在数据库的表里面有多个用户 但是我这个只能第一个用户帐号密码都对的时候才可以登陆 怎么修改才可以让后面的账户只要输入匹配的密码也可以登陆啊package elvis.filter;import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.ws.Response;/**
* Servlet implementation class LoginServlet
*/
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public LoginServlet() {
} /**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request,response);
} /**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Connection con =null;
Statement st = null;
try {
Class.forName("oracle.jdbc.driver.OracleDriver");
con = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:orcl", "Elvis","Elvis");
st = con.createStatement();
String name = request.getParameter("username");
String pwd = request.getParameter("password");
PrintWriter out = response.getWriter();
ResultSet rs = st.executeQuery("select * from usertest");
while(rs.next()){
String username = rs.getString("username");
String password = rs.getString("password");
if(username.equals(name)&&password.equals(pwd)){
response.sendRedirect("index.html");
}
}
} catch (SQLException e) {
e.printStackTrace();
} catch (ClassNotFoundException e) {
e.printStackTrace();
}catch (Exception e) {
e.printStackTrace();
}
}
}
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.ws.Response;/**
* Servlet implementation class LoginServlet
*/
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* @see HttpServlet#HttpServlet()
*/
public LoginServlet() {
} /**
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request,response);
} /**
* @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
Connection con =null;
Statement st = null;
try {
Class.forName("oracle.jdbc.driver.OracleDriver");
con = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:orcl", "Elvis","Elvis");
st = con.createStatement();
String name = request.getParameter("username");
String pwd = request.getParameter("password");
PrintWriter out = response.getWriter();
ResultSet rs = st.executeQuery("select * from usertest");
while(rs.next()){
String username = rs.getString("username");
String password = rs.getString("password");
if(username.equals(name)&&password.equals(pwd)){
response.sendRedirect("index.html");
}
}
} catch (SQLException e) {
e.printStackTrace();
} catch (ClassNotFoundException e) {
e.printStackTrace();
}catch (Exception e) {
e.printStackTrace();
}
}
}
解决方案 »
- 如何用STRING给MYBATIS配置文件传值(在线等,着急)
- 求助!如果监视网页有没有更新?
- 如何搭建一个效率比较高的SSH框架?
- 能不能帮我看下这个异常应怎么解决?
- 关于Hibernate中load()方法的问题
- mvn maven pom
- 请各位大虾救救小弟,很急很急,tomcat配置问题
- 当场给分,100分,有谁能帮我讲清楚,150分全部奉送
- 【安装 Struts 失败, 那么简单也失败!!】
- mybatis 调用mysql存储过程报错:Borrow callableStatement from pool failed
- Operation not allowed after ResultSet closed
- 怎么将rar文件上传到oracle中???struts实现
String name = request.getParameter("username");
String pwd = request.getParameter("password");
PrintWriter out = response.getWriter();
ResultSet rs = st.executeQuery("select * from usertest where username="+name+" and pwd="+pwd);
if(rs.next){
//查询有记录
response.sendRedirect("index.html");
}else{
//查询无记录
response.sendRedirect("login.html");
}
..................
没有用prepareStatement,用prepareStatement可以防止sql注入
应该是
ResultSet rs = st.executeQuery("select * from usertest where username='"+name+"' and password='"+pwd+"'");
String name = request.getParameter("username");
String pwd = request.getParameter("password");
这个的时候 打印一下这两个变量,确认收到了
另外数据库里面也要查询一下
确认有数据,并且已经commit