jsp页面,
<%@ page contentType="text/html;charset=gb2312"%>
<%@ page language="java" %>
<%@ page session= "true"%>
<%@ page import = "java.lang.*"%>
<%@ page import = "java.util.*"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<jsp:useBean id = "User" class = "price.User" scope = "page" />
<%
response.setHeader("Pragma","no-cache");
response.setHeader("Cache-Control","no-cache");
%>
<title>验证用户</title>
</head>
<body>
<%
int iResult = 0;
String LoginId = request.getParameter("LoginId");
String LoginPass = request.getParameter("LoginPass");
ArrayList Info = new ArrayList();
iResult = User.userLogin(LoginId, LoginPass);
if (iResult == 1){
session.setMaxInactiveInterval(600000);
session.setAttribute("LoginUser", LoginId);
if(LoginId.equals("admin")){
response.sendRedirect("user/main.jsp");
}
else{
response.sendRedirect("price/userQuery.jsp");
}
}
else if (iResult == 0){
out.println("<script>");
out.println("alert('用户密码错误!');");
out.println("window.location = 'index.jsp';");
out.println("</script>");
}%>
</body>
</html>
//java
package price;import java.sql.Statement;
import java.sql.ResultSet;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import price.Database;
import com.lxl.bean.Pagination;public class User {
private com.lxl.util.PaginationUtil PU;
private String sSql = "";
public User() {
} public int isUser(String userName) {
int iReturn = 0;
//System.out.println("ab");
Statement st = null;
ResultSet rs = null;
try { st = Database.getConnect();
if (st != null) {
sSql = "select operatorID from t_operator where operatorName='" +
userName + "'";
rs = st.executeQuery(sSql);
//System.out.println(sSql);
if (rs.next()) {
iReturn = 0;
}
else {
iReturn = 1;
}
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.isUser: " + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
} //验证用户名是否正确
public int userLogin(String userName, String password) {
int iReturn = 0;
Statement st = null;
ResultSet rs = null;
try {
st = Database.getConnect();
if (st != null) {
sSql = "select operatorID from t_operator where operatorName='" +
userName + "' and password='" + password + "'";
rs = st.executeQuery(sSql);
if (rs.next()) {
iReturn = 1;
}
Connection conn = st.getConnection();
st.close();
conn.close(); }
}
catch (SQLException se) {
System.out.println("User.uerLogin:" + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
} //新增用户,iReturn=2,用户名重复
public int insertUser(String userName, String password, String memo) {
int iReturn = 0;
iReturn = isUser(userName);
//System.out.println(iReturn);
Statement st = null; if (iReturn == 1) {
try {
st = Database.getConnect();
if (st != null) {
sSql =
"insert into t_operator (operatorName,password,memo) values ('" +
userName + "','" + password + "','" + memo + "')";
st.executeUpdate(sSql);
// System.out.println(sSql);
iReturn = 1;
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.insertUser:" + sSql + "; " + se.toString());
iReturn = -1;
}
}
else {
iReturn = 2;
}
return iReturn;
} //查询用户
public int QueryUser(String userName, ArrayList Info, Pagination p) {
int iReturn = 0;
Statement st = null;
ResultSet rs = null; int pagesize = p.getPagesize();
int pagePos = p.getCurPagePos();
if (pagePos < 1) {
pagePos = 1;
}
if (pagesize < 1) {
pagesize = Context.PRODUCT_PAGE_SIZE; }
try {
st = Database.getConnect();
if (st != null) {
sSql = "select count(*) from t_operator where operatorName like '%" +
userName + "%'";
rs = st.executeQuery(sSql);
int count = -1; //总的记录数
if (rs.next()) {
count = rs.getInt(1);
}
int showcnt = PU.getShowCnt(count, pagePos, pagesize);
if (showcnt > 0) { //要求的页有记录
sSql = "select * from(select top " + showcnt + " * from(select top " +
pagesize * pagePos +
" * from t_operator where operatorName like '%" +
userName +
"%' order by operatorID) order by operatorID desc)order by operatorID";
//System.out.println(sSql);
rs = st.executeQuery(sSql);
while (rs.next()) {
String[] sTemp = new String[4];
sTemp[0] = rs.getString("operatorID");
sTemp[1] = rs.getString("operatorName");
sTemp[2] = rs.getString("password");
sTemp[3] = rs.getString("memo");
Info.add(sTemp);
iReturn = 1;
}
}
else { //要求的页没有任何记录
iReturn = 1;
}
p.setCount(count);
p.setCurPagePos(pagePos);
p.setPagesize(pagesize); Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.QueryUser: " + sSql + se.toString());
iReturn = -1;
}
return iReturn;
}//通过id查找单个用户
public int singleUser(String operatorID, ArrayList info) {
int iReturn = 0;
Statement st = null;
ResultSet rs = null;
info.clear();
try {
st = Database.getConnect();
if (st != null) {
sSql = "select * from t_operator where operatorID=" + operatorID +
"";
//System.out.println(sSql);
rs = st.executeQuery(sSql);
if (rs.next()) {
info.add(rs.getString("operatorID"));
info.add(rs.getString("operatorName"));
info.add(rs.getString("password"));
info.add(rs.getString("memo"));
iReturn = 1;
}
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.singleUse:" + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
}//修改用户
public int updateUser(String operatorID, String operatorName, String password,
String memo) {
int iReturn = 0;
Statement st = null;
try {
st = Database.getConnect();
if (st != null) {
sSql = "update t_operator set operatorName='" + operatorName +
"',password='" + password + "',memo='" + memo +
"' where operatorID=" + operatorID + "";
st.executeUpdate(sSql);
iReturn = 1;
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.singleUser: " + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
} /*public static void main(String args[]){
User u=new User();
int i=u.userLogin("admin","admin");
System.out.println(i); } */
}
<%@ page contentType="text/html;charset=gb2312"%>
<%@ page language="java" %>
<%@ page session= "true"%>
<%@ page import = "java.lang.*"%>
<%@ page import = "java.util.*"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<jsp:useBean id = "User" class = "price.User" scope = "page" />
<%
response.setHeader("Pragma","no-cache");
response.setHeader("Cache-Control","no-cache");
%>
<title>验证用户</title>
</head>
<body>
<%
int iResult = 0;
String LoginId = request.getParameter("LoginId");
String LoginPass = request.getParameter("LoginPass");
ArrayList Info = new ArrayList();
iResult = User.userLogin(LoginId, LoginPass);
if (iResult == 1){
session.setMaxInactiveInterval(600000);
session.setAttribute("LoginUser", LoginId);
if(LoginId.equals("admin")){
response.sendRedirect("user/main.jsp");
}
else{
response.sendRedirect("price/userQuery.jsp");
}
}
else if (iResult == 0){
out.println("<script>");
out.println("alert('用户密码错误!');");
out.println("window.location = 'index.jsp';");
out.println("</script>");
}%>
</body>
</html>
//java
package price;import java.sql.Statement;
import java.sql.ResultSet;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.ArrayList;
import price.Database;
import com.lxl.bean.Pagination;public class User {
private com.lxl.util.PaginationUtil PU;
private String sSql = "";
public User() {
} public int isUser(String userName) {
int iReturn = 0;
//System.out.println("ab");
Statement st = null;
ResultSet rs = null;
try { st = Database.getConnect();
if (st != null) {
sSql = "select operatorID from t_operator where operatorName='" +
userName + "'";
rs = st.executeQuery(sSql);
//System.out.println(sSql);
if (rs.next()) {
iReturn = 0;
}
else {
iReturn = 1;
}
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.isUser: " + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
} //验证用户名是否正确
public int userLogin(String userName, String password) {
int iReturn = 0;
Statement st = null;
ResultSet rs = null;
try {
st = Database.getConnect();
if (st != null) {
sSql = "select operatorID from t_operator where operatorName='" +
userName + "' and password='" + password + "'";
rs = st.executeQuery(sSql);
if (rs.next()) {
iReturn = 1;
}
Connection conn = st.getConnection();
st.close();
conn.close(); }
}
catch (SQLException se) {
System.out.println("User.uerLogin:" + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
} //新增用户,iReturn=2,用户名重复
public int insertUser(String userName, String password, String memo) {
int iReturn = 0;
iReturn = isUser(userName);
//System.out.println(iReturn);
Statement st = null; if (iReturn == 1) {
try {
st = Database.getConnect();
if (st != null) {
sSql =
"insert into t_operator (operatorName,password,memo) values ('" +
userName + "','" + password + "','" + memo + "')";
st.executeUpdate(sSql);
// System.out.println(sSql);
iReturn = 1;
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.insertUser:" + sSql + "; " + se.toString());
iReturn = -1;
}
}
else {
iReturn = 2;
}
return iReturn;
} //查询用户
public int QueryUser(String userName, ArrayList Info, Pagination p) {
int iReturn = 0;
Statement st = null;
ResultSet rs = null; int pagesize = p.getPagesize();
int pagePos = p.getCurPagePos();
if (pagePos < 1) {
pagePos = 1;
}
if (pagesize < 1) {
pagesize = Context.PRODUCT_PAGE_SIZE; }
try {
st = Database.getConnect();
if (st != null) {
sSql = "select count(*) from t_operator where operatorName like '%" +
userName + "%'";
rs = st.executeQuery(sSql);
int count = -1; //总的记录数
if (rs.next()) {
count = rs.getInt(1);
}
int showcnt = PU.getShowCnt(count, pagePos, pagesize);
if (showcnt > 0) { //要求的页有记录
sSql = "select * from(select top " + showcnt + " * from(select top " +
pagesize * pagePos +
" * from t_operator where operatorName like '%" +
userName +
"%' order by operatorID) order by operatorID desc)order by operatorID";
//System.out.println(sSql);
rs = st.executeQuery(sSql);
while (rs.next()) {
String[] sTemp = new String[4];
sTemp[0] = rs.getString("operatorID");
sTemp[1] = rs.getString("operatorName");
sTemp[2] = rs.getString("password");
sTemp[3] = rs.getString("memo");
Info.add(sTemp);
iReturn = 1;
}
}
else { //要求的页没有任何记录
iReturn = 1;
}
p.setCount(count);
p.setCurPagePos(pagePos);
p.setPagesize(pagesize); Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.QueryUser: " + sSql + se.toString());
iReturn = -1;
}
return iReturn;
}//通过id查找单个用户
public int singleUser(String operatorID, ArrayList info) {
int iReturn = 0;
Statement st = null;
ResultSet rs = null;
info.clear();
try {
st = Database.getConnect();
if (st != null) {
sSql = "select * from t_operator where operatorID=" + operatorID +
"";
//System.out.println(sSql);
rs = st.executeQuery(sSql);
if (rs.next()) {
info.add(rs.getString("operatorID"));
info.add(rs.getString("operatorName"));
info.add(rs.getString("password"));
info.add(rs.getString("memo"));
iReturn = 1;
}
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.singleUse:" + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
}//修改用户
public int updateUser(String operatorID, String operatorName, String password,
String memo) {
int iReturn = 0;
Statement st = null;
try {
st = Database.getConnect();
if (st != null) {
sSql = "update t_operator set operatorName='" + operatorName +
"',password='" + password + "',memo='" + memo +
"' where operatorID=" + operatorID + "";
st.executeUpdate(sSql);
iReturn = 1;
Connection conn = st.getConnection();
st.close();
conn.close();
}
}
catch (SQLException se) {
System.out.println("User.singleUser: " + sSql + "; " + se.toString());
iReturn = -1;
}
return iReturn;
} /*public static void main(String args[]){
User u=new User();
int i=u.userLogin("admin","admin");
System.out.println(i); } */
}
package price;
import java.sql.*;
import java.sql.SQLException;
import java.util.Properties;
import java.io.InputStream;
import java.io.IOException;public class Database{
public Database() {} public static String getSDBQ() {
Properties properties;
properties = new Properties();
InputStream is = null;
String SDBQ = "";
try {
Database temp = new Database();
is = temp.getClass().getResourceAsStream("/lxl.properties");
properties.load(is);
SDBQ = properties.getProperty("SDBQ");
}
catch (Exception e) {
System.out.println(e);
}
finally {
try {
if (is != null) {
is.close();
}
}
catch (IOException exception) {
// ignored
}
}
return SDBQ;
}//加载数据库驱动,打开数据库等操作.
public static Statement getConnect() {
Statement stmt = null;
String sDBQ = getSDBQ(); //"D:\\work\\Price\\WEB-INF\\classes\\price\\Price.mdb";
String url = "jdbc:odbc:MS Access Database;DBQ=" + sDBQ + ";UID=;PWD=";
String driver = "sun.jdbc.odbc.JdbcOdbcDriver";
try {
Class.forName(driver);
Connection conn = DriverManager.getConnection(url);
stmt = conn.createStatement();
//System.out.println("aaa");
}
catch (Exception e) {
System.out.println(e.toString());
stmt = null;
}
return stmt;
}
SDBQ = D:\\work\\Price\\WEB-INF\\classes\\price\\Price.mdb