String getname()表示什么?

时间:2015-05-27 08:31:51

标签: java xml xpath

public class AttackName {

    /**
     * @param args the command line arguments
     */
    DatacenterBroker broker;
    String fname, lname1, card;

    public DatacenterBroker attack(String path, String fname, String lname) {
        try {


            String filepath = path;
            DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
            DocumentBuilder db = dbf.newDocumentBuilder();
            Document doc = db.parse(filepath);
            doc.getDocumentElement().normalize();
            System.out.println("attacker doing attack");
            System.out.println("xpath query #1");


            XPathFactory xpf = XPathFactory.newInstance();
            XPath xpath = xpf.newXPath();
            XPathExpression expr = xpath.compile("//employee[firstname/text()='"+fname+"']/credit_card/text()");

            Object res = expr.evaluate(doc, XPathConstants.NODESET);

            NodeList nodes = (NodeList) res;
            for (int i = 0; i < nodes.getLength(); i++) {
                card = nodes.item(i).getNodeValue();

            }

            XPathFactory xpf1 = XPathFactory.newInstance();
            XPath xpath1 = xpf1.newXPath();
            XPathExpression expr1 = xpath1.compile("//employee[firstname/text()='"+fname+"']/lastname/text()");

            Object res1 = expr1.evaluate(doc, XPathConstants.NODESET);

            NodeList nodes1 = (NodeList) res1;
            for (int i = 0; i < nodes1.getLength(); i++) {
                lname1 = nodes1.item(i).getNodeValue();

            }

            System.out.println("attacker doing attack");
            System.out.println("xpath query #2");
            xpf = XPathFactory.newInstance();
            xpath = xpf.newXPath();
            expr = xpath.compile("//employee[firstname/text()='efg' ]/credit_card/text()");

            res = expr.evaluate(doc, XPathConstants.NODESET);

            nodes = (NodeList) res;
            for (int i = 0; i < nodes.getLength(); i++) {
                System.out.println(nodes.item(i).getNodeValue());
            }

            System.out.println("attacker doing attack");

            System.out.println("xpath query #3");
            xpf = XPathFactory.newInstance();
            xpath = xpf.newXPath();
            expr = xpath.compile("//employee[firstname/text()='"+fname+"' and lastname/text()='']/credit_card/text()");

            }

            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return broker;
    }

    public String getLname(){        
        return lname1;
    }

    public String getCard(){
        return card;
    }
}

我在做xpath注入攻击?我有我的代码。我想了解代码。剩下的很好。但我想知道String getLname()和String getcard()在代码中表示什么?

提前感谢。

3 个答案:

答案 0 :(得分:0)

在我看来,系统中的每个代理都可能具有与其用户链接的特定名称和卡。我不知道是什么卡片&#39;但是所有函数都返回一个字符串。我想这个名字和卡片必须设置在系统的其他地方,并且它们会在某些点用于攻击功能,以改变用户所发生的事情。攻击功能对我来说并没有多大意义,因为我看到三块几乎重复的代码,但不要介意我......

答案 1 :(得分:0)

String getLname()String getCard()返回成员变量。但是,在该代码段中,它们可能未初始化,即如果文件不包含有效数据,则返回null

答案 2 :(得分:0)

这两种方法:

public String getLname()
public String getCard()

允许其他类的类能够获得或阅读类的lnamecard

让我们更好地解释一下。首先检查此表:

访问级别

Modifier    Class   Package Subclass    World
public      Y       Y       Y           Y
protected   Y       Y       Y           N
no modifier Y       Y       N           N
private     Y       N       N           N

你没有修饰符:

String fname, lname1, card;

因此,此属性仅在您的班级中可见,而其他人则在同一个包中。

此方法称为getters,并且有兄弟setters。这是nice practice:您将类字段声明为私有:

private String myAttribute;

并且对您的属性进行受保护的访问和修改,您可以放置​​验证,检查和任何您想要的内容:

public String getMyAttribute() {
    // safe return (if null returns "")
    return this.myAttribute == null ? "" : this.myAttribute;
}

public void setMyAttribute(String myAttribute) {
    // validations
    if (myAttribute.startsWith("My") {
       this.myAttribute = myAttribute;
    } else {
       this.myAttribute = "My" + myAttribute;
    }
}