摘 要:在实际教学中,MySQL 数据库被经常应用于中小型网站或者系统开发。以一个基于B/S 架构的教务管理系统为例,对数据库的访问方式进行了研究。其中PHP 连接数据库无须使用连接池,连接速度较快;Java 在连接和关闭数据库时,JDBC 连接较慢,若采用一些持久层框架,那么访问数据库效率增加。为减少SQL 注入攻击,可在数据库设计时考虑存储程序设计思想等。
关键词:MySQL;PHP;Java;安全问题
中图分类号:TP311.13;TP309 文献标识码:A 文章编号:2096-4706(2020)21-0144-04
Discussion on MySQL Database Access and Security Issue Based on Teaching
ZHOU Xiaoli
(Sichuan Top IT Vocational Institute,Chengdu 611743,China)
Abstract:In practical teaching,MySQL database is often used in small and medium-sized websites or system development.Taking an educational administration management system based on B/S architecture as an example,the method of database access is studied. Among them,PHP does not need to use the connection pool to connect to the database,so the connection speed is faster;when Java connects and closes the database,JDBC connection is slower,if some persistence layer framework is adopted,the efficiency of accessing the database will be increased. In order to reduce SQL injection attacks,we can consider the idea of storage program design in database design.
Keywords:MySQL;PHP;Java;security issue
参考文献:
[1] 汪晓青.MySQL 数据库基础实例教程 [M]. 北京:人民邮电出版社,2020.
[2] 黑马程序员.PHP 网站开发实例教程:第2 版 [M]. 北京:人民邮电出版社,2020.
[3] 圣文顺,李晓明,刘进芬.Java Web 程序设计及项目实战:微课视频版 [J]. 北京:清华大学出版社,2020.
[4] 金涛,张启翔. 基于SQL 注入的Web 渗透技术取证方法的研究 [J]. 网络空间安全,2017,8(Z3):55-58.
作者简介:周小丽(1988.05—),女,汉族,川成都人,助理研究员,教师,本科,学士学位,研究方向:计算机技术。