package myPack.module;import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.*;import javax.servlet.http.HttpSession;import myPack.*;/**
* 针对登录页面的后台处理类
*
* @author ShenYK
* @version 1.0
*/
public class MLogin extends MCommon {
public boolean getUserInfo(HttpSession mySession, String username,
String password) {
// 设置用户信息
Hashtable myValues = (Hashtable) mySession
.getAttribute(CommonConst.VIEWID_LOGIN);
myValues.put("username", username); // 尝试查找用户
try {
// 载入MySQL的JDBC驱动类
//Class.forName(CommonConst.DB_DRIVER_CLASSNAME);
// 获得数据库连接
Connection conn = this.getDBConnection(mySession); Statement stmt = null;
ResultSet rs = null; try {
// 检查数据库中是否已经有该用户了
stmt = conn.createStatement();
// 执行SQL语句
String sQuery = "select realname from admin " + "where name='" + username + "' " + "and password='" + password + "'";
rs = stmt.executeQuery(sQuery);
if (rs.next()) {
//if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
}
// }else
// return true;
else {
mySession.setAttribute("errMsg", "用户名密码不正确!");
return false;
}
//}
} catch (Exception e) {
e.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} finally {
try {
rs.close();
stmt.close();
} catch (Exception ex) {
}
}
} catch (Exception ex) {
ex.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} }
}
利用上述代码: if (rs.next()) {
//if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
}
// }else
// return true;而不使用第二个if即:if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;}这句话地时候就能成功登录,否则只要用了第二个if即if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true
}即始终不能成功登录,这是怎么回事啊,如果用了第二个if逻辑上我认为也是正确的啊?
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.*;import javax.servlet.http.HttpSession;import myPack.*;/**
* 针对登录页面的后台处理类
*
* @author ShenYK
* @version 1.0
*/
public class MLogin extends MCommon {
public boolean getUserInfo(HttpSession mySession, String username,
String password) {
// 设置用户信息
Hashtable myValues = (Hashtable) mySession
.getAttribute(CommonConst.VIEWID_LOGIN);
myValues.put("username", username); // 尝试查找用户
try {
// 载入MySQL的JDBC驱动类
//Class.forName(CommonConst.DB_DRIVER_CLASSNAME);
// 获得数据库连接
Connection conn = this.getDBConnection(mySession); Statement stmt = null;
ResultSet rs = null; try {
// 检查数据库中是否已经有该用户了
stmt = conn.createStatement();
// 执行SQL语句
String sQuery = "select realname from admin " + "where name='" + username + "' " + "and password='" + password + "'";
rs = stmt.executeQuery(sQuery);
if (rs.next()) {
//if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
}
// }else
// return true;
else {
mySession.setAttribute("errMsg", "用户名密码不正确!");
return false;
}
//}
} catch (Exception e) {
e.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} finally {
try {
rs.close();
stmt.close();
} catch (Exception ex) {
}
}
} catch (Exception ex) {
ex.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} }
}
利用上述代码: if (rs.next()) {
//if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
}
// }else
// return true;而不使用第二个if即:if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;}这句话地时候就能成功登录,否则只要用了第二个if即if (rs.getString("name").equals(username)) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true
}即始终不能成功登录,这是怎么回事啊,如果用了第二个if逻辑上我认为也是正确的啊?
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.*;import javax.servlet.http.HttpSession;import myPack.*;/**
* 针对登录页面的后台处理类
*
* @author ShenYK
* @version 1.0
*/
public class MLogin extends MCommon {
public boolean getUserInfo(HttpSession mySession, String username,
String password) {
// 设置用户信息
Hashtable myValues = (Hashtable) mySession
.getAttribute(CommonConst.VIEWID_LOGIN);
myValues.put("username", username); // 尝试查找用户
try {
// 载入MySQL的JDBC驱动类
// Class.forName(CommonConst.DB_DRIVER_CLASSNAME);
// 获得数据库连接
Connection conn = this.getDBConnection(mySession); Statement stmt = null;
ResultSet rs = null; try {
// 检查数据库中是否已经有该用户了
stmt = conn.createStatement();
// 执行SQL语句
String sQuery = "select realname from admin " + "where name='"
+ username + "' " + "and password='" + password + "'";
rs = stmt.executeQuery(sQuery);
if (rs.next()) {
String DB_name = rs.getString("name");
if (DB_name.equals(username.trim())) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
} else
return true;
} else {
mySession.setAttribute("errMsg", "用户名密码不正确!");
return false;
}
} catch (Exception e) {
e.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} finally {
try {
rs.close();
stmt.close();
} catch (Exception ex) {
}
}
} catch (Exception ex) {
ex.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} }
}
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.*;import javax.servlet.http.HttpSession;import myPack.*;/**
* 针对登录页面的后台处理类
*
* @author ShenYK
* @version 1.0
*/
public class MLogin extends MCommon {
public boolean getUserInfo(HttpSession mySession, String username,
String password) {
// 设置用户信息
Hashtable myValues = (Hashtable) mySession
.getAttribute(CommonConst.VIEWID_LOGIN);
myValues.put("username", username); // 尝试查找用户
try {
// 载入MySQL的JDBC驱动类
// Class.forName(CommonConst.DB_DRIVER_CLASSNAME);
// 获得数据库连接
Connection conn = this.getDBConnection(mySession); Statement stmt = null;
ResultSet rs = null; try {
// 检查数据库中是否已经有该用户了
stmt = conn.createStatement();
// 执行SQL语句
String sQuery = "select realname from admin " + "where name='"
+ username + "' " + "and password='" + password + "'";
rs = stmt.executeQuery(sQuery);
if (rs.next()) {
String DB_name = rs.getString("name");
if (DB_name.equals(username.trim())) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
} else
return true;
} else {
mySession.setAttribute("errMsg", "用户名密码不正确!");
return false;
}
} catch (Exception e) {
e.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} finally {
try {
rs.close();
stmt.close();
} catch (Exception ex) {
}
}
} catch (Exception ex) {
ex.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} }
}
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.*;import javax.servlet.http.HttpSession;import myPack.*;/**
* 针对登录页面的后台处理类
*
* @author ShenYK
* @version 1.0
*/
public class MLogin extends MCommon {
public boolean getUserInfo(HttpSession mySession, String username,
String password) {
// 设置用户信息
Hashtable myValues = (Hashtable) mySession
.getAttribute(CommonConst.VIEWID_LOGIN);
myValues.put("username", username); // 尝试查找用户
try {
// 载入MySQL的JDBC驱动类
// Class.forName(CommonConst.DB_DRIVER_CLASSNAME);
// 获得数据库连接
Connection conn = this.getDBConnection(mySession); Statement stmt = null;
ResultSet rs = null; try {
// 检查数据库中是否已经有该用户了
stmt = conn.createStatement();
// 执行SQL语句
String sQuery = "select realname from admin " + "where name='"
+ username + "' " + "and password='" + password + "'";
rs = stmt.executeQuery(sQuery);
if (rs.next()) {
//String DB_name = rs.getString("name");
//if (DB_name.equals(username.trim())) {
mySession.setAttribute("username", username);
mySession.setAttribute("realname", rs.getString("realname"));
return true;
//} else
// return true;
} else {
mySession.setAttribute("errMsg", "用户名密码不正确!");
return false;
}
} catch (Exception e) {
e.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} finally {
try {
rs.close();
stmt.close();
} catch (Exception ex) {
}
}
} catch (Exception ex) {
ex.printStackTrace();
mySession.setAttribute("errMsg", "登录数据库时出现错误!");
return false;
} }
}
用上面的代码就可以成功登录,一点问题没有,但是以上的查询没有对用户名区分大小写,不如Bonnie和bonnie只要密码正确就能成功登录,所以我想改善一下采用了第二个if嵌套进去。