文件如下:
<%@page contentType="text/html;charset=GBK"%>
<%@page import="java.sql.*"%>
<%@page import="jspdes.*"%>
<jsp:useBean id="userNow" class="jspdes.UserBean" scope="session" ></jsp:useBean>
<jsp:setProperty name="userNow" property="*"></jsp:setProperty>
<%
Connection con = null;
try {
con = DBConnection.getConnection();
PreparedStatement pStat = con.prepareStatement("select * from T_USER where PASSWORD = ? USER_NAME=?");
pStat.setString(1, userNow.getPassword());
pStat.setString(1, userNow.getUserName());
ResultSet rs = pStat.executeQuery();
if (rs.next()) {
userNow.setUserName(rs.getString(2));
session.setAttribute("ses_bean0", userNow);
%>
<jsp:forward page="allUser.jsp"></jsp:forward>
<%} else {%>
<jsp:forward page="fail.jsp"></jsp:forward>
<%
}} catch (Exception e) {
e.printStackTrace();
}
%>要判断从前面传过来的用户名和密码是否正确,我用了一个PreparedStatement模糊查询,PreparedStatement pStat = con.prepareStatement("select * from T_USER where PASSWORD = ? USER_NAME=?");
pStat.setString(1, userNow.getPassword());
pStat.setString(1, userNow.getUserName());//其中userNow 是一个javaBeans的事例,这三句话对吗?我试了试,这个文件既不向allUser.jsp跳转,也不向fail.jsp跳转,PreparedStatement pStat = con.prepareStatement()这个模糊查询该怎么用呢?
<%@page contentType="text/html;charset=GBK"%>
<%@page import="java.sql.*"%>
<%@page import="jspdes.*"%>
<jsp:useBean id="userNow" class="jspdes.UserBean" scope="session" ></jsp:useBean>
<jsp:setProperty name="userNow" property="*"></jsp:setProperty>
<%
Connection con = null;
try {
con = DBConnection.getConnection();
PreparedStatement pStat = con.prepareStatement("select * from T_USER where PASSWORD = ? USER_NAME=?");
pStat.setString(1, userNow.getPassword());
pStat.setString(1, userNow.getUserName());
ResultSet rs = pStat.executeQuery();
if (rs.next()) {
userNow.setUserName(rs.getString(2));
session.setAttribute("ses_bean0", userNow);
%>
<jsp:forward page="allUser.jsp"></jsp:forward>
<%} else {%>
<jsp:forward page="fail.jsp"></jsp:forward>
<%
}} catch (Exception e) {
e.printStackTrace();
}
%>要判断从前面传过来的用户名和密码是否正确,我用了一个PreparedStatement模糊查询,PreparedStatement pStat = con.prepareStatement("select * from T_USER where PASSWORD = ? USER_NAME=?");
pStat.setString(1, userNow.getPassword());
pStat.setString(1, userNow.getUserName());//其中userNow 是一个javaBeans的事例,这三句话对吗?我试了试,这个文件既不向allUser.jsp跳转,也不向fail.jsp跳转,PreparedStatement pStat = con.prepareStatement()这个模糊查询该怎么用呢?
pStat.setString(1, userNow.getUserName());
你把两个值都赋给了第一个占位符,所以出错了,应该是这样吧
pStat.setString(1, userNow.getPassword());
pStat.setString(2, userNow.getUserName());
pStat.setString(2, userNow.getUserName());<-----1改成2
因为第二个问号才是user_name
pStat.setString(1, userNow.getPassword());
pStat.setString(1, userNow.getUserName());sql语句写错了,少了个and
select * from T_USER where PASSWORD = ? and USER_NAME=?
其次,setString,应该是
pStat.setString(1, userNow.getPassword());
pStat.setString(2, userNow.getUserName());