点提交后就出现空白页面!郁闷中~~如果不加如数据库验证SERVLET可以正常跳转!加了之后就出现空白~~package webapp;import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import webapp.DBconnection;
import java.sql.*;public class loginservlet extends HttpServlet {
private static final String CONTENT_TYPE = "text/html; charset=GBK"; //Initialize global variables
public void init() throws ServletException {
} //Process the HTTP Get request
public void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {
response.setContentType(CONTENT_TYPE);
response.setCharacterEncoding("GBK");
String name = request.getParameter("username");
String pwd = request.getParameter("password");
try
{
Connection conn = DBconnection.getConnection();
Statement stm = conn.createStatement();
ResultSet rs = stm.executeQuery("select * from yonghu where name='" +name + "' and password='" + pwd + "'");
if(rs.next())
{
RequestDispatcher rd=request.getRequestDispatcher("/welcome.jsp");
rd.forward(request,response);
}
else{
RequestDispatcher rd=request.getRequestDispatcher("/login.jsp");
rd.include(request,response); } }
catch (Exception exception) {
exception.printStackTrace();
} }
//Process the HTTP Post request
//Clean up resources
public void destroy() {
}
}
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import webapp.DBconnection;
import java.sql.*;public class loginservlet extends HttpServlet {
private static final String CONTENT_TYPE = "text/html; charset=GBK"; //Initialize global variables
public void init() throws ServletException {
} //Process the HTTP Get request
public void doPost(HttpServletRequest request, HttpServletResponse response) throws
ServletException, IOException {
response.setContentType(CONTENT_TYPE);
response.setCharacterEncoding("GBK");
String name = request.getParameter("username");
String pwd = request.getParameter("password");
try
{
Connection conn = DBconnection.getConnection();
Statement stm = conn.createStatement();
ResultSet rs = stm.executeQuery("select * from yonghu where name='" +name + "' and password='" + pwd + "'");
if(rs.next())
{
RequestDispatcher rd=request.getRequestDispatcher("/welcome.jsp");
rd.forward(request,response);
}
else{
RequestDispatcher rd=request.getRequestDispatcher("/login.jsp");
rd.include(request,response); } }
catch (Exception exception) {
exception.printStackTrace();
} }
//Process the HTTP Post request
//Clean up resources
public void destroy() {
}
}
解决方案 »
- (转载)如何使用最新JDBC连接SqlServer2005数据库
- 如何才能隐藏掉Tomcat运行时的Dos窗口
- 测试Tomcat的数据库连接池,每次执行getConnection时都会抛出异常,请高手帮忙分析一下咋回事?
- struts + tomcat5.0 报java.lang.illegalArgumentException,救命,在线等
- jsp 中计算两日期相隔天数?
- 高分急求java类实现得html转换ubb
- vc怎么调用java的applet
- 跪了,急问!weblogic 9.2 CLASSPATH的问题
- 框架传值问题,急
- Tomcat 4.0.1已经解决中文问题,不需要转换函数
- servlet中文乱码问题
- 在JSP中怎么动态增加数据库或表啊?????
如果我输入:用户名 or true
密码随便输入,你试试会有什么结果?前提是这个用户名是存在的.
看这两个页面是不是跟 WEB-INF 平级
如果平级就是
welcome.jsp
login.jsp
反之就要加路径
典型的SQL注入漏洞。
用户名和密码都用'or''='就可以登陆