servlet中的dopost()中的代码是这样的:
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8"); response.setContentType("text/html");
PrintWriter out = response.getWriter();
HttpSession session=request.getSession();
String username = request.getParameter("username");
String userpassword = request.getParameter("userpassword");
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs = null;
int errorCount = 0; if (session.getAttribute("errorCount") == null) {
session.setAttribute("errorCount", new Integer(errorCount));
}
Integer integer = (Integer) session.getAttribute("errorCount");
errorCount = integer.intValue();
UserBean userBean = new UserBean();
List<UserBean> userList=new ArrayList<UserBean>();
try {
conn=DBUtil.getInstance().getConn();
pstmt = conn.prepareStatement( "Select * From users where username = '" + username
+ "'");
pstmt.setString(1, username);
//老是这里报错:无效的列索引
rs = pstmt.executeQuery();
while(rs.next()) {
//有用户
String db_userpassword = rs.getString("userpassword");
//获取数据库里的用户密码
if (db_userpassword.equals(userpassword)) {
String db_username = rs.getString("username");
//如果数据库里的用户密码与session里获得的用户密码相同,则从数据库中把相应的用户的其他信息读取出来。
userBean.setUserName(rs.getString(db_username));
userBean.setUserPassword(rs.getString(db_userpassword));
userList.add(userBean);
session.setAttribute("userList", userList);
String url = request.getContextPath();
request.getRequestDispatcher(url+
"item.jsp").forward(request,
response);
}else{
// 密码不对。
errorCount = errorCount + 1;
if (errorCount >= 3) {
out.println("<script language='javascript'>");
out.println("window.alert('密码错误次数超过3次,无法登录系统');");
out.println("window.opener=null;");
out.println("window.open('','_self');");
out.println("window.close();");
out.println("</script>");
}else {
int diffCount = 3 - errorCount;
out.println("<script language='javascript'>");
out.println("window.alert('密码不对,还剩" + diffCount
+ "次输入机会');");
out.println("window.history.back()");
out.println("</script>");
}
session.setAttribute("errorCount", new Integer(errorCount));
}
}
}catch (SQLException e) {
e.printStackTrace();
} finally {
DBUtil.getInstance().ReleaseRes(rs,pstmt,conn);
}
out.flush();
out.close();
}我见的表是这样的:
create table users(
username varchar2(30) primary key,
userpassword varchar2(30) not null
);插入的数据:
insert into users values('david','123456');
insert into users values('mary','654321');
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8"); response.setContentType("text/html");
PrintWriter out = response.getWriter();
HttpSession session=request.getSession();
String username = request.getParameter("username");
String userpassword = request.getParameter("userpassword");
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs = null;
int errorCount = 0; if (session.getAttribute("errorCount") == null) {
session.setAttribute("errorCount", new Integer(errorCount));
}
Integer integer = (Integer) session.getAttribute("errorCount");
errorCount = integer.intValue();
UserBean userBean = new UserBean();
List<UserBean> userList=new ArrayList<UserBean>();
try {
conn=DBUtil.getInstance().getConn();
pstmt = conn.prepareStatement( "Select * From users where username = '" + username
+ "'");
pstmt.setString(1, username);
//老是这里报错:无效的列索引
rs = pstmt.executeQuery();
while(rs.next()) {
//有用户
String db_userpassword = rs.getString("userpassword");
//获取数据库里的用户密码
if (db_userpassword.equals(userpassword)) {
String db_username = rs.getString("username");
//如果数据库里的用户密码与session里获得的用户密码相同,则从数据库中把相应的用户的其他信息读取出来。
userBean.setUserName(rs.getString(db_username));
userBean.setUserPassword(rs.getString(db_userpassword));
userList.add(userBean);
session.setAttribute("userList", userList);
String url = request.getContextPath();
request.getRequestDispatcher(url+
"item.jsp").forward(request,
response);
}else{
// 密码不对。
errorCount = errorCount + 1;
if (errorCount >= 3) {
out.println("<script language='javascript'>");
out.println("window.alert('密码错误次数超过3次,无法登录系统');");
out.println("window.opener=null;");
out.println("window.open('','_self');");
out.println("window.close();");
out.println("</script>");
}else {
int diffCount = 3 - errorCount;
out.println("<script language='javascript'>");
out.println("window.alert('密码不对,还剩" + diffCount
+ "次输入机会');");
out.println("window.history.back()");
out.println("</script>");
}
session.setAttribute("errorCount", new Integer(errorCount));
}
}
}catch (SQLException e) {
e.printStackTrace();
} finally {
DBUtil.getInstance().ReleaseRes(rs,pstmt,conn);
}
out.flush();
out.close();
}我见的表是这样的:
create table users(
username varchar2(30) primary key,
userpassword varchar2(30) not null
);插入的数据:
insert into users values('david','123456');
insert into users values('mary','654321');
+ "'");
改成
pstmt = conn.prepareStatement( "Select * From users where username = ?");
试试
+ "'");
pstmt.setString(1, username);第一句没有用占位符,第二句就没意义了,所以报错,删掉第二句,或者把第一句修改为:
pstmt = conn.prepareStatement( "Select * From users where username = ?");后面的内容我就没看了,你尝试下吧!
+ "'");你这样写其实就可以了,你并没有设置占位符,所以也没有必要在setstring了,加上就是多余的了,如果你喜欢那样的话,应该改为这样pstmt = conn.prepareStatement( "Select * From users where username = ?");
总的来说是有两种方式:1.pstmt = conn.prepareStatement( "Select * From users where username = '" + username
2.pstmt = conn.prepareStatement( "Select * From users where username = ?");
pstmt.setString(1, username);
希望能帮到你,朋友,也希望能认识你,以后多交流
如果用?从0开始 楼上这些人。 竟然从1开始
JDBC中列索引都是从1开始的!
正确结果是 jdbc是从1开始 hiberante hql 是从0开始
这句话意思是为第一个占位符 设置值, 也就是你sql语句中出现的问号,你现在没有相应的占位符,所有报错。
+ "'");这个要写成占位符吧,这不是把字符串拼进去了么?
sql语句变成了 Select * From users where username = ‘username');
改成
pstmt = conn.prepareStatement( "Select * From users where username = ?);
还有就是0不好用就试试1.