
String bar = doSomething(request, param);
String cmd = org.owasp.benchmark.helpers.Utils.getInsecureOSCommandString(this.getClass().getClassLoader());
String[] args = {cmd};
String[] argsEnv = { bar };
Runtime r = Runtime.getRuntime();
try {
Process p = r.exec(args, argsEnv, new java.io.File(System.getProperty("user.dir")));
org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
} catch (IOException e) {
System.out.println("Problem executing cmdi - TestCase");
response.getWriter().println(
org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
);
return;
}
}
/**
* Gets mailing lists from request.
*/
protected Vector<String> getMailinglistsFromRequest(HttpServletRequest req) {
String aParam = null;
Vector<String> mailingLists = new Vector<>();
Enumeration<String> e = req.getParameterNames();
while (e.hasMoreElements()) {
aParam = e.nextElement();
if (aParam.startsWith("agn_mlid_")) {
mailingLists.add(aParam.substring(9));
}
}
return mailingLists;
}
/**
* dingTalkMessage:(发送钉钉消息)
* @author: airufei
* @date:2018/1/3 18:08
* @return:
*/
private void dingTalkMessage(HttpServletRequest request, Throwable throwable) {
Enumeration<String> enu = request.getParameterNames();
String requestUrl = request.getRequestURI();
StringBuilder sb = new StringBuilder();
while (enu.hasMoreElements()) {
String paraName = enu.nextElement();
sb.append(" " + paraName + ":" + request.getParameter(paraName));
}
String stackMessage = StringUtil.getExceptionMsg(throwable);
String url = StringUtil.getSystemUrl(request) + requestUrl;
logger.error(stackMessage);
sysCommonService.sendDingMessage(requestUrl,sb.toString(),null,stackMessage,this.getClass());
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest01444")) {
param = name;
flag = false;
}
}
}
}
String bar = new Test().doSomething(request, param);
String cmd = org.owasp.benchmark.helpers.Utils.getInsecureOSCommandString(this.getClass().getClassLoader());
String[] argsEnv = { bar };
Runtime r = Runtime.getRuntime();
try {
Process p = r.exec(cmd, argsEnv);
org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
} catch (IOException e) {
System.out.println("Problem executing cmdi - TestCase");
response.getWriter().println(
org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
);
return;
}
}
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String text = req.getParameter("data");
String sourceLang = req.getParameter("sourceLang");
String targetLang = req.getParameter("targetLang");
Enumeration<String> paramNames = req.getParameterNames();
while (paramNames.hasMoreElements()) {
String paramName = paramNames.nextElement();
logger.warning("Param name: " + paramName + " = " + req.getParameter(paramName));
}
Publisher publisher = (Publisher) getServletContext().getAttribute("publisher");
PubsubMessage pubsubMessage =
PubsubMessage.newBuilder()
.setData(ByteString.copyFromUtf8(text))
.putAttributes("sourceLang", sourceLang)
.putAttributes("targetLang", targetLang)
.build();
try {
publisher.publish(pubsubMessage).get();
} catch (InterruptedException | ExecutionException e) {
throw new ServletException("Exception publishing message to topic.", e);
}
resp.sendRedirect("/");
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest01463")) {
param = name;
flag = false;
}
}
}
}
String bar = new Test().doSomething(request, param);
String sql = "{call " + bar + "}";
try {
java.sql.Connection connection = org.owasp.benchmark.helpers.DatabaseHelper.getSqlConnection();
java.sql.CallableStatement statement = connection.prepareCall( sql, java.sql.ResultSet.TYPE_FORWARD_ONLY,
java.sql.ResultSet.CONCUR_READ_ONLY, java.sql.ResultSet.CLOSE_CURSORS_AT_COMMIT );
java.sql.ResultSet rs = statement.executeQuery();
org.owasp.benchmark.helpers.DatabaseHelper.printResults(rs, sql, response);
} catch (java.sql.SQLException e) {
if (org.owasp.benchmark.helpers.DatabaseHelper.hideSQLErrors) {
response.getWriter().println(
"Error processing request."
);
return;
}
else throw new ServletException(e);
}
}
private HttpTestData parseTestData(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
HttpTestData data = new HttpTestData();
data.setCode(200);
data.setOrigin(req.getRemoteAddr());
data.setUrl(req.getRequestURL().toString());
Enumeration<String> parameterNames = req.getParameterNames();
while (parameterNames.hasMoreElements()) {
String paramName = parameterNames.nextElement();
String[] paramValues = req.getParameterValues(paramName);
switch (paramName) {
case "code": {
data.setCode(Integer.parseInt(paramValues[0]));
break;
}
case "delay": {
data.setDelay(Integer.parseInt(paramValues[0]));
break;
}
}
data.getArgs().put(paramName, paramValues);
}
Enumeration<String> headerNames = req.getHeaderNames();
while (headerNames.hasMoreElements()) {
String headerName = headerNames.nextElement();
Enumeration<String> headerValues = req.getHeaders(headerName);
List<String> headerList = new ArrayList<>();
while (headerValues.hasMoreElements()) {
headerList.add(headerValues.nextElement());
}
data.getHeaders().put(headerName, headerList.toArray(new String[]{}));
}
data.setBody(IOUtils.toString(req.getReader()));
if (data.getDelay() > 0) {
try {
Thread.sleep(data.getDelay());
} catch (InterruptedException e) {
//Ignore
}
}
return data;
}
HttpParams(HttpServletRequest request) {
for (Enumeration e = request.getParameterNames(); e.hasMoreElements(); ) {
String name = (String)e.nextElement();
iParams.put(name, request.getParameterValues(name));
}
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest02345")) {
param = name;
flag = false;
}
}
}
}
String bar = doSomething(request, param);
try {
java.util.Random numGen = java.security.SecureRandom.getInstance("SHA1PRNG");
// Get 40 random bytes
byte[] randomBytes = new byte[40];
getNextNumber(numGen, randomBytes);
String rememberMeKey = org.owasp.esapi.ESAPI.encoder().encodeForBase64(randomBytes, true);
String user = "SafeBystander";
String fullClassName = this.getClass().getName();
String testCaseNumber = fullClassName.substring(fullClassName.lastIndexOf('.')+1+"BenchmarkTest".length());
user+= testCaseNumber;
String cookieName = "rememberMe" + testCaseNumber;
boolean foundUser = false;
javax.servlet.http.Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (int i = 0; !foundUser && i < cookies.length; i++) {
javax.servlet.http.Cookie cookie = cookies[i];
if (cookieName.equals(cookie.getName())) {
if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
foundUser = true;
}
}
}
}
if (foundUser) {
response.getWriter().println(
"Welcome back: " + user + "<br/>"
);
} else {
javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
rememberMe.setSecure(true);
// rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet
// e.g., /benchmark/sql-01/BenchmarkTest01001
request.getSession().setAttribute(cookieName, rememberMeKey);
response.addCookie(rememberMe);
response.getWriter().println(
user + " has been remembered with cookie: " + rememberMe.getName()
+ " whose value is: " + rememberMe.getValue() + "<br/>"
);
}
} catch (java.security.NoSuchAlgorithmException e) {
System.out.println("Problem executing SecureRandom.nextBytes() - TestCase");
throw new ServletException(e);
} finally {
response.getWriter().println(
"Randomness Test java.security.SecureRandom.nextBytes(byte[]) executed"
);
}
}
/**
* format this message as a string
* TODO mmccune - fill out the email properly with the entire
* request values
* @return Text of email.
*/
public String toText() {
StringWriter sw = new StringWriter();
PrintWriter out = new PrintWriter(sw);
LocalizationService ls = LocalizationService.getInstance();
HttpServletRequest request = getRequest();
User user = getUser();
if (request != null) {
out.println(ls.getMessage("traceback message header"));
out.print(request.getMethod());
out.println(" " + request.getRequestURI());
out.println();
out.print(ls.getMessage("date", getUserLocale()));
out.print(":");
out.println(ls.getBasicDate());
out.print(ls.getMessage("headers", getUserLocale()));
out.println(":");
Enumeration e = request.getHeaderNames();
while (e.hasMoreElements()) {
String headerName = (String) e.nextElement();
out.print(" ");
out.print(headerName);
out.print(": ");
out.println(request.getHeader(headerName));
}
out.println();
out.print(ls.getMessage("request", getUserLocale()));
out.println(":");
out.println(request.toString());
if (request.getMethod() != null &&
request.getMethod().equals("POST")) {
out.print(ls.getMessage("form variables", getUserLocale()));
out.println(":");
Enumeration ne = request.getParameterNames();
while (ne.hasMoreElements()) {
String paramName = (String) ne.nextElement();
out.print(" ");
out.print(paramName);
out.print(": ");
if (paramName.equals("password")) {
out.println(HASHES);
}
else {
out.println(request.getParameter(paramName));
}
}
out.println();
}
}
else {
out.print(ls.getMessage("date", getUserLocale()));
out.print(":");
out.println(ls.getBasicDate());
out.println();
out.print(ls.getMessage("request", getUserLocale()));
out.println(":");
out.println("No request information");
out.println();
}
out.println();
out.print(ls.getMessage("user info"));
out.println(":");
if (user != null) {
out.println(user.toString());
}
else {
out.println(ls.getMessage("no user loggedin", getUserLocale()));
}
out.println();
out.print(ls.getMessage("exception", getUserLocale()));
out.println(":");
if (throwable != null) {
throwable.printStackTrace(out);
}
else {
out.println("no throwable");
}
out.close();
return sw.toString();
}
@Override
protected HashMap<String, Object> getTemplateContext(Template template, HttpServletRequest req, HttpMethod method, String action, User user) throws ActionException {
String editAction=req.getParameter("editaction");
if(editAction==null || editAction.length()==0) editAction="userlist";
HashMap<String,Object> params=super.getTemplateContext(template, req, method, action, user);
String userName=req.getParameter("user");
if(userName!=null) userName=userName.trim();
if(userName!=null && userName.length()==0) userName=null;
User userObject=null;
String view="userlist";
String error=null;
try{
if(editAction.equals("userlist")){
// no side effects, do nothing
}
else if(editAction.equals("viewuser")){
view="user";
// just check that the user is valid
if(userName!=null) userObject=userStore.getUser(userName);
}
else if(editAction.equals("edituser") || editAction.equals("edituserlist")){
view="user";
if(editAction.equals("edituserlist")) view="userlist";
if(userName!=null) {
userObject=userStore.getUser(userName);
if(userObject!=null){
Enumeration<String> paramNames=req.getParameterNames();
while(paramNames.hasMoreElements()){
String key=paramNames.nextElement();
String[] values=req.getParameterValues(key);
for(String value : values){
value=value.trim();
if(key.equals("setoption")){
int ind=value.indexOf("=");
if(ind<0) userObject.setOption(value, "");
else {
String k=value.substring(0,ind);
String v=value.substring(ind+1);
userObject.setOption(k,v);
}
}
else if(key.equals("removeoption")){
userObject.removeOption(value);
}
else if(key.equals("addrole")){
userObject.addRole(value);
}
else if(key.equals("removerole")){
userObject.removeRole(value);
}
}
}
if(!userObject.saveUser()) error="NOEDIT";
}
}
}
else if(editAction.equals("deleteuser")){
if(userName!=null) {
if(!userStore.deleteUser(userName)) error="NODELETE";
}
}
else if(editAction.equals("newuser")){
view="user";
if(userName!=null) {
userObject=userStore.newUser(userName);
if(userObject==null) error="NONEW";
}
}
else return null;
if(view.equals("user") && userObject==null) {
if(error==null) error="INVALIDUSER";
view="userlist";
}
if(view.equals("userlist")){
params.put("allUsers",userStore.getAllUsers());
}
else {
params.put("user",userObject);
}
}catch(UserStoreException use){
if(error==null) error="USERSTORE";
}
params.put("editView",view);
params.put("error",error);
return params;
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest00580")) {
param = name;
flag = false;
}
}
}
}
String bar = "";
if (param != null) {
bar = new String( org.apache.commons.codec.binary.Base64.decodeBase64(
org.apache.commons.codec.binary.Base64.encodeBase64( param.getBytes() ) ));
}
try {
double rand = java.security.SecureRandom.getInstance("SHA1PRNG").nextDouble();
String rememberMeKey = Double.toString(rand).substring(2); // Trim off the 0. at the front.
String user = "SafeDonna";
String fullClassName = this.getClass().getName();
String testCaseNumber = fullClassName.substring(fullClassName.lastIndexOf('.')+1+"BenchmarkTest".length());
user+= testCaseNumber;
String cookieName = "rememberMe" + testCaseNumber;
boolean foundUser = false;
javax.servlet.http.Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (int i = 0; !foundUser && i < cookies.length; i++) {
javax.servlet.http.Cookie cookie = cookies[i];
if (cookieName.equals(cookie.getName())) {
if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
foundUser = true;
}
}
}
}
if (foundUser) {
response.getWriter().println(
"Welcome back: " + user + "<br/>"
);
} else {
javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
rememberMe.setSecure(true);
// rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet
// e.g., /benchmark/sql-01/BenchmarkTest01001
request.getSession().setAttribute(cookieName, rememberMeKey);
response.addCookie(rememberMe);
response.getWriter().println(
user + " has been remembered with cookie: " + rememberMe.getName()
+ " whose value is: " + rememberMe.getValue() + "<br/>"
);
}
} catch (java.security.NoSuchAlgorithmException e) {
System.out.println("Problem executing SecureRandom.nextDouble() - TestCase");
throw new ServletException(e);
}
response.getWriter().println(
"Weak Randomness Test java.security.SecureRandom.nextDouble() executed"
);
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest00574")) {
param = name;
flag = false;
}
}
}
}
String bar;
// Simple ? condition that assigns param to bar on false condition
int num = 106;
bar = (7*42) - num > 200 ? "This should never happen" : param;
String cmd = org.owasp.benchmark.helpers.Utils.getInsecureOSCommandString(this.getClass().getClassLoader());
String[] argsEnv = { bar };
Runtime r = Runtime.getRuntime();
try {
Process p = r.exec(cmd, argsEnv);
org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
} catch (IOException e) {
System.out.println("Problem executing cmdi - TestCase");
response.getWriter().println(
org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
);
return;
}
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
String param = "";
boolean flag = true;
java.util.Enumeration<String> names = request.getParameterNames();
while (names.hasMoreElements() && flag) {
String name = (String) names.nextElement();
String[] values = request.getParameterValues(name);
if (values != null) {
for(int i=0;i<values.length && flag; i++){
String value = values[i];
if (value.equals("BenchmarkTest00595")) {
param = name;
flag = false;
}
}
}
}
String bar;
// Simple ? condition that assigns param to bar on false condition
int num = 106;
bar = (7*42) - num > 200 ? "This should never happen" : param;
String sql = "SELECT * from USERS where USERNAME=? and PASSWORD='"+ bar +"'";
try {
java.sql.Connection connection = org.owasp.benchmark.helpers.DatabaseHelper.getSqlConnection();
java.sql.PreparedStatement statement = connection.prepareStatement( sql, new String[] {"Column1","Column2"} );
statement.setString(1, "foo");
statement.execute();
org.owasp.benchmark.helpers.DatabaseHelper.printResults(statement, sql, response);
} catch (java.sql.SQLException e) {
if (org.owasp.benchmark.helpers.DatabaseHelper.hideSQLErrors) {
response.getWriter().println(
"Error processing request."
);
return;
}
else throw new ServletException(e);
}
}