inboxs
diff --git a/‎.idea/workspace.xml‎
Lines changed: 37 additions & 5 deletions b/‎.idea/workspace.xml‎
Lines changed: 37 additions & 5 deletions
diff --git a/‎README.md‎
Lines changed: 11 additions & 6 deletions b/‎README.md‎
Lines changed: 11 additions & 6 deletions
diff --git a/‎src/main/java/com/suyu/secexample/fastjson/controller/fastjsoncontroller.java‎
Lines changed: 23 additions & 16 deletions b/‎src/main/java/com/suyu/secexample/fastjson/controller/fastjsoncontroller.java‎
Lines changed: 23 additions & 16 deletions
diff --git a/‎src/main/java/com/suyu/secexample/messageecho/controller/messagecontroller.java‎
Lines changed: 2 additions & 2 deletions b/‎src/main/java/com/suyu/secexample/messageecho/controller/messagecontroller.java‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/main/resources/templates/fastjson/fastjson.html‎
Lines changed: 37 additions & 8 deletions b/‎src/main/resources/templates/fastjson/fastjson.html‎
Lines changed: 37 additions & 8 deletions
diff --git a/‎src/main/resources/templates/fastjson/fastjsonoutput.html‎
Lines changed: 0 additions & 3 deletions b/‎src/main/resources/templates/fastjson/fastjsonoutput.html‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎src/main/resources/templates/messageecho/messageecho.html‎
Lines changed: 2 additions & 6 deletions b/‎src/main/resources/templates/messageecho/messageecho.html‎
Lines changed: 2 additions & 6 deletions
diff --git a/‎target/classes/com/suyu/secexample/fastjson/controller/fastjsoncontroller.class‎
-583 Bytes b/‎target/classes/com/suyu/secexample/fastjson/controller/fastjsoncontroller.class‎
-583 Bytes
diff --git a/‎target/classes/com/suyu/secexample/messageecho/controller/messagecontroller.class‎
-13 Bytes b/‎target/classes/com/suyu/secexample/messageecho/controller/messagecontroller.class‎
-13 Bytes
diff --git a/‎target/classes/templates/fastjson/fastjson.html‎
Lines changed: 37 additions & 8 deletions b/‎target/classes/templates/fastjson/fastjson.html‎
Lines changed: 37 additions & 8 deletions
@@ -13,7 +13,7 @@
 
 ### Docker启动
 
-```git
+```
 git clone https://github.com/tangxiaofeng7/SecExample.git
 cd SecExample
 docker-compose up -d
@@ -26,20 +26,25 @@ docker-compose up -d
 ### 本地调试
 
 ##### 下载源码：
-```git
+```
 git clone https://github.com/tangxiaofeng7/SecExample.git
 ```
 ##### 使用idea导入
 
 ##### 编辑 src/main/resources/application.yml 的数据库配置
 ```
-#    url: jdbc:mysql://localhost:3306/mybatis?serverTimezone=UTC&useSSL=false
-    url: jdbc:mysql://mysql-db:3306/mybatis?serverTimezone=UTC&useSSL=false&allowPublicKeyRetrieval=true
+#url: jdbc:mysql://localhost:3306/mybatis?serverTimezone=UTC&useSSL=false
+url: jdbc:mysql://mysql-db:3306/mybatis?serverTimezone=UTC&useSSL=false&allowPublicKeyRetrieval=true
 ```
 修改为
 ```
-    url: jdbc:mysql://localhost:3306/mybatis?serverTimezone=UTC&useSSL=false
-#    url: jdbc:mysql://mysql-db:3306/mybatis?serverTimezone=UTC&useSSL=false&allowPublicKeyRetrieval=true
+url: jdbc:mysql://localhost:3306/mybatis?serverTimezone=UTC&useSSL=false
+#url: jdbc:mysql://mysql-db:3306/mybatis?serverTimezone=UTC&useSSL=false&allowPublicKeyRetrieval=true
+```
+并且修改mysql用户名密码
+```
+username: root
+password: 你的mysql密码
 ```
 ##### 本地启动mysql数据库
 启动数据库：
 
@@ -2,35 +2,42 @@
 
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
-import com.alibaba.fastjson.parser.Feature;
-import com.alibaba.fastjson.serializer.SerializerFeature;
 import com.suyu.secexample.fastjson.model.User;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.*;
 
+
 @Controller
 public class fastjsoncontroller {
 
     @GetMapping("/fastjson")
     public String input(){
-
-        User user = new User();
-        user.setAge("18");
-        user.setUsername("txf");
-        String ser1 = JSON.toJSONString(user);
-        System.out.println(ser1);
-        String ser2 = JSON.toJSONString(user, SerializerFeature.WriteClassName);
-        System.out.println(ser2);
+//
+//        User user = new User();
+//        user.setAge("18");
+//        user.setUsername("txf");
+//        String ser1 = JSON.toJSONString(user);
+//        System.out.println(ser1);
+//        String ser2 = JSON.toJSONString(user, SerializerFeature.WriteClassName);
+//        System.out.println(ser2);
         return "fastjson/fastjson";
     }
 
-    @PostMapping("/fastjsonoutput")
-    public String outputmessage(@RequestParam("data") String data, Model model){
-        JSONObject ser2 = JSON.parseObject(data, Feature.SupportNonPublicField);
-        JSONObject result = new JSONObject(ser2);
-        result.put("18",ser2.get("name"));
-        model.addAttribute("result",result);
+    User user = new User();
+
+    @RequestMapping ("fastjson")
+    public String fastjson1(@RequestBody String jsonData, Model model) {
+            JSONObject jsonObject = JSON.parseObject(jsonData);
+            user.setAge(jsonObject.get("age").toString());
+            user.setUsername(jsonObject.get("username").toString());
+            model.addAttribute("result",user);
+        return "fastjson/fastjsonoutput";
+        }
+
+    @RequestMapping ("fastjson2")
+    public String fastjson2( Model model) {
+        model.addAttribute("result",user);
         return "fastjson/fastjsonoutput";
     }
 }
@@ -28,10 +28,10 @@ public String getcode(Model model){
 
     @PostMapping("/messageecho/testcode")
     public String testcode(Integer code1,Model model){
-        String result ="登陆失败";
+        String result ="fail";
         if (code1 != null && code1 != 0 &&Code == code1){
             System.out.println(true);
-            result ="登陆成功";
+            result ="sueecss";
         }
         model.addAttribute("code1",result);
         return "messageecho/messageechooutput";
 
@@ -4,7 +4,10 @@
     <meta charset="UTF-8">
     <title>Java漏洞靶场</title>
     <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/semantic.min.css">
+    <script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script>
 </head>
+
+
 <body>
 
 <div style="padding: 40px;
@@ -15,17 +18,43 @@ <h1>Java漏洞演示平台</h1>
     <button class="ui inverted secondary basic button"><a style="color: white" th:href="home">回到首页</a></button>
 </div>
 
+<div style="text-align: center;margin: 0px auto;
+     margin-top: 50px;">
+<input id="username" type="text" placeholder="请输入用户名">
+<input id="age" type="text" placeholder="请输入年龄">
+<input id="start" type="submit" value="提交">
+<p></p>
+</div>
 
 
+<script>
+$("#start").click(function () {
+        var user= {
+        "username" : $("#username").val(),
+        "age" : $("#age").val()
+        };
+        $.ajax({
+            type : "POST",
+            async : true,
+            contentType: "application/json; charset=utf-8",
+            data : JSON.stringify(user),
+            dataType : 'json',
+            success : function(){
+　　　　　　      alert('成功');
+                window.location.href ="../fastjson2";
+            },
+            error : function(){
+　　　　　　      alert('确定');
+                window.location.href ="../fastjson2";
+            },
+        })
+    }
+);
+
+</script>
 
-<form th:action="@{/fastjsonoutput}" method="post" style="text-align: center;margin: 0px auto;
-     margin-top: 50px;"  border="10">
-    <input type="text" name="data" placeholder="请输入用户名查找">
-    <input type="submit" value="提交">
-    <p></p>
-    <p>提示：{"age":18,"username":"txf"}</p>
-</form>
 
 
 </body>
-</html>
+</html>
+
@@ -18,9 +18,6 @@ <h1>Java漏洞演示平台</h1>
 <div style="text-align: center;margin: 0px auto;
      margin-top: 50px;">结果为：<p th:text="${result.username}"></p>今年<p th:text="${result.age}"></p>岁
 
-
 </div>
-
-
 </body>
 </html>
@@ -15,16 +15,12 @@ <h1>Java漏洞演示平台</h1>
     <button class="ui inverted secondary basic button"><a style="color: white" th:href="home">回到首页</a></button>
 </div>
 
-
-
-
-<form style="text-align: center;margin: 0px auto;margin-top: 50px;"  border="10">
+<div style="text-align: center;margin: 0px auto;margin-top: 50px;"  border="10">
     <div class="ui input">
         <input type="text" name="tele" placeholder="手机号码">
         <a class="ui button" th:href="@{/messageecho/getcode}">获取验证码</a>
     </div>
-</form>
-
+</div>
 
 </body>
 </html>
@@ -4,7 +4,10 @@
     <meta charset="UTF-8">
     <title>Java漏洞靶场</title>
     <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/semantic.min.css">
+    <script src="https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.js"></script>
 </head>
+
+
 <body>
 
 <div style="padding: 40px;
@@ -15,17 +18,43 @@ <h1>Java漏洞演示平台</h1>
     <button class="ui inverted secondary basic button"><a style="color: white" th:href="home">回到首页</a></button>
 </div>
 
+<div style="text-align: center;margin: 0px auto;
+     margin-top: 50px;">
+<input id="username" type="text" placeholder="请输入用户名">
+<input id="age" type="text" placeholder="请输入年龄">
+<input id="start" type="submit" value="提交">
+<p></p>
+</div>
 
 
+<script>
+$("#start").click(function () {
+        var user= {
+        "username" : $("#username").val(),
+        "age" : $("#age").val()
+        };
+        $.ajax({
+            type : "POST",
+            async : true,
+            contentType: "application/json; charset=utf-8",
+            data : JSON.stringify(user),
+            dataType : 'json',
+            success : function(){
+　　　　　　      alert('成功');
+                window.location.href ="../fastjson2";
+            },
+            error : function(){
+　　　　　　      alert('确定');
+                window.location.href ="../fastjson2";
+            },
+        })
+    }
+);
+
+</script>
 
-<form th:action="@{/fastjsonoutput}" method="post" style="text-align: center;margin: 0px auto;
-     margin-top: 50px;"  border="10">
-    <input type="text" name="data" placeholder="请输入用户名查找">
-    <input type="submit" value="提交">
-    <p></p>
-    <p>提示：{"age":18,"username":"txf"}</p>
-</form>
 
 
 </body>
-</html>
+</html>
+