<body>
<%
request.setCharacterEncoding("UTF-8");
String uname = request.getParameter("uname");
String pwd = request.getParameter("pwd");
Connection con = null;
PreparedStatement ps = null;
ResultSet rs = null;
final String DRIVER="com.microsoft.sqlserver.jdbc.SQLServerDriver";
final String UNAME="sa";
final String PWD = "sa";
final String URL = "jdbc:sqlserver://127.0.0.1:1433;databaseName=test";
String sql = "select count(*) from users where uname=? and pwd=?";
boolean flag = false;
try{
Class.forName(DRIVER);
con = DriverManager.getConnection(URL,UNAME,PWD);
ps = con.prepareStatement(sql);
ps.setString(2,uname);
ps.setString(3,pwd);
rs = ps.executeQuery();
rs.next();
int count =rs.getInt(2);
if(count>0){
flag = true;
}
}catch(Exception ex){
ex.printStackTrace();
}finally{
try{
if(rs!=null) rs.close();
if(ps!=null) ps.close();
if(con!=null) con.close();
}catch(Exception ex){
ex.printStackTrace();
}
}
if(flag){
session.setAttribute("login","true");
request.getRequestDispatcher("success.jsp").forward(request,response);
}else{
request.setAttribute("error"," error,check your name and pwd,login again");
request.getRequestDispatcher("login.jsp").forward(request,response);
}
%>
</body>
<%
request.setCharacterEncoding("UTF-8");
String uname = request.getParameter("uname");
String pwd = request.getParameter("pwd");
Connection con = null;
PreparedStatement ps = null;
ResultSet rs = null;
final String DRIVER="com.microsoft.sqlserver.jdbc.SQLServerDriver";
final String UNAME="sa";
final String PWD = "sa";
final String URL = "jdbc:sqlserver://127.0.0.1:1433;databaseName=test";
String sql = "select count(*) from users where uname=? and pwd=?";
boolean flag = false;
try{
Class.forName(DRIVER);
con = DriverManager.getConnection(URL,UNAME,PWD);
ps = con.prepareStatement(sql);
ps.setString(2,uname);
ps.setString(3,pwd);
rs = ps.executeQuery();
rs.next();
int count =rs.getInt(2);
if(count>0){
flag = true;
}
}catch(Exception ex){
ex.printStackTrace();
}finally{
try{
if(rs!=null) rs.close();
if(ps!=null) ps.close();
if(con!=null) con.close();
}catch(Exception ex){
ex.printStackTrace();
}
}
if(flag){
session.setAttribute("login","true");
request.getRequestDispatcher("success.jsp").forward(request,response);
}else{
request.setAttribute("error"," error,check your name and pwd,login again");
request.getRequestDispatcher("login.jsp").forward(request,response);
}
%>
</body>
String uname = request.getParameter("uname");
String pwd = request.getParameter("pwd");
中名字和密码是传过来了的。再就是
ps.setString(2,uname);
ps.setString(3,pwd);
2,3是不是应该改成1,2。这一句的2是不是也有问题
int count =rs.getInt(2);
String pwd = request.getParameter("pwd");
补充一点,中文名字或者密码,跟踪下,看看是不是乱码,是乱码的话,必须转码
String pwd = request.getParameter("pwd");
要确保这两个值传递过来并且值是正确的,uname值没变。
ps.setString(3,pwd);这个是不是说连数据库的时候把第2行当做uname,把第3行当作pwdint count =rs.getInt(2);
这句具体是什么意思,有点不懂
[Quote=引用 5 楼 deihyvi1987 的回复:]ps.setString(2,uname);
ps.setString(3,pwd);
这里的2和3值得是sql中的参数,就是“?”,2代表第二个“?”,3代表第三个“?”
int count =rs.getInt(2);
这个2代表的是查询结果中第二列的值
select count(*) from users where uname=? and pwd=?
这里查询结果中只有一列
等价于 int count=rs.getInt("字段名");
等价于 int count=rs.getInt("你数据库里边的第二个字段名");前提是int型
ps.setString(3,pwd);
貌似不对吧,应该改成
ps.setString(1,uname);
ps.setString(2,pwd);
1和2表示第一个问号和第2个问号的值,与第几行无关