这些都是书上的源码,在下把里面所有不安全的因素都一一解决,
在下用的是eclipse3.2,tomcat5.5.23 web服务器,不过这
段代码就是不能实现功能,出现错误;在下用了3个小时多的时间
总是找不到是那里出现了问题!!代码是多了点,但只要稍微布署
一下就行了,望朋友没解决一下!
UserBean.javapackage org.it315.bean;
import java.io.Serializable;/**UserBean中仅仅是定义了三个属性:name、password和email。
注意:要存储在Session域中或跨JVM传输的JavaBean应实现Serializable接口
*/
public class UserBean implements Serializable
{
private String name = "";
private String password = "";
private String email = ""; public void setName(String name)
{
this.name = name;
}
public String getName()
{
return this.name;
}
public void setPassword(String password)
{
this.password = password;
}
public String getPassword()
{
return this.password;
}
public void setEmail(String email)
{
this.email = email;
}
public String getEmail()
{
return this.email;
} public boolean validatePassword(String password)
{
if(this.password.equals(password))
{
return true;
}
else
{
return false;
}
}
}DbUtil.javapackage org.it315.util;
import org.it315.bean.UserBean;
import java.util.Hashtable;/**DbUtil类是一个单件类,在整个Web应用程序中只能创建DbUtil类的一个实例对象,
在DbUtil类内部预存储了两个用户信息来模拟数据库中的用户记录。*/
public class DbUtil
{
private static DbUtil instance = new DbUtil();
private Hashtable users = new Hashtable();
private DbUtil()
{
UserBean user1 = new UserBean();
user1.setName("zxx");
user1.setPassword("12345678");
user1.setEmail("[email protected]");
users.put("zxx",user1);
UserBean user2 = new UserBean();
user2.setName("flx");
user2.setPassword("abcdefg");
user2.setEmail("[email protected]");
users.put("flx",user2);
}
public static DbUtil getInstance()
{
return instance;
}
public UserBean getUser(String userName)
{
UserBean user = (UserBean) users.get(userName);
return user;
}
}LogonFormBean.javapackage org.it315.bean;
import java.util.*;/*LogonFormBean用于封装登录表单的信息,其中定义了两个属性:name和password。
LogonFormBean对这两个属性进行基本的格式验证,如果有误则将相应的错误信息
保存到一个HashTable对象中,同时也定义了供JSP页面检索错误信息的方法。*/
public class LogonFormBean
{
private String name = "";
private String password = ""; private Hashtable errors = new Hashtable();
public void setName(String name)
{
this.name = name;
}
public String getName()
{
return this.name;
}
public void setPassword(String password)
{
this.password = password;
}
public String getPassword()
{
return this.password;
} public boolean validate()
{
boolean allOk = true;
if(name.trim().equals(""))
{
errors.put("name","Please input your name.");
allOk = false;
}
if(password.length()>10 || password.length()<6)
{
errors.put("password","password must have 6-10 characters.");
allOk = false;
}
return allOk;
}
public void setErrorMsg(String err,String errMsg)
{
if((err != null) && (errMsg != null))
{
errors.put(err,errMsg);
}
}
public String getErrorMsg(String err)
{
String err_msg = (String)errors.get(err);
return (err_msg == null) ? "" : err_msg;
}
}logon.jsp<%@ page contentType="text/html;charset=GB2312" %>
<%@ page import="org.it315.util.DbUtil" %>
<%@ page import="org.it315.bean.UserBean" %><%
//如果当前会话的用户已经登录
if(session.getAttribute("logonUser") != null)
{
%>
<jsp:forward page="logonSuccess.jsp" />
<%
}
%>
<jsp:useBean id="logonForm" class="org.it315.bean.LogonFormBean" scope="page"/>
<jsp:setProperty name="logonForm" property="*" />
<%
//如果JSP页面的当前执行过程是对表单提交的响应
if(request.getParameter("submit") != null)
{
//如果表单字段中填写的内容格式没有问题
if(logonForm.validate())
{
DbUtil db = DbUtil.getInstance();
UserBean user = db.getUser(logonForm.getName());
//如果数据库中不存在登录用户名的记录
if(user == null)
{
logonForm.setErrorMsg("name","no this user!");
}
else
{
//如果用户密码不正确
if(user.validatePassword(logonForm.getPassword()))
{
/*用户成功登录后的一系列会话活动中都可能要使用
当前用户的信息,所以,应该将当前登录用户的信息
保存到Session域中*/
session.setAttribute("logonUser",user);
%>
<jsp:forward page="logonSuccess.jsp" />
<%
}
else
{
logonForm.setErrorMsg("password","password error!");
}
}
}
}
%><%--
如果下面的FORM表单是登录失败后的再次显示,其中的各个字段应自动设置为
上次输入的内容,并在发生错误的字段旁用红色字体显示出错误的提示信息。
--%>
<form action="logon.jsp" method="post">
姓名:<input type="text" name="name" value='<%=logonForm.getName()%>'>
<font color="red"><%=logonForm.getErrorMsg("name")%></font><br>
密码:<input type="password" name="password" value='<%=logonForm.getPassword()%>'>
<font color="red"><%=logonForm.getErrorMsg("password")%></font><br>
<input type="submit" name="submit" value="登录">
</form>logonSuccess.jsp<%@ page contentType="text/html;GB2312" %><%
//如果JSP页面的当前执行过程是对注销行为的响应
if("logout".equals(request.getParameter("action")))
{
session.invalidate();
%>
<jsp:forward page="logon.jsp"/>
<%
}
//如果当前会话的用户还没有登录
if(session.getAttribute("logonUser") == null)
{
%>
<jsp:forward page="logon.jsp" />
<%
}
%>
<jsp:useBean id="logonUser" class="org.it315.bean.UserBean" scope="session" />恭喜你,登录成功!<br>
<jsp:getProperty name="logonUser" property="name" /><br>
<jsp:getProperty name="logonUser" property="password" /><br>
<jsp:getProperty name="logonUser" property="email" /><br>
<a href="logonSuccess.jsp?action=logout">注销</a><br>
<a href="logon.jsp">重新登录</a>出现的错误是:
org.apache.jasper.JasperException: Unable to compile class for JSP: Stacktrace:
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:85)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:435)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:298)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:299)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:691)
org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:661)
org.apache.jsp.logon_jsp._jspService(logon_jsp.java:107)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:328)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
note The full stack trace of the root cause is available in the Apache Tomcat/5.5.23 logs.
在下用的是eclipse3.2,tomcat5.5.23 web服务器,不过这
段代码就是不能实现功能,出现错误;在下用了3个小时多的时间
总是找不到是那里出现了问题!!代码是多了点,但只要稍微布署
一下就行了,望朋友没解决一下!
UserBean.javapackage org.it315.bean;
import java.io.Serializable;/**UserBean中仅仅是定义了三个属性:name、password和email。
注意:要存储在Session域中或跨JVM传输的JavaBean应实现Serializable接口
*/
public class UserBean implements Serializable
{
private String name = "";
private String password = "";
private String email = ""; public void setName(String name)
{
this.name = name;
}
public String getName()
{
return this.name;
}
public void setPassword(String password)
{
this.password = password;
}
public String getPassword()
{
return this.password;
}
public void setEmail(String email)
{
this.email = email;
}
public String getEmail()
{
return this.email;
} public boolean validatePassword(String password)
{
if(this.password.equals(password))
{
return true;
}
else
{
return false;
}
}
}DbUtil.javapackage org.it315.util;
import org.it315.bean.UserBean;
import java.util.Hashtable;/**DbUtil类是一个单件类,在整个Web应用程序中只能创建DbUtil类的一个实例对象,
在DbUtil类内部预存储了两个用户信息来模拟数据库中的用户记录。*/
public class DbUtil
{
private static DbUtil instance = new DbUtil();
private Hashtable users = new Hashtable();
private DbUtil()
{
UserBean user1 = new UserBean();
user1.setName("zxx");
user1.setPassword("12345678");
user1.setEmail("[email protected]");
users.put("zxx",user1);
UserBean user2 = new UserBean();
user2.setName("flx");
user2.setPassword("abcdefg");
user2.setEmail("[email protected]");
users.put("flx",user2);
}
public static DbUtil getInstance()
{
return instance;
}
public UserBean getUser(String userName)
{
UserBean user = (UserBean) users.get(userName);
return user;
}
}LogonFormBean.javapackage org.it315.bean;
import java.util.*;/*LogonFormBean用于封装登录表单的信息,其中定义了两个属性:name和password。
LogonFormBean对这两个属性进行基本的格式验证,如果有误则将相应的错误信息
保存到一个HashTable对象中,同时也定义了供JSP页面检索错误信息的方法。*/
public class LogonFormBean
{
private String name = "";
private String password = ""; private Hashtable errors = new Hashtable();
public void setName(String name)
{
this.name = name;
}
public String getName()
{
return this.name;
}
public void setPassword(String password)
{
this.password = password;
}
public String getPassword()
{
return this.password;
} public boolean validate()
{
boolean allOk = true;
if(name.trim().equals(""))
{
errors.put("name","Please input your name.");
allOk = false;
}
if(password.length()>10 || password.length()<6)
{
errors.put("password","password must have 6-10 characters.");
allOk = false;
}
return allOk;
}
public void setErrorMsg(String err,String errMsg)
{
if((err != null) && (errMsg != null))
{
errors.put(err,errMsg);
}
}
public String getErrorMsg(String err)
{
String err_msg = (String)errors.get(err);
return (err_msg == null) ? "" : err_msg;
}
}logon.jsp<%@ page contentType="text/html;charset=GB2312" %>
<%@ page import="org.it315.util.DbUtil" %>
<%@ page import="org.it315.bean.UserBean" %><%
//如果当前会话的用户已经登录
if(session.getAttribute("logonUser") != null)
{
%>
<jsp:forward page="logonSuccess.jsp" />
<%
}
%>
<jsp:useBean id="logonForm" class="org.it315.bean.LogonFormBean" scope="page"/>
<jsp:setProperty name="logonForm" property="*" />
<%
//如果JSP页面的当前执行过程是对表单提交的响应
if(request.getParameter("submit") != null)
{
//如果表单字段中填写的内容格式没有问题
if(logonForm.validate())
{
DbUtil db = DbUtil.getInstance();
UserBean user = db.getUser(logonForm.getName());
//如果数据库中不存在登录用户名的记录
if(user == null)
{
logonForm.setErrorMsg("name","no this user!");
}
else
{
//如果用户密码不正确
if(user.validatePassword(logonForm.getPassword()))
{
/*用户成功登录后的一系列会话活动中都可能要使用
当前用户的信息,所以,应该将当前登录用户的信息
保存到Session域中*/
session.setAttribute("logonUser",user);
%>
<jsp:forward page="logonSuccess.jsp" />
<%
}
else
{
logonForm.setErrorMsg("password","password error!");
}
}
}
}
%><%--
如果下面的FORM表单是登录失败后的再次显示,其中的各个字段应自动设置为
上次输入的内容,并在发生错误的字段旁用红色字体显示出错误的提示信息。
--%>
<form action="logon.jsp" method="post">
姓名:<input type="text" name="name" value='<%=logonForm.getName()%>'>
<font color="red"><%=logonForm.getErrorMsg("name")%></font><br>
密码:<input type="password" name="password" value='<%=logonForm.getPassword()%>'>
<font color="red"><%=logonForm.getErrorMsg("password")%></font><br>
<input type="submit" name="submit" value="登录">
</form>logonSuccess.jsp<%@ page contentType="text/html;GB2312" %><%
//如果JSP页面的当前执行过程是对注销行为的响应
if("logout".equals(request.getParameter("action")))
{
session.invalidate();
%>
<jsp:forward page="logon.jsp"/>
<%
}
//如果当前会话的用户还没有登录
if(session.getAttribute("logonUser") == null)
{
%>
<jsp:forward page="logon.jsp" />
<%
}
%>
<jsp:useBean id="logonUser" class="org.it315.bean.UserBean" scope="session" />恭喜你,登录成功!<br>
<jsp:getProperty name="logonUser" property="name" /><br>
<jsp:getProperty name="logonUser" property="password" /><br>
<jsp:getProperty name="logonUser" property="email" /><br>
<a href="logonSuccess.jsp?action=logout">注销</a><br>
<a href="logon.jsp">重新登录</a>出现的错误是:
org.apache.jasper.JasperException: Unable to compile class for JSP: Stacktrace:
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:85)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:435)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:298)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:277)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:265)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:564)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:299)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.runtime.PageContextImpl.doForward(PageContextImpl.java:691)
org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:661)
org.apache.jsp.logon_jsp._jspService(logon_jsp.java:107)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:328)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:315)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
note The full stack trace of the root cause is available in the Apache Tomcat/5.5.23 logs.
tomcat\work\Catalina\localhost下面的临时文件清除一下看看吧!
你的那里少了 charset=<%@ page contentType="text/html;charset=GB2312"%>你加上看看!
建议在书写jsp的时候,不要粘贴代码
这样容易出现不识别的字符
解决办法
(1)重新写jsp文件
(2)把空格或换行的地方
都删了,重新键入