1、登录
<%-- Created by IntelliJ IDEA. User: Administrator Date: 2023/11/20 Time: 9:06 To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <div align="center"> <h3>登录表单</h3> <h5> ${info} </h5> <form action="LoginServlet" method="post"> 账号:<input type="text" name="username"> <br> 密码:<input type="password" name="password"><br> <input type="submit" value="登录"> <hr> <a href="reg.jsp">没有账号?转去注册</a> </form> </div> </body> </html>
2、注册
<%-- Created by IntelliJ IDEA. User: Administrator Date: 2023/11/20 Time: 9:06 To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <div align="center"> <h3>注册表单</h3> <h6>${info}</h6> <form action="RegServlet" method="post"> 账号:<input type="text" name="username"> <br> 密码:<input type="password" name="password"><br> <input type="submit" value="注册"> <hr> <a href="login.jsp">已有账号?转去登录</a> </form> </div> </body> </html>
3、UserinfoDao类
package com.yyzy.dao; import com.yyzy.entity.Userinfo; import com.yyzy.util.JDBCUtil; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; public class UserinfoDao { //查询所有的用户数据 public List<Userinfo> queryAll(){ String sql = "select * from userinfo"; List<Userinfo> list = new ArrayList<Userinfo>(); Connection conn = JDBCUtil.getConn(); try { PreparedStatement pre = conn.prepareStatement(sql); ResultSet rs = pre.executeQuery(); while (rs.next()){ //进入了while循环 说明查询到了数据 Userinfo userinfo = new Userinfo(rs.getInt(1),rs.getString(2),rs.getString(3)); list.add(userinfo); } return list; } catch (SQLException throwables) { System.out.println("查询的sql处理失败" + throwables); return null; } } //登录 public boolean login(String username,String password){ String sql = "select * from userinfo where username = ? and password = ?"; Connection conn = JDBCUtil.getConn(); try { PreparedStatement pre = conn.prepareStatement(sql); pre.setString(1,username); pre.setString(2,password); ResultSet rs = pre.executeQuery(); while (rs.next()){ //进入了while循环 说明查询到了数据 return true; } return false; } catch (SQLException throwables) { System.out.println("登录的sql处理失败" + throwables); return false; } } //注册 public boolean reg(String username,String password){ String sql = "insert into userinfo values(null,?,?)"; Connection conn = JDBCUtil.getConn(); try { PreparedStatement pre = conn.prepareStatement(sql); pre.setString(1,username); pre.setString(2,password); int i = pre.executeUpdate(); if (i==1) { return true; }else{ return false; } } catch (SQLException throwables) { System.out.println("注册的sql语句处理失败" + throwables); return false; } } //删除 public boolean del(int id){ String sql = "delete from userinfo where id = ? "; Connection conn = JDBCUtil.getConn(); try { PreparedStatement pre = conn.prepareStatement(sql); pre.setInt(1,id); int i = pre.executeUpdate(); if (i==1) { return true; }else{ return false; } } catch (SQLException throwables) { System.out.println("删除的sql语句处理失败" + throwables); return false; } } //修改 public boolean update(int id,String username,String password){ String sql = "update userinfo set username = ? ,password = ? where id = ?"; Connection conn = JDBCUtil.getConn(); try { PreparedStatement pre = conn.prepareStatement(sql); pre.setString(1,username); pre.setString(2,password); pre.setInt(3,id); int i = pre.executeUpdate(); if (i==1) { return true; }else{ return false; } } catch (SQLException throwables) { System.out.println("修改的sql语句处理失败" + throwables); return false; } } }
4、Userinfo类
package com.yyzy.entity; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; @Data @AllArgsConstructor @NoArgsConstructor public class Userinfo { private Integer id; private String username; private String password; }
5、过滤器
过滤器讲解: 全称:Servlet过滤器 Servlet就是Servlet Servlet过滤器就是Servlet过滤器 翻译:Filter 功能:客户端发请求给服务端。 服务端回响应给客户端 进行代码的处理。 用处: 最常见的编码过滤器 登录校验过滤器 等等 如何实现:一般放在filter包下 如何创建一个Filter 1.创建一个类 2.实现Filter接口 注意是Servlet下的Filter接口 3.重写该接口下的所有方法分别是init(初始化) destory(消亡) doFilter(过滤的相关代码) 4.添加注解 @WebFilter("/Xxx") Xxx表示我要过滤哪些请求或响应 一般来说都写/* 表示过滤所有请求 5.写相关代码。 6.根据条件进行放行。通过方法内部提供的参数:filterChain 进行放行 客串知识点: 过滤器又称拦截器 如果过滤器中没有写 “放行” 相关代码 项目将显示一个空白页面。 所以正确的写法: 如果过滤成功就放行。 如果过滤失败就跳转到指定页面 客串知识点2: 一个项目中可以存在多个过滤器 那么就存在一个过滤器的优先级问题 优先级的原则 也很简单:根据类名的首字母 客串知识点3: 过滤器内部提供的request和response 是ServletRequest ServletResponse 但是Servlet提供的request和response 是HttpServletRequest HttpServletResponse 然后HttpServletRequest的request和HttpServletResponse的response的功能 是远多于: ServletRequest和ServletResponse的request和response 所以如果该过滤器只需要实现低级功能 就无须转换。 如果该过滤器需要实现高级功能就需要在方法的内部进行强转 HttpServletRequest req = (HttpServletRequest)servletRequest;
6、AFilter类
package com.yyzy.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; @WebFilter("/*") public class AFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("我是A"); filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { } }
7、EncodingFilter类
package com.yyzy.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.IOException; @WebFilter("/*") public class EncodingFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { servletRequest.setCharacterEncoding("utf-8"); filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { } }
8、LoginFilter类
package com.yyzy.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import java.io.IOException; // login.jsp reg.jsp /LoginServlet /RegServlet / 这5个请求是不需要做校验的 @WebFilter("/*") public class LoginFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest)servletRequest; // login.jsp reg.jsp /LoginServlet /RegServlet / 这5个请求是不需要做校验的 System.out.println("获取当前的请求的URL地址是" + req.getRequestURI()); String url[] = {"/login.jsp" ,"/reg.jsp" ,"/LoginServlet" ,"/RegServlet" ,"/" }; for(int i = 0 ; i<url.length ; i++){ if(req.getRequestURI().equals(url[i])){ filterChain.doFilter(servletRequest,servletResponse); return; } } String info = (String)req.getSession().getAttribute("info"); System.out.println(info); if("登录成功".equals(info)){ filterChain.doFilter(servletRequest,servletResponse); }else{ System.out.println("校验失败~~~"); req.setAttribute("info","休想非法访问"); servletRequest.getRequestDispatcher("login.jsp").forward(servletRequest,servletResponse); } } @Override public void destroy() { } }
9、TestFilter类
package com.yyzy.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.IOException; @WebFilter("/*") public class TestFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("我要过滤了Test"); System.out.println("过滤完毕Test"); filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { } }
10、ZFilter类
package com.yyzy.filter; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import java.io.IOException; @WebFilter("/*") public class ZFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("我是Z"); filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { } }
11、DelServlet类
package com.yyzy.servlet; import com.yyzy.dao.UserinfoDao; import com.yyzy.entity.Userinfo; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; @WebServlet("/DelServlet") public class DelServlet extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { int id = Integer.parseInt( req.getParameter("id")); UserinfoDao ud = new UserinfoDao(); boolean b = ud.del(id); if (b){ List<Userinfo> list = ud.queryAll(); req.setAttribute("list",list); req.getRequestDispatcher("success.jsp").forward(req,resp); }else{ req.getRequestDispatcher("success.jsp").forward(req,resp); } } }
12、LoginServlet类
package com.yyzy.servlet; import com.yyzy.dao.UserinfoDao; import com.yyzy.entity.Userinfo; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; @WebServlet("/LoginServlet") public class LoginServlet extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { req.setCharacterEncoding("GBK"); String username = req.getParameter( "username"); System.out.println("当前账号为" + username); String password = req.getParameter("password"); UserinfoDao ud = new UserinfoDao(); boolean b = ud.login(username, password); if (b){ req.getSession().setAttribute("info","登录成功"); req.setAttribute("username",username); List<Userinfo> list = ud.queryAll(); req.setAttribute("list",list); req.getRequestDispatcher("success.jsp").forward(req,resp); }else{ req.setAttribute("info","登录失败"); req.getRequestDispatcher("login.jsp").forward(req,resp); } } }
13、RegServlet类
package com.yyzy.servlet; import com.yyzy.dao.UserinfoDao; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @WebServlet("/RegServlet") public class RegServlet extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String username = req.getParameter("username"); String password = req.getParameter("password"); UserinfoDao ud = new UserinfoDao(); boolean b = ud.reg(username, password); if (b){ req.setAttribute("info","注册成功"); req.getRequestDispatcher("reg.jsp").forward(req,resp); }else{ req.setAttribute("info","注册失败"); req.getRequestDispatcher("reg.jsp").forward(req,resp); } } }
14、UpdateServlet类
package com.yyzy.servlet; import com.yyzy.dao.UserinfoDao; import com.yyzy.entity.Userinfo; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; @WebServlet("/UpdateServlet") public class UpdateServlet extends HttpServlet { @Override protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { int id = Integer.parseInt( req.getParameter("id")); String username = req.getParameter("username"); String password = req.getParameter("password"); UserinfoDao ud = new UserinfoDao(); boolean b = ud.update(id,username, password); if (b){ List<Userinfo> list = ud.queryAll(); req.setAttribute("list",list); req.getRequestDispatcher("success.jsp").forward(req,resp); }else{ req.getRequestDispatcher("success.jsp").forward(req,resp); } } }
15、Test测试类
package com.yyzy.test; import com.yyzy.entity.Userinfo; import com.yyzy.util.JDBCUtil; public class Test { public static void main(String[] args) { String str = "4321"; String str1 = "";//加密之后 for(int i = 0 ; i<str.length();i++){ str1 = str1 + (str.charAt(i) + 35); } System.out.println(str1); } }
16、JDBCUtil类
package com.yyzy.util; import java.sql.Connection; import java.sql.DriverManager; import java.sql.SQLException; public class JDBCUtil { //熟练掌握 alt+enter的快捷键 //作用1:帮你处理异常 作用2:帮你自动生成返回值 //如何去用: 哪里红了放哪里 static { try { Class.forName("com.mysql.cj.jdbc.Driver"); } catch (ClassNotFoundException e) { System.out.println("数据库加载失败"); } } public static Connection getConn(){ try { Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/db1", "root", "root"); return connection; } catch (SQLException throwables) { System.out.println("获取连接失败" + throwables); return null; } } }
17、EL表达式
<%@ page contentType="text/html;charset=UTF-8" language="java" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <!-- 如果容器中的数据是简单的单个对象 就使用EL表达式 直接通过 \${xxx}来渲染即可 如果容器中的数据是复杂的集合对象 就使用JSTL表达式 步骤1:1.引入 2.通过foreach标签便利 --> <html> <head> <title>Title</title> <style> td{ width: 200px; } </style> <link href="css/bootstrap.css" rel="stylesheet"> </head> <body> <div align="center"> 欢迎登录成功~~~ ${info} 用户名为:${username} <br> 查询页面 <table class="table table-striped table-hover"> <Tr> <td>编号</td> <td>账号</td> <td>密码</td> <td>删除</td> <td>修改</td> </Tr> <!--后面的tr td都要从数据库中查询数据,然后渲染 --> <c:forEach items="${list}" var="aaa" > <Tr> <td>${aaa.id}</td> <td>${aaa.username}</td> <td>${aaa.password}</td> <td><button id="${aaa.id}" class="btn btn-outline-danger">删除</button> </td> <td><button class="btn btn-outline-warning"><a href="update.jsp?id=${aaa.id}&username=${aaa.username}&password=${aaa.password}">修改</a></button></td> </Tr> </c:forEach> </table> </div> <script src="js/bootstrap.js" ></script> <script> var btn = document.getElementsByClassName("btn-outline-danger"); for(let i = 0;i<btn.length;i++){ btn[i].onclick = function (){ let b = confirm("是否删除?"); if (b){ //获取当前按钮的id属性 let id = this.getAttribute("id"); location.href = "/DelServlet?id=" + id; } } } </script> </body> </html>
18、update.jsp
<%-- Created by IntelliJ IDEA. User: Administrator Date: 2023/11/20 Time: 10:58 To change this template use File | Settings | File Templates. --%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <html> <head> <title>Title</title> </head> <body> <div align="center"> <h3>修改表单</h3> <form action="/UpdateServlet" method="post"> 编号:<input type="text" name="id" readonly value="${param.id}" > <br> 账号:<input type="text" name="username" value="${param.username}" > <br> 密码:<input type="text" name="password" value="${param.password}" ><br> <input type="submit" value="修改"> <hr> <a href="reg.jsp">没有账号?转去注册</a> </form> </div> </body> </html>
19、MD5加密技术
MD5加密技术:一种常见的加密算法,可以对数据进行加密。
注意:注册的时候进行加密然后存在数据库中
注意:登录的时候也要进行加密,然后和数据库加密之后的数据进行对比。
例如密码:1234 加密之后变成了 abcd。
所以登录的时候依然使用1234进行登录。然后将加密之后的1234 和abcd进行对比。
如何使用MD5加密技术:
1.导入jar包
2.创建MD5对象:
Mademd5 md = new Mademd5();
String str = "1234";//原密码
String s = md.toMd5(str);//加密之后的密码
System.out.println(s);
专业技术扫盲:
什么叫数据的不可逆性:
只能从A变成B
无法将B反推成A
数据的穷举法:
一个一个去测试。 当你测试出1234的加密是abcd 就可以得出一个结论abcd经过解密之后是1234
20、Cookie技术
Cookie技术讲解:
什么Cookie :
保存在客户端的一段字符串。 格式为:key-value
如何在浏览器查看Cookie:
F12 application
应用场景: 自动登录 记住账号 浏览记录 查询记录
Cookie的优点:保存在客户端 减轻服务器的压力
Cookie的缺点:保存在客户端 容易被非法用户获取
Cookie的备注:
生命周期: 默认的有效期 一次会话(浏览器打开到关闭为一次会话)
无法跨域: 这是浏览器自带的安全机制而非Cookie的
如何在Servlet中创建Cookie
//1.创建一个Key为username value为username的Cookie
Cookie c1 = new Cookie("username" , username);
//2.设置Cookie的生命周期单位是秒
c1.setMaxAge(3600*24*31);//一个月
//3.将其添加进浏览器
resp.addCookie(c1);