这是源码:
<%@page import="java.sql.*"%>
<%@page contentType="text/html;charset=GBK"%>
<%@ page import="com.mysql.jdbc.Driver" %>
<%
Connection conn = null;
Statement stmt = null;
boolean defaultCommit =false;
ResultSet rs=null;
String qiyezhanghao = null;
String qiyepassword2 = null;
String qiyepassword3 = null;
String qiyename1 = null;
String lianxiren1 = null;
String lianxiphone1 = null;
String qiyeyouxiang1 = null;
String qiyeaddress1 = null;
String qiyechengshi1 = null;
String qiyeguimo1 = null;
String qiyexingzhi1 = null;
String qiyehangye1 = null;
String qiyejianjie1 = null;
String str=(String)session.getAttribute("name1"); request.setCharacterEncoding("GBK");
qiyezhanghao=request.getParameter("qiyezhanghao");
qiyepassword2 = request.getParameter("qiyepassword");
qiyepassword3 = request.getParameter("qiyepassword1");
qiyename1 = request.getParameter("qiyename");
lianxiren1 = request.getParameter("lianxiren");
lianxiphone1 = request.getParameter("lianxiphone");
qiyeyouxiang1 = request.getParameter("qiyeyouxiang");
qiyeaddress1 = request.getParameter("qiyeaddress");
qiyechengshi1 = request.getParameter("qiyechengshi");
qiyeguimo1 = request.getParameter("qiyeguimo");
qiyexingzhi1= request.getParameter("qiyexingzhi");
qiyehangye1 = request.getParameter("qiyehangye");
qiyejianjie1 = request.getParameter("qiyejianjie");
try{
Class.forName("com.mysql.jdbc.Driver");
}
catch(ClassNotFoundException ce){
out.println(ce.getMessage());
}
try{
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/job","root","123",useUnicode=true,charactoeEncoding=8859);
defaultCommit=conn.getAutoCommit();
conn.setAutoCommit(false);
stmt=conn.createStatement();
rs=stmt.executeQuery("SELECT * FROM c_regist where companyID ='"+qiyezhanghao+"'and password='"+qiyepassword2+"'" );
if(!rs.next()){
response.sendRedirect("xiugaishibai.htm");}
stmt.executeUpdate("UPDATE c_regist SET password='"+qiyepassword3+"',c_name='"+qiyename1+"',conntector='"+lianxiren1+"',phonenumber='"+lianxiphone1+"',E-mail='"+qiyeyouxiang1+"',c_add='"+qiyeaddress1+"',city='"+qiyechengshi1+"',c_size='"+qiyeguimo1+"',c_type='"+qiyexingzhi1+"',belonging='"+qiyehangye1+"',cbrief='"+qiyejianjie1+"'WHERE companyID='"+str+"'");
conn.commit();
response.sendRedirect("xiugaiok1.htm");
}
catch(Exception e){
conn.rollback();
e.printStackTrace();
}
finally{
conn.setAutoCommit(defaultCommit);
if(stmt!=null){
stmt.close();
}
if(conn!=null){
conn.close();
}
}
%>
总是跳转到xiugaishibai.htm
这是什么原因呢?
<%@page import="java.sql.*"%>
<%@page contentType="text/html;charset=GBK"%>
<%@ page import="com.mysql.jdbc.Driver" %>
<%
Connection conn = null;
Statement stmt = null;
boolean defaultCommit =false;
ResultSet rs=null;
String qiyezhanghao = null;
String qiyepassword2 = null;
String qiyepassword3 = null;
String qiyename1 = null;
String lianxiren1 = null;
String lianxiphone1 = null;
String qiyeyouxiang1 = null;
String qiyeaddress1 = null;
String qiyechengshi1 = null;
String qiyeguimo1 = null;
String qiyexingzhi1 = null;
String qiyehangye1 = null;
String qiyejianjie1 = null;
String str=(String)session.getAttribute("name1"); request.setCharacterEncoding("GBK");
qiyezhanghao=request.getParameter("qiyezhanghao");
qiyepassword2 = request.getParameter("qiyepassword");
qiyepassword3 = request.getParameter("qiyepassword1");
qiyename1 = request.getParameter("qiyename");
lianxiren1 = request.getParameter("lianxiren");
lianxiphone1 = request.getParameter("lianxiphone");
qiyeyouxiang1 = request.getParameter("qiyeyouxiang");
qiyeaddress1 = request.getParameter("qiyeaddress");
qiyechengshi1 = request.getParameter("qiyechengshi");
qiyeguimo1 = request.getParameter("qiyeguimo");
qiyexingzhi1= request.getParameter("qiyexingzhi");
qiyehangye1 = request.getParameter("qiyehangye");
qiyejianjie1 = request.getParameter("qiyejianjie");
try{
Class.forName("com.mysql.jdbc.Driver");
}
catch(ClassNotFoundException ce){
out.println(ce.getMessage());
}
try{
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/job","root","123",useUnicode=true,charactoeEncoding=8859);
defaultCommit=conn.getAutoCommit();
conn.setAutoCommit(false);
stmt=conn.createStatement();
rs=stmt.executeQuery("SELECT * FROM c_regist where companyID ='"+qiyezhanghao+"'and password='"+qiyepassword2+"'" );
if(!rs.next()){
response.sendRedirect("xiugaishibai.htm");}
stmt.executeUpdate("UPDATE c_regist SET password='"+qiyepassword3+"',c_name='"+qiyename1+"',conntector='"+lianxiren1+"',phonenumber='"+lianxiphone1+"',E-mail='"+qiyeyouxiang1+"',c_add='"+qiyeaddress1+"',city='"+qiyechengshi1+"',c_size='"+qiyeguimo1+"',c_type='"+qiyexingzhi1+"',belonging='"+qiyehangye1+"',cbrief='"+qiyejianjie1+"'WHERE companyID='"+str+"'");
conn.commit();
response.sendRedirect("xiugaiok1.htm");
}
catch(Exception e){
conn.rollback();
e.printStackTrace();
}
finally{
conn.setAutoCommit(defaultCommit);
if(stmt!=null){
stmt.close();
}
if(conn!=null){
conn.close();
}
}
%>
总是跳转到xiugaishibai.htm
这是什么原因呢?
response.write("SELECT * FROM c_regist where companyID ='"+qiyezhanghao+"'and password='"+qiyepassword2+"'")
if(!rs.next()){
response.sendRedirect("xiugaishibai.htm");}
stmt.executeUpdate("UPDATE c_regist SET password='"+qiyepassword3+"',c_name='"+qiyename1+"',conntector='"+lianxiren1+"',phonenumber='"+lianxiphone1+"',E-mail='"+qiyeyouxiang1+"',c_add='"+qiyeaddress1+"',city='"+qiyechengshi1+"',c_size='"+qiyeguimo1+"',c_type='"+qiyexingzhi1+"',belonging='"+qiyehangye1+"',cbrief='"+qiyejianjie1+"'WHERE companyID='"+str+"'");
如上检查你的语句到底是什么?