<%
String action = (String)request.getParameter("action") ;
if ( action != null && action.equals("userlogin") )
{
String timeZone = (String)request.getParameter("timeZone") ;
String userName = (String)request.getParameter("userName") ; Cookie cookie2=new Cookie("USERNAME", userName);
Cookie cookie3=new Cookie("TIMEZONE", timeZone);
cookie2.setMaxAge(365*24*60*60);
cookie3.setMaxAge(365*24*60*60);
response.addCookie(cookie2);
response.addCookie(cookie3); Connection conn = MyDB.getConnection();
session.setAttribute("THE_PARTNERNO","11");
session.setAttribute("THE_TIMEZONE",timeZone);
int partnerNo = 11 ;
session.setAttribute("THE_FUNCAREA","COMPANY");
String password = (String)request.getParameter("userPassword"); String sql = "select u.user_no,p.password from users u,user_passwd p where u.loginName='"+MyDB.toSQLStr(userName)+"' and u.partner_no="+ partnerNo+
" and p.user_no=u.user_no" ;
String[][] data = MyDB.fetchStrData(conn,sql) ;
if ( data ==null || !data[0][1].equals(password) )
{
out.println("<script>alert('用户不存在或者口令不对');parent.document.form0.userName.focus();</script>");
return;
}
int userNo = Integer.parseInt(data[0][0]) ; String helpedName = (String)request.getParameter("helpedName");
if (helpedName != null && helpedName.trim().length() != 0 )
{
sql = "select user_no from users where loginName='"+MyDB.toSQLStr(helpedName)+"' and partner_no='"+ partnerNo+"'" ;
data = MyDB.fetchStrData(conn, sql );
if( data == null)
{
out.println("<script>alert('该被帮助者不存在');parent.document.form0.helpedName.focus();</script>");
return;
}
int helpedNo = Integer.parseInt(data[0][0]) ;
sql = "select func_no from helper_right where user_no="+helpedNo +" and helpedby="+userNo +" and expireDate >= getDate()" ;
data = MyDB.fetchStrData(conn,sql );
if ( data == null )
{
out.println("<script>alert('你无权帮助"+helpedName+"');parent.document.form0.helpedName.focus();</script>");
return;
}
session.setAttribute("THE_USERNO",""+helpedNo );
session.setAttribute("THE_HELPEDBY",""+userNo);
}
else
{
sql = "select func_no from rights where user_no="+userNo ;
data = MyDB.fetchStrData(conn,sql );
if ( data == null )
{
// out.println("<script>alert('你无权访问系统');parent.document.form0.userName.focus();</script>");
// return;
}
session.setAttribute("THE_USERNO",""+userNo );
session.setAttribute("THE_HELPEDBY",null);
}
if ( data == null ) session.setAttribute("THE_RIGHTS",null );
else
{
int rows = data.length;
int[] rights = new int[rows];
for(int i = 0 ;i < rows ; ++ i)
{
rights[i] = Integer.parseInt(data[i][0]);
}
session.setAttribute("THE_RIGHTS",rights);
} String uri = "/netoffice/main.jsp" ;
out.println("<script>parent.document.form0.action.value='';parent.location='" + uri+"';</script>");
return ;
}
java.util.GregorianCalendar toDay = new java.util.GregorianCalendar();
int sYEAR = toDay.get(toDay.YEAR);
int sMonth = toDay.get(toDay.MONTH)+1;
int sDay = toDay.get(toDay.DATE);
int hour = toDay.get(toDay.HOUR);
int MINUTE = toDay.get(toDay.MINUTE);
int AM_PM = toDay.get(toDay.AM_PM);
if (AM_PM >=1) hour = hour + 12;
String today = sYEAR+"年"+sMonth+"月"+sDay+"日"+hour+"时"+MINUTE+"分"; String userName="",timeZone="8" ;
Cookie cookies[]=request.getCookies();
int j = (cookies==null )?0:cookies.length ;
for ( int i = 0 ; i < j ;i++ )
{
if ( cookies[i].getName().equals("USERNAME") )
userName = cookies[i].getValue();
else if ( cookies[i].getName().equals("TIMEZONE") )
timeZone = cookies[i].getValue();
} String[][] data={
{"12","(GMT+12)马绍尔群岛"},
{"11","(GMT+11)马加丹"},
{"10","(GMT+10)悉尼,墨尔本"},
{"9","(GMT+09)东京,汉城"},
{"8","(GMT+08)北京,新加坡"},
{"7","(GMT+07)曼谷,雅加达"},
{"6","(GMT+06)仰光"},
{"5","(GMT+05)伊斯兰堡"},
{"4","(GMT+04)喀布尔"},
{"3","(GMT+03)莫斯科,科威特"},
{"2","(GMT+02)雅典,开罗"},
{"1","(GMT+01)巴黎,罗马"},
{"0","(GMT+00)伦敦,爱丁堡"},
{"-1","(GMT-01)亚速尔群岛"},
{"-2","(GMT-02)中大西洋"},
{"-3","(GMT-03)格陵兰"},
{"-4","(GMT-04)加拿大"},
{"-5","(GMT-05)印第安纳(东)"},
{"-6","(GMT-06)中美洲,墨西哥"},
{"-7","(GMT-07)亚利桑那"},
{"-8","(GMT-08)蒂华纳"},
{"-9","(GMT-09)阿拉斯加"},
{"-10","(GMT-10)夏威夷"},
{"-11","(GMT-11)中途岛"}} ;
String timeZoneSelect = MySession.toOptions(data,timeZone);
%>
String action = (String)request.getParameter("action") ;
if ( action != null && action.equals("userlogin") )
{
String timeZone = (String)request.getParameter("timeZone") ;
String userName = (String)request.getParameter("userName") ; Cookie cookie2=new Cookie("USERNAME", userName);
Cookie cookie3=new Cookie("TIMEZONE", timeZone);
cookie2.setMaxAge(365*24*60*60);
cookie3.setMaxAge(365*24*60*60);
response.addCookie(cookie2);
response.addCookie(cookie3); Connection conn = MyDB.getConnection();
session.setAttribute("THE_PARTNERNO","11");
session.setAttribute("THE_TIMEZONE",timeZone);
int partnerNo = 11 ;
session.setAttribute("THE_FUNCAREA","COMPANY");
String password = (String)request.getParameter("userPassword"); String sql = "select u.user_no,p.password from users u,user_passwd p where u.loginName='"+MyDB.toSQLStr(userName)+"' and u.partner_no="+ partnerNo+
" and p.user_no=u.user_no" ;
String[][] data = MyDB.fetchStrData(conn,sql) ;
if ( data ==null || !data[0][1].equals(password) )
{
out.println("<script>alert('用户不存在或者口令不对');parent.document.form0.userName.focus();</script>");
return;
}
int userNo = Integer.parseInt(data[0][0]) ; String helpedName = (String)request.getParameter("helpedName");
if (helpedName != null && helpedName.trim().length() != 0 )
{
sql = "select user_no from users where loginName='"+MyDB.toSQLStr(helpedName)+"' and partner_no='"+ partnerNo+"'" ;
data = MyDB.fetchStrData(conn, sql );
if( data == null)
{
out.println("<script>alert('该被帮助者不存在');parent.document.form0.helpedName.focus();</script>");
return;
}
int helpedNo = Integer.parseInt(data[0][0]) ;
sql = "select func_no from helper_right where user_no="+helpedNo +" and helpedby="+userNo +" and expireDate >= getDate()" ;
data = MyDB.fetchStrData(conn,sql );
if ( data == null )
{
out.println("<script>alert('你无权帮助"+helpedName+"');parent.document.form0.helpedName.focus();</script>");
return;
}
session.setAttribute("THE_USERNO",""+helpedNo );
session.setAttribute("THE_HELPEDBY",""+userNo);
}
else
{
sql = "select func_no from rights where user_no="+userNo ;
data = MyDB.fetchStrData(conn,sql );
if ( data == null )
{
// out.println("<script>alert('你无权访问系统');parent.document.form0.userName.focus();</script>");
// return;
}
session.setAttribute("THE_USERNO",""+userNo );
session.setAttribute("THE_HELPEDBY",null);
}
if ( data == null ) session.setAttribute("THE_RIGHTS",null );
else
{
int rows = data.length;
int[] rights = new int[rows];
for(int i = 0 ;i < rows ; ++ i)
{
rights[i] = Integer.parseInt(data[i][0]);
}
session.setAttribute("THE_RIGHTS",rights);
} String uri = "/netoffice/main.jsp" ;
out.println("<script>parent.document.form0.action.value='';parent.location='" + uri+"';</script>");
return ;
}
java.util.GregorianCalendar toDay = new java.util.GregorianCalendar();
int sYEAR = toDay.get(toDay.YEAR);
int sMonth = toDay.get(toDay.MONTH)+1;
int sDay = toDay.get(toDay.DATE);
int hour = toDay.get(toDay.HOUR);
int MINUTE = toDay.get(toDay.MINUTE);
int AM_PM = toDay.get(toDay.AM_PM);
if (AM_PM >=1) hour = hour + 12;
String today = sYEAR+"年"+sMonth+"月"+sDay+"日"+hour+"时"+MINUTE+"分"; String userName="",timeZone="8" ;
Cookie cookies[]=request.getCookies();
int j = (cookies==null )?0:cookies.length ;
for ( int i = 0 ; i < j ;i++ )
{
if ( cookies[i].getName().equals("USERNAME") )
userName = cookies[i].getValue();
else if ( cookies[i].getName().equals("TIMEZONE") )
timeZone = cookies[i].getValue();
} String[][] data={
{"12","(GMT+12)马绍尔群岛"},
{"11","(GMT+11)马加丹"},
{"10","(GMT+10)悉尼,墨尔本"},
{"9","(GMT+09)东京,汉城"},
{"8","(GMT+08)北京,新加坡"},
{"7","(GMT+07)曼谷,雅加达"},
{"6","(GMT+06)仰光"},
{"5","(GMT+05)伊斯兰堡"},
{"4","(GMT+04)喀布尔"},
{"3","(GMT+03)莫斯科,科威特"},
{"2","(GMT+02)雅典,开罗"},
{"1","(GMT+01)巴黎,罗马"},
{"0","(GMT+00)伦敦,爱丁堡"},
{"-1","(GMT-01)亚速尔群岛"},
{"-2","(GMT-02)中大西洋"},
{"-3","(GMT-03)格陵兰"},
{"-4","(GMT-04)加拿大"},
{"-5","(GMT-05)印第安纳(东)"},
{"-6","(GMT-06)中美洲,墨西哥"},
{"-7","(GMT-07)亚利桑那"},
{"-8","(GMT-08)蒂华纳"},
{"-9","(GMT-09)阿拉斯加"},
{"-10","(GMT-10)夏威夷"},
{"-11","(GMT-11)中途岛"}} ;
String timeZoneSelect = MySession.toOptions(data,timeZone);
%>
但是我实用下来好像还是会过期的,不过时间比较长,用户如果这么长时间不动网页的话,很有可能是离开了,这样过期反而是好事,安全
希望虚竹和尚在程序上加上注释。
hazeline能否把session的时间设置写的详细些
<%
String action = (String)request.getParameter("action") ;
if ( action != null && action.equals("userlogin") )
{
String timeZone = (String)request.getParameter("timeZone") ;
String userName = (String)request.getParameter("userName") ;
//取提交过来的变量
Cookie cookie2=new Cookie("USERNAME", userName);
Cookie cookie3=new Cookie("TIMEZONE", timeZone);
//设定了2个cookie
cookie2.setMaxAge(365*24*60*60);
cookie3.setMaxAge(365*24*60*60);
//设定cookie的有效时间是一年
response.addCookie(cookie2);
response.addCookie(cookie3);
//把cookie加入到Set-Cookie应答头(是不是说cookie开始生效了呢?如果不加response.addCookie(cookie3);cookie就不生效?)
.....
//取出cookies值,并放到数组cookies里
int j = (cookies==null )?0:cookies.length ;
//着句我就不明白了
for ( int i = 0 ; i < j ;i++ )
{
if ( cookies[i].getName().equals("USERNAME") )
userName = cookies[i].getValue();
else if ( cookies[i].getName().equals("TIMEZONE") )
timeZone = cookies[i].getValue();
//根据cookie的名字在数组中查找其数值.还有那个else是干什么的?
}
下面是我自己写的一段放在另一个页面。如果不登陆直接访问就会出错!
再次刷新就会显示,可是显示结果总一些乱七八糟的数据。奇怪的是if(myCookie.length > 0)没起作用!
<%
Cookie myCookie[]=request.getCookies();//本人认为可能是着句出的问题
if(myCookie.length > 0){
for (int i =0; i < myCookie.length; i++){
Cookie newCookie= myCookie[i];
//username = newCookie.getValue();
out.print(newCookie.getName());
out.print(newCookie.getValue());
}
}
%>
该页面位置:http://211.140.206.134/zxp/1.jsp
import javax.servlet.*;
import javax.servlet.http.*;/** Sets six cookies: three that apply only to the current
* session (regardless of how long that session lasts)
* and three that persist for an hour (regardless of
* whether the browser is restarted).
* <P>
* Taken from Core Servlets and JavaServer Pages
* from Prentice Hall and Sun Microsystems Press,
* http://www.coreservlets.com/.
* © 2000 Marty Hall; may be freely used or adapted.
*/public class SetCookies extends HttpServlet {
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
for(int i=0; i<3; i++) {
// Default maxAge is -1, indicating cookie
// applies only to current browsing session.
Cookie cookie = new Cookie("Session-Cookie-" + i,
"Cookie-Value-S" + i);
response.addCookie(cookie);
cookie = new Cookie("Persistent-Cookie-" + i,
"Cookie-Value-P" + i);
// Cookie is valid for an hour, regardless of whether
// user quits browser, reboots computer, or whatever.
cookie.setMaxAge(3600);
response.addCookie(cookie);
}
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String title = "Setting Cookies";
out.println
(ServletUtilities.headWithTitle(title) +
"<BODY BGCOLOR=\"#FDF5E6\">\n" +
"<H1 ALIGN=\"CENTER\">" + title + "</H1>\n" +
"There are six cookies associated with this page.\n" +
"To see them, visit the\n" +
"<A HREF=\"/servlet/coreservlets.ShowCookies\">\n" +
"<CODE>ShowCookies</CODE> servlet</A>.\n" +
"<P>\n" +
"Three of the cookies are associated only with the\n" +
"current session, while three are persistent.\n" +
"Quit the browser, restart, and return to the\n" +
"<CODE>ShowCookies</CODE> servlet to verify that\n" +
"the three long-lived ones persist across sessions.\n" +
"</BODY></HTML>");
}
}