27,579
社区成员
发帖
与我相关
我的任务
分享
<%@ page language="java" pageEncoding="GBK"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html> <head>
<title>登录页面</title>
<script>
function ope(){
window.open('${pageContext.request.contextPath}/account_list.htm',"","sFeatures=yes,height =400,width=700");
}
function setvalue(){
document.all.name.value="";
document.all.pwd.value="";
}
</script>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<link rel="stylesheet" type="text/css" href="${pageContext.request.contextPath}/css/mycss.css" />
<link rel="stylesheet" type="text/css" href="${pageContext.request.contextPath}/css/style.css" />
<style type="text/css">
<!--
.style1 {color: #333366;FONT-WEIGHT: bold; FONT-SIZE: 14px;}
.myinput {
border: 1px solid;
border-color:#7EB5C5;
color:#2A00FF
}
-->
</style>
</head>
<body >
<center><br><br><br><br><br>
<table width="610" height="341" border="0" align="center" background="images/userlogin.gif">
<tr>
<td width="610" height="335">
<form action="LoginCheck" method="post" name="login">
<table width="" height="172" border="0" align="center">
<tr>
<td width="85" height="30"> </td>
<td width="136"> </td>
</tr>
<tr>
<td colspan="2" align="center">
<%
String login_error=request.getParameter("login_error");
String notlogin=request.getParameter("notlogin");
String tologin=request.getParameter("tologin");
if(login_error!=null){
%>
<font color="#CC3333">对不起,您的用户名或密码有误,请重写输入!</font>
<%
}
else if("yes".equals(notlogin)){
%>
<font color="#CC3333">您尚未登陆,请先登陆!</font>
<%
}
else if("yes".equals(tologin)){
%>
<font color="#CC3333">感谢您访问我们网站,3秒钟后自动转到您最近访问的页面!</font>
<%
response.setHeader("refresh", "3;URL=index.jsp");
}
%>
</td>
</tr>
<tr>
<td height="28" align="right"><span class="style1">账 号:</span>
</td>
<td>
<input name="name" type="text" size="18" class="myinput" id="name">
<font color="#CC3333"><html:errors property="username_null"/></font>
</td>
</tr>
<tr>
<td height="27" align="right"><span class="style1">密 码:</span></td>
<td> <input name="pwd" type="password" size="19" class="myinput" id="pwd">
<a href="FindPassword.jsp" target="_parent"> <font color="blue">找回密码</font></a>
<font color="#CC3333"> <a href="register.jsp">注册</a></font> </td>
</tr>
<tr align="center">
<td height="32" colspan="2">
<input type="image" src="images/login_button_01.gif" width="70" height="22">
<img src="images/login_button_02.gif" width="70" height="22" onClick="setvalue()"/>
</td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</center>
</body>
</html>
求大神指教package user_check;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Enumeration;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import util.DBUtil;
public class LoginCheck extends HttpServlet{
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String set =request.getParameter("set");
if(set==null){
String name=request.getParameter("name");
String pwd=request.getParameter("pwd");
try {
Connection conn = DBUtil.getConnection();
String sql="select count(*) from consumer where name=? and password=?";
PreparedStatement pw=conn.prepareStatement(sql);
pw.setString(1, name);
pw.setString(2, pwd);
ResultSet rs=pw.executeQuery();
if(rs.next()) {
if(rs.getInt(1)==1){
sql="select realname,memberid from consumer where name=? and password=?";
pw=conn.prepareStatement(sql);
pw.setString(1, name);
pw.setString(2, pwd);
rs=pw.executeQuery();
rs.next();
String realname=rs.getString("realname");
request.getSession().setAttribute("realname",realname);
request.getSession().setAttribute("login", "user#yes#"+name+"#"+((Integer)rs.getInt("memberid")).toString());
response.sendRedirect("EditTellphone?set=tomain");
}
else response.sendRedirect("login.jsp?login_error=yes");
}
else {
response.sendRedirect("login.jsp?login_error=yes");
}
rs.close();
pw.close();
conn.close();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
else if(set!=null&&set.equals("logout")){
Enumeration en=request.getSession().getAttributeNames();
while(en.hasMoreElements()){
request.getSession().removeAttribute(en.nextElement().toString());
}
response.sendRedirect("EditTellphone?set=tomain");
}
}
protected void doGet(HttpServletRequest arg0, HttpServletResponse arg1) throws ServletException, IOException {
// TODO Auto-generated method stub
doPost(arg0, arg1);
}
}
where name = "admin" and password = "123"
改成
where name = 'admin' and password = '123'
package util;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
public class DBUtil {
private DBUtil() {
}
private static DBUtil instance = null;
public static Connection getConnection() {
if (instance == null) {
instance = new DBUtil();
}
return instance.getConnection_d();
}
public Connection getConnection_d() {
Connection conn = null;
try {
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
conn = DriverManager.getConnection("jdbc:sqlserver://localhost:1433; DatabaseName=tellphoneshop","sa","123");
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (SQLException e) {
e.printStackTrace();
}
return conn;
}
public static void close(ResultSet rs, PreparedStatement stmt) {
if (rs != null) {
try {
rs.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
if (stmt != null) {
try {
stmt.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
public static void closeConnection(Connection conn) {
if (conn != null) {
try {
conn.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
}
}