81,119
社区成员




String sql="select count(*) coun from UserT where UserName like '" + login_name + "' and password like '" + password + "'";
ResultSet rs=st.executeQuery(sql);
session.setAttribute("grade","");
session.setAttribute("BranchID","");
session.setAttribute("NodeID","");
session.setAttribute("UserPrivate","");
session.setAttribute("UserID","");
while(rs.next()){
int count = rs.getInt("coun");
if(count > 0){//表示存在该用户,且密码正确
String sql2 ="select UserID,grade,BranchID,NodeID from UserT where UserName like '" + login_name + "' and password like '" + password + "'";
ResultSet rs2=st.executeQuery(sql2);
rs2.next();
session.setAttribute("login_flag",1);
session.setAttribute("UserName",request.getParameter("login_name"));
//session.setAttribute("UserID",rs.getInt("UserID"));
session.setAttribute("grade",rs2.getInt("grade"));
//session.setAttribute("BranchID",(rs2.getString("BranchID")).trim());
//if((rs2.getString("BranchID")).trim()=="")
//session.setAttribute("BranchID", "-1");
//session.setAttribute("NodeID",(rs2.getString("NodeID")).trim());
// if((rs2.getString("NodeID")).trim()=="")
// session.setAttribute("NodeID", "-1");
//Session.setAttribute("BranchName",GetBranchName(Session.getAttribute("BranchID")));
//session.setAttribute("NodeName",GetNodeName(session.getAttribute("BranchID"),session.getAttribute("NodeID"));
//WriteLogDB("登录成功");
Statement st_suc;
String sql_suc="insert into UserOpert(UserName,Operation,grade) Values('" +session.getAttribute("UserName") + "','登陆成功','" + session.getAttribute("grade") + "')";
st_suc=conn.createStatement();
st_suc.execute(sql_suc);
response.sendRedirect("main.jsp");
} else {//用户名或密码错误
Statement st_fail;
String sql_fail="insert into UserOpert(UserName,Operation,grade) Values('" +session.getAttribute("UserName") + "','登陆成功','" + session.getAttribute("grade") + "')";
st_fail=conn.createStatement();
st_fail.execute(sql_fail);
response.sendRedirect("Login.jsp");
}
}
rs.close();
st.close();
conn.close();
%>