在login中用这段代码,判断登陆,老是说登陆出错,admin帐户登陆还显示500错误,谁能帮我指正,非常感谢。
public String getSql() {
if (isadmin) {
sqlStr = "select * from my_BookAdminuser where adminuser = '" + strFormat.toSql(username) + "' and adminpass = '" + strFormat.toSql(passwd) + "'";
}else {
sqlStr = "select * from my_users where username = '" + strFormat.toSql(username) + "' and password = '" + strFormat.toSql(passwd) + "'";
}
return sqlStr;
} public boolean excute() throws Exception {
boolean flag = false;
rs = stmt.executeQuery(getSql());
if (rs.next()){
if (!isadmin)
{
userid = rs.getLong("Id");
}
flag = true;
}
rs.close();
close();
return flag;
}
}
public String getSql() {
if (isadmin) {
sqlStr = "select * from my_BookAdminuser where adminuser = '" + strFormat.toSql(username) + "' and adminpass = '" + strFormat.toSql(passwd) + "'";
}else {
sqlStr = "select * from my_users where username = '" + strFormat.toSql(username) + "' and password = '" + strFormat.toSql(passwd) + "'";
}
return sqlStr;
} public boolean excute() throws Exception {
boolean flag = false;
rs = stmt.executeQuery(getSql());
if (rs.next()){
if (!isadmin)
{
userid = rs.getLong("Id");
}
flag = true;
}
rs.close();
close();
return flag;
}
}
rs.close();
close();//这个去掉
database中定义:public void close() throws SQLException {
if ( stmt != null )
{
stmt.close();
stmt = null;
}
conn.close();
conn = null;
}
close()应该不时错的原因吧,
开始admin用户登录时和普通用户一样,都报登陆出错
我把excute()中的
boolean flag=false改为了 true
就报 500错误了
package org.pan.util;
public class strFormat {
public static String Replace(String source, String oldString, String newString) {
StringBuffer output = new StringBuffer(); int lengthOfSource = source.length(); // 源字符串长度
int lengthOfOld = oldString.length(); // 老字符串长度 int posStart = 0; // 开始搜索位置
int pos; // 搜索到老字符串的位置 while ((pos = source.indexOf(oldString, posStart)) >= 0) {
output.append(source.substring(posStart, pos)); output.append(newString);
posStart = pos + lengthOfOld;
} if (posStart < lengthOfSource) {
output.append(source.substring(posStart));
} return output.toString();
}
public static String toHtmlInput(String str) {
if (str == null) return null; String html = new String(str); html = Replace(html, "&", "&");
html = Replace(html, "<", "<");
html = Replace(html, ">", ">"); return html;
}
public static String toHtml(String str) {
if (str == null) return null; String html = new String(str); html = toHtmlInput(html);
html = Replace(html, "\r\n", "\n");
html = Replace(html, "\n", "<br>\n");
html = Replace(html, "\t", " ");
html = Replace(html, " ", " "); return html;
}
public static String toSql(String str) {
String sql = new String(str);
return Replace(sql, "'", "''");
}
} 用的model1模式 ,应该不会在这方面有什么问题吧
你们看出问题了吗