这是密码修改页面
<%@ page language="java" contentType="text/html; charset=GB18030"
pageEncoding="GB18030"%>
<%@ page import="com.bjsxt.drp.sysmgr.*" %>
<%
String command = request.getParameter("command");
if(command!=null&&"modify".equals(command)){
String oldPassword = request.getParameter("oldPassword");
String newPassword = request.getParameter("newPassword");
String affirmNewPassowrd = request.getParameter("affirmNewPassowrd");
//out.print("旧密码正确");
User user = (User)session.getAttribute("user");
if(user.getPassword() == oldPassword){
//out.print("旧密码正确");
if(affirmNewPassowrd==newPassword){
user.modifyPassword(user.getUserId(),newPassword);
}else{
out.print("两个密码不一致,请重新修改");
}
}
//response.sendRedirect("main.jsp");
}
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=GB18030">
<title>修改密码</title>
<link rel="stylesheet" href="../style/drp.css">
<script type="text/javascript">
function modifyPasword() {
with(document.forms[0]){
action = "password_modify.jsp?command=modify";
method = "post";
submit();
}
}</script>
</head> <body class="body1">
<form name="userForm">
<div align="center">
<table width="100%" border="0" cellspacing="0" cellpadding="0"
height="51">
<tr>
<td class="p1" height="16" nowrap>
</td>
</tr>
<tr>
<td class="p1" height="35" nowrap>
  
<img src="../images/_arrow_02.gif" width="14" height="14">
<b><strong>系统管理>></strong>修改密码</b>
</td>
</tr>
</table>
<hr width="100%" align="center" size=0>
<table width="50%" height="91" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td height="30">
<div align="right">
<font color="#FF0000">*</font>原密码:
</div>
</td>
<td>
<input name="oldPassword" type="password" class="text1"
id="oldPassword" size="25">
</td>
</tr>
<tr>
<td height="27">
<div align="right">
<font color="#FF0000">*</font>新密码:
</div>
</td>
<td>
<input name="newPassword" type="password" class="text1"
id="newPassword" size="25">
</td>
</tr>
<tr>
<td height="34">
<div align="right">
<font color="#FF0000">*</font>确认密码:
</div>
</td>
<td>
<input name="affirmNewPassowrd" type="password" class="text1"
id="affirmNewPassowrd" size="25">
</td>
</tr>
</table>
<hr width="100%" align="center" size=0>
<p>
<input name="btnModify" class="button1" type="button"
id="btnModify" value="修改" onClick="modifyPasword()">
</p>
</div>
</form>
</body>
</html>这是数据库处理代码:
public void modifyPassword(String userId,String newPassword){
String sql = "update t_user set password=?"+"where user_id=?";
Connection conn = null;
PreparedStatement pstmt = null;
//System.out.println(sql.toString());
try {
conn = DB.getConnection();
pstmt = conn.prepareStatement(sql);
pstmt.setString(1, newPassword);
pstmt.setString(2, userId);
pstmt.executeUpdate();
}catch(SQLException e) {
//log4j
System.err.println("修改密码失败" + e);
e.printStackTrace();
}finally {
DB.close(pstmt);
DB.close(conn);
}
}
<%@ page language="java" contentType="text/html; charset=GB18030"
pageEncoding="GB18030"%>
<%@ page import="com.bjsxt.drp.sysmgr.*" %>
<%
String command = request.getParameter("command");
if(command!=null&&"modify".equals(command)){
String oldPassword = request.getParameter("oldPassword");
String newPassword = request.getParameter("newPassword");
String affirmNewPassowrd = request.getParameter("affirmNewPassowrd");
//out.print("旧密码正确");
User user = (User)session.getAttribute("user");
if(user.getPassword() == oldPassword){
//out.print("旧密码正确");
if(affirmNewPassowrd==newPassword){
user.modifyPassword(user.getUserId(),newPassword);
}else{
out.print("两个密码不一致,请重新修改");
}
}
//response.sendRedirect("main.jsp");
}
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=GB18030">
<title>修改密码</title>
<link rel="stylesheet" href="../style/drp.css">
<script type="text/javascript">
function modifyPasword() {
with(document.forms[0]){
action = "password_modify.jsp?command=modify";
method = "post";
submit();
}
}</script>
</head> <body class="body1">
<form name="userForm">
<div align="center">
<table width="100%" border="0" cellspacing="0" cellpadding="0"
height="51">
<tr>
<td class="p1" height="16" nowrap>
</td>
</tr>
<tr>
<td class="p1" height="35" nowrap>
  
<img src="../images/_arrow_02.gif" width="14" height="14">
<b><strong>系统管理>></strong>修改密码</b>
</td>
</tr>
</table>
<hr width="100%" align="center" size=0>
<table width="50%" height="91" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td height="30">
<div align="right">
<font color="#FF0000">*</font>原密码:
</div>
</td>
<td>
<input name="oldPassword" type="password" class="text1"
id="oldPassword" size="25">
</td>
</tr>
<tr>
<td height="27">
<div align="right">
<font color="#FF0000">*</font>新密码:
</div>
</td>
<td>
<input name="newPassword" type="password" class="text1"
id="newPassword" size="25">
</td>
</tr>
<tr>
<td height="34">
<div align="right">
<font color="#FF0000">*</font>确认密码:
</div>
</td>
<td>
<input name="affirmNewPassowrd" type="password" class="text1"
id="affirmNewPassowrd" size="25">
</td>
</tr>
</table>
<hr width="100%" align="center" size=0>
<p>
<input name="btnModify" class="button1" type="button"
id="btnModify" value="修改" onClick="modifyPasword()">
</p>
</div>
</form>
</body>
</html>这是数据库处理代码:
public void modifyPassword(String userId,String newPassword){
String sql = "update t_user set password=?"+"where user_id=?";
Connection conn = null;
PreparedStatement pstmt = null;
//System.out.println(sql.toString());
try {
conn = DB.getConnection();
pstmt = conn.prepareStatement(sql);
pstmt.setString(1, newPassword);
pstmt.setString(2, userId);
pstmt.executeUpdate();
}catch(SQLException e) {
//log4j
System.err.println("修改密码失败" + e);
e.printStackTrace();
}finally {
DB.close(pstmt);
DB.close(conn);
}
}
这个地方如果 不注释,后台输出的是什么?
String oldPassword = request.getParameter("oldPassword");
String newPassword = request.getParameter("newPassword");
String affirmNewPassowrd = request.getParameter("affirmNewPassowrd");
是否正确
顺便用request.getAttribute();获取值来看看