查询db_shop数据库中admin_info表中的数据
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
Insert title here
<%=session.getId() %>
<%
String username = "";
String pwd = "";
//读取cookie
Cookie[] cookies = request.getCookies();
for(Cookie cookie:cookies){
if("username".equals(cookie.getName())){
username = cookie.getValue();
}
if("password".equals(cookie.getName())){
pwd = cookie.getValue();
}
}
%>
check.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%-- <%@page import="java.sql.DriverManager"%>
<%@page import="java.sql.Connection"%>
<%@page import="java.sql.Statement"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.PreparedStatement"%> --%>
<%@page import="java.sql.*" %>
<%@page import="com.weihai.dao.*" %>
Insert title here
<%
request.setCharacterEncoding("utf-8");
String username = request.getParameter("username");
String password = request.getParameter("password");
UserDao userDao = new UserDao();
boolean t = userDao.login(username,password);
if(t){//查询
//if("username".equals(name)&& "pwd".equals(psw)){
Cookie cookie1 = new Cookie("username",username);
Cookie cookie2 = new Cookie("password",password);
//存储cookie需要设置存活时间 秒
cookie1.setMaxAge(7*24*60*60);
cookie2.setMaxAge(7*24*60*60);
response.addCookie(cookie1);
response.addCookie(cookie2);
session.setAttribute("username", username);
session.setAttribute("password", password);
session.setMaxInactiveInterval(1);
/* rs.close();
userDao.pt.close();
userDao.conn.close(); */
response.sendRedirect("success.jsp");
}
else{
response.sendRedirect("error.jsp");
}
%>
query.jsp
<%@page import="java.util.ArrayList"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@page import="java.sql.*" %>
<%@page import="com.weihai.bean.*,com.weihai.dao.*" %>
<%@page import="java.util.*" %>
Insert title here
<%
UserDao userDao = new UserDao();
ArrayList users = userDao.queryAll();
//遍历结果集
for(int i=0;i ");
}
%>
在src下建一个com.weihai.bean包并建一个java文件
User.java
package com.weihai.bean;
import java.io.Serializable;
//表示数据的javabean
//成员变量私有
//提供公开的set和get方法
public class User implements Serializable{
/**
* 成员变量根据表中的字段确定
*/
private static final long serialVersionUID = 1L;
private int id;
private String username;
private String password;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
在src下建一个com.weihai.bean包并建一个java文件
userDao.java
package com.weihai.dao;
import java.awt.desktop.UserSessionEvent;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import com.mysql.jdbc.Connection;
import com.weihai.bean.User;
public class UserDao {
//成员变量
//成员方法:方法定义三要素:方法名、参数、返回值
public Connection conn = null;
public PreparedStatement pt = null;
public boolean login(String username,String password) {
ResultSet rs = null;
boolean t = false;
try {
Class.forName("com.mysql.jdbc.Driver");
}catch (ClassNotFoundException e) {
e.printStackTrace();
}
//创建数据库的连接
try {
conn = (Connection) DriverManager.getConnection("jdbc:mysql://localhost:3306/db_shop?serverTimezone=UTC","root","root");
}catch (SQLException e) {
e.printStackTrace();
}
//解决sql注入利用PreparedStatement
//PreparedStatement允许在sql语句中使用占位符?
//PreparedStatement的优点
//1.解决sql注入
//2.提高程序的可读性和可维护性
//3.执行效率高
String sql = "select * from admin_info where name=?and pwd=?";
try {
pt = conn.prepareStatement(sql);
//执行sql语句之前需要给参数赋值
pt.setString(1,username);
pt.setString(2,password);
//执行sql语句
rs = pt.executeQuery();
if(rs.next()) {
t = true;
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if(rs!=null) {
try {
rs.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if(pt!=null) {
try {
pt.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if(conn!=null) {
try {
conn.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return t;
}
public ArrayList queryAll() {
//2.访问数据库,查询用户名密码
//(1)加载数据库驱动
ArrayList users = new ArrayList();
ResultSet rs = null;
try {
Class.forName("com.mysql.jdbc.Driver");
}catch (ClassNotFoundException e) {
e.printStackTrace();
}
//创建数据库的连接
Connection conn = null;
try {
conn = (Connection) DriverManager.getConnection("jdbc:mysql://localhost:3306/db_shop?serverTimezone=UTC","root","root");
}catch (SQLException e) {
e.printStackTrace();
}//创建语句容器
Statement st = null;
try {
st = conn.createStatement();
} catch (SQLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
//执行sql语句
try {
rs = st.executeQuery("select * from admin_info");
} catch (SQLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
//遍历结果集
try {
while(rs.next()) {
User user = new User();
user.setId(rs.getInt("id"));
user.setUsername(rs.getString("name"));
user.setPassword(rs.getString("pwd"));
users.add(user);
}
} catch (SQLException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
//关闭数据库连接
if(rs!=null) {
try {
rs.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if(st!=null) {
try {
st.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
if(conn!=null) {
try {
conn.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return users;
}
}
success.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
成功页面
<%@ include file="validate.jsp"%>
<%
//String name = request.getParameter("userName");
//String name = (String)session.getAttribute("username");
%>
用户:<%= name %>
登录成功
error.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
错误页面
登录失败
重新登录
validate.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
Insert title here
<%
String name = (String)session.getAttribute("username");
if(name==null||name.isEmpty()){
response.sendRedirect("error_session.jsp");
}
%>