5-5.jsp
<%@ page contentType="text/html;charset=GB2312" %>
<%@ page import="java.sql.*" %>
<HTML>
<BODY>
<Font size=6>
<FORM action="5-5.jsp" Method="post">
<P>输入帐号:
<Input type=text name="zh">
<br/>输入密码:
<Input type=password name="mm" >
<Input type=submit name="g" value="提交">
</Form><% String zh=request.getParameter("zh");
if(zh==null)
{zh="";
}
byte b[]=zh.getBytes("ISO-8859-1");
zh=new String(b);
String mm=request.getParameter("mm");
if(mm==null)
{mm="";
}
byte c[]=mm.getBytes("ISO-8859-1");
mm=new String(c);
Connection con=null;
Statement sql=null;
ResultSet rs=null;
try{Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
}
catch(ClassNotFoundException e){}
try { con=DriverManager.getConnection("jdbc:odbc:jny","jny","698698");
sql=con.createStatement();
String condition="SELECT * FROM yz WHERE 帐号 = "+"'"+zh+"'";
rs=sql.executeQuery(condition);
while(rs.next())
{
String z =rs.getString("帐号");
String m =rs.getString("密码");
if(mm.trim().equals(m.trim()))
{ out.print("欢迎您"); }
}
}
catch(SQLException e)
{ }
%>
</BODY>
</HTML>
<%@ page contentType="text/html;charset=GB2312" %>
<%@ page import="java.sql.*" %>
<HTML>
<BODY>
<Font size=6>
<FORM action="5-5.jsp" Method="post">
<P>输入帐号:
<Input type=text name="zh">
<br/>输入密码:
<Input type=password name="mm" >
<Input type=submit name="g" value="提交">
</Form><% String zh=request.getParameter("zh");
if(zh==null)
{zh="";
}
byte b[]=zh.getBytes("ISO-8859-1");
zh=new String(b);
String mm=request.getParameter("mm");
if(mm==null)
{mm="";
}
byte c[]=mm.getBytes("ISO-8859-1");
mm=new String(c);
Connection con=null;
Statement sql=null;
ResultSet rs=null;
try{Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
}
catch(ClassNotFoundException e){}
try { con=DriverManager.getConnection("jdbc:odbc:jny","jny","698698");
sql=con.createStatement();
String condition="SELECT * FROM yz WHERE 帐号 = "+"'"+zh+"'";
rs=sql.executeQuery(condition);
while(rs.next())
{
String z =rs.getString("帐号");
String m =rs.getString("密码");
if(mm.trim().equals(m.trim()))
{ out.print("欢迎您"); }
}
}
catch(SQLException e)
{ }
%>
</BODY>
</HTML>
解决方案 »
- struts上传的图片如何在jsp中显示
- JavaMail 发邮件遇到下面问题
- jsp网站如何保证代码安全性?
- 原本运行很好的JSP的程序为什么会出现如下错误?
- 一份基于xml的web合同管理系统毕业设计!请各位前辈进来讨论一下!
- java.sql.SQLException: ORA-01722: 无效数字 错误怎样解决
- 关于JSP文件的显示问题?
- 讨论:关于response.sendRedirect()和out.close()的问题
- jsp 连 如何连 sql server 7 ? 在线等待,马上给分
- jsp的web工程使用servlet调用数据库一直报这个错是什么原因啊????
- 求JasperReport的开发文档。。
- 求教:java实现RFC1738对URL转义?
Login.java:
package tom.jiafei;
import java.sql.*;
public class Login
{ String logname,
password,
success="false",
message=""; //用来返回登录是否成功的消息。
Connection con;
Statement sql;
ResultSet rs;
public Login()
{ //加载桥接器:
try{Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
}
catch(ClassNotFoundException e){}
}
//设置属性值、获取属性值的方法:
public void setLogname(String name)
{ logname=name;
}
public String getLogname()
{return logname;
}
public void setPassword(String pw)
{ password=pw;
}
public String getPassword()
{return password;
}
public String getSuccess()
{return success;
}
//查询数据库的member表:
public String getMessage()
{try{
con=DriverManager.getConnection("jdbc:odbc:friend","","");
sql=con.createStatement();
String condition=
"SELECT * FROM member WHERE logname = "+"'"+logname+"'";
rs=sql.executeQuery(condition);
int rowcount=0;
String ps=null;
while(rs.next())
{ rowcount++;
logname=rs.getString("logname");
ps=rs.getString("password");
}
if((rowcount==1)&&(password.equals(ps)))
{ message="ok";
success="ok";
}
else
{message="输入的用户名或密码不正确";
success="false";
}
con.close();
return message;
}
catch(SQLException e)
{ message="输入的用户名或密码不正确";
success="false";
return message;
}
}
}
会员登录页面
login.jsp:
<%@ page contentType="text/html;charset=GB2312" %>
<%@ page import="tom.jiafei.Login" %>
<%! //处理字符串的方法:
public String codeString(String s)
{ String str=s;
try{byte b[]=str.getBytes("ISO-8859-1");
str=new String(b);
return str;
}
catch(Exception e)
{ return str;
}
}
%>
<HTML>
<BODY bgcolor=cyan ><Font size=1>
<%@ include file="head.txt" %>
<Font size=1>
<P>输入用户名和密码:
<%String str=response.encodeURL("login.jsp");
%>
<FORM action="<%=str%>" Method="post">
<BR>登录名称<Input type=text name="logname">
<BR>输入密码<Input type=password name="password">
<BR><Input type=submit name="g" value="提交">
</Form>
<jsp:useBean id="login" class="tom.jiafei.Login" scope="session" >
</jsp:useBean>
<% //提交信息后,验证信息是否正确:
String message="",
logname="",
password="";
if(!(session.isNew()))
{logname=request.getParameter("logname");
if(logname==null)
{logname="";
}
logname=codeString(logname);
password=request.getParameter("password");
if(password==null)
{password="";
}
password=codeString(password);
}
%>
<%
if(!(logname.equals("")))
{
%>
<jsp:setProperty name= "login" property="logname" value="<%=logname%>" />
<jsp:setProperty name= "login" property="password" value="<%=password%>" />
<%
message=login.getMessage(); //获取返回的验证信息。
if(message==null)
{message="";
}
}
%>
<% if(!(session.isNew()))
{ if(message.equals("ok"))
{String meb=response.encodeURL("showMember.jsp");
response.sendRedirect(meb);
}
else
{out.print(message);
}
}
%>
</Body>
</HTML>
这是jsp+javabean的
PreparedStatement ptmt=conn.prepareStatement(select * from youtable where username=? and passwords=?)
.
.
.
ptmt.execute();
返回为true就是合法用户,反之非法!