目录
smbms
浏览器项目中出现乱码问题:配置tomcat启动参数-Dfile.encoding=UTF-8
技术亮点
-
可以使用EL表达式将请求信息提取到登录页面
-
使用json实现前后端分离
-
使用ajax更新部分网页技术
-
对增删改需要启动事务处理,对事务的特性有更清晰的认识
-
可以使用StringBuffer实现字符串拼接,以及使用HashMap封装键值对参数传递到前端,使用List集合将多个User类封装保存,可以使用list集合拼接参数,使用Object集合传递参数
-
对MVC三层架构得到清晰认识,实现职责分明,便于后期维护以及开发
-
多使用标识符切换控制
-
深入理解了重定向和请求转发的区别
-
在后端重定向路径需要填写当前的项目路径再加上转发的位置,请求转发只需要填写转发的位置
-
重定向请求路径会发生改变,请求转发不会
-
-
每编写完一个servlet就马上注册(以后可以直接使用springMVC框架)
-
通过模糊查询获取信息
-
业务层可以说是一个桥梁,调用Dao层,供控制层使用
系统功能结构图
数据库
项目搭建准备工作
-
搭建一个模板maven webapp项目
-
配置Tomcat
-
测试项目能否运行起来
-
导入所依赖的jar包:
-
servlet 实现servlet接口
-
jsp jsp标签
-
mysql-connector-java java连接数据库
-
jstl jsp标签库
-
standard jsp标签库所依赖的包
-
-
搭建项目结构
-
编写实体类
ORM映射:表----->类
-
编写基本公共类
-
数据库配置文件
driver=com.mysql.cj.jdbc.Driver url=jdbc:mysql://localhost:3306/smbms?useUnicode=true&characterEncoding=utf8&useSSL=true username=root password=123456
-
编写数据库的公共类
//操作数据库的公共类 public class BaseDao { private static String driver; private static String url; private static String username; private static String password; //静态代码块同类初始化,在类加载的时候就初始化 static { //通过类加载器去读取对应的资源 ClassLoader loader = BaseDao.class.getClassLoader(); InputStream is = loader.getResourceAsStream("db.properties"); Properties properties = new Properties(); try { properties.load(is); } catch (IOException e) { e.printStackTrace(); } driver = properties.getProperty("driver"); url = properties.getProperty("url"); username = properties.getProperty("username"); password = properties.getProperty("password"); } //获取数据库的连接 public static Connection getConnection(){ Connection connection = null; try { Class.forName(driver); connection = DriverManager.getConnection(url, username, password); } catch (Exception e) { e.printStackTrace(); } return connection; } /* 预编译的sql,执行的时候不需要传sql */ //编写查询的公共类 public static ResultSet execute(Connection connection,String sql,Object[] param,PreparedStatement statement,ResultSet resultSet){ try { statement = connection.prepareStatement(sql); //setObject,占位符从1开始,参数下标从0开始 for (int i = 0; i < param.length ; i++) { statement.setObject(i+1,param[i]); } resultSet = statement.executeQuery(); } catch (SQLException e) { e.printStackTrace(); } return resultSet; } //编写增删改的公共类 public static int execeute(Connection connection,String sql,Object[] param,PreparedStatement statement){ int resultNum = 0; try { statement = connection.prepareStatement(sql); for (int i = 0; i < param.length ; i++) { statement.setObject(i+1,param[i]); } resultNum = statement.executeUpdate(); } catch (SQLException e) { e.printStackTrace(); } return resultNum; } //关闭资源的公共类 public static boolean close(Connection connection,PreparedStatement statement,ResultSet resultSet){ boolean flag = true; if (resultSet != null){ try { resultSet.close(); //垃圾回收的操作 resultSet = null; } catch (SQLException e) { e.printStackTrace(); //如果没有释放成功 flag = false; } } if (statement != null){ try { statement.close(); statement = null; } catch (SQLException e) { e.printStackTrace(); flag = false; } } if (connection != null){ try { connection.close(); connection = null; } catch (SQLException e) { e.printStackTrace(); flag = false; } } return flag; } }
-
编写字符编码过滤器
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { servletRequest.setCharacterEncoding("utf-8"); servletResponse.setCharacterEncoding("utf-8"); filterChain.doFilter(servletRequest, servletResponse); }
-
-
导入静态资源
登录功能实现
思路:
-
编写前端登录页面------> login.jsp
-
设置欢迎页面,让服务器已启动就跳转到登录页面
<!-- 设置欢迎页 --> <welcome-file-list> <welcome-file>login.jsp</welcome-file> </welcome-file-list>
-
编写Dao层得到用户登录的接口
//从数据库查询指定的用户,这里不需要获取连接数据库对象,交给业务层去做 public User getLoginUser(Connection connection,String userCode) throws SQLException;
-
编写Dao层的实现类
public class UserDaoImpl implements UserDao { public User getLoginUser(Connection connection, String userCode) throws SQLException { PreparedStatement statement = null; ResultSet rs = null; User user = null; if (connection != null){ String sql = "select * from `smbms_user` where userCode=?"; Object[] param = {userCode}; rs = BaseDao.execute(connection, sql, param, statement, rs); while (rs.next()){ user = new User(); //将这些值丢给用户 user.setId(rs.getInt("id")); user.setUserCode(rs.getString("userCode")); user.setUserName(rs.getString("userName")); user.setUserPassword(rs.getString("userPassword")); user.setGender(rs.getInt("gender")); user.setBirthday(rs.getDate("birthday")); user.setPhone(rs.getString("phone")); user.setAddress(rs.getString("address")); user.setUserRole(rs.getInt("userRole")); user.setCreatedBy(rs.getInt("createdBy")); user.setModifyBy(rs.getInt("modifyBy")); user.setModifyDate(rs.getDate("modifyDate")); } BaseDao.close(null,statement,rs); } return user; } }
-
编写业务层接口
//用户登录 public User login(String userCode,String password) throws SQLException;
-
编写业务层实现类
public class UserServiceImpl implements UserService { //业务层都会调用Dao层,所以我们要引入Dao层 private UserDao userDao = null; public UserServiceImpl(){ userDao = new UserDaoImpl(); } public User login(String userCode, String password){ Connection connection = null; User user = null; try { connection = BaseDao.getConnection(); //通过业务层调取对应的具体的数据库的数据 user = userDao.getLoginUser(connection,userCode,password); } catch (SQLException e) { e.printStackTrace(); }finally { BaseDao.close(connection,null,null); } return user; } @Test public void test(){ UserServiceImpl userService = new UserServiceImpl(); User admin = userService.login("admin", "12345678"); System.out.println(admin.getAddress()); } }
-
编写servlet:用于获取前端请求的参数,并调用业务层判断是否存在该用户
public class LoginServlet extends HttpServlet { //servlet控制层:调用业务层 private UserService userService = new UserServiceImpl(); @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { System.out.println("LoginServlet-start..."); //获取前端数据 String userCode = req.getParameter("userCode"); String userPassword = req.getParameter("userPassword"); User user = null; //调用业务层相应的操作:和数据库的用户做对比 try { user = userService.login(userCode,userPassword); if (user != null){ //将用户的信息放到session中 req.getSession().setAttribute(Constant.USER_SESSION,user); //跳转到主页 resp.sendRedirect("/resmbms/jsp/frame.jsp"); }else { //使用请求转发到登录页面,并提示用户名或密码错误 req.setAttribute("error","用户名或密码不正确"); req.getRequestDispatcher("/login.jsp").forward(req,resp); } } catch (SQLException e) { e.printStackTrace(); } } @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet(req, resp); } }
-
注册servlet
<servlet> <servlet-name>LoginServlet</servlet-name> <servlet-class>com.kuang.servlet.user.LoginServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LoginServlet</servlet-name> <url-pattern>/login.do</url-pattern> </servlet-mapping>
登录功能优化
登录注销功能实现
-
编写servlet:用于移除session属性,再返回登录页面
@Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { req.getSession().removeAttribute(Constant.USER_SESSION); resp.sendRedirect("/resmbms/login.jsp"); }
-
注册servlet
<servlet> <servlet-name>LogoutServlet</servlet-name> <servlet-class>com.kuang.servlet.user.LogoutServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>LogoutServlet</servlet-name> <url-pattern>/jsp/logout.do</url-pattern> </servlet-mapping>
登录拦截优化
-
为了保证用户注销之后不能再进入主页,需要设置过滤器
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; Object userSession = request.getSession().getAttribute(Constant.USER_SESSION); if (userSession == null){ response.sendRedirect("/resmbms/error.jsp"); }else filterChain.doFilter(servletRequest, servletResponse); }
-
注册过滤器
<filter> <filter-name>SysFilter</filter-name> <filter-class>com.kuang.filter.SysFilter</filter-class> </filter> <filter-mapping> <filter-name>SysFilter</filter-name> <url-pattern>/jsp/*</url-pattern> </filter-mapping>
密码修改
实现增删改查,必须自低向上去编写
-
编写Dao层的接口
//修改当前用户密码 public int pwdModify(Connection connection,int id,String password);
-
编写Dao层的实现类
//修改当前用户密码 public int pwdModify(Connection connection, int id, String password) { PreparedStatement statement = null; int resultNum = 0; if (connection != null){ String sql = "update `smbms_user` set userPassword = ? where id = ? "; Object[] param = {password,id}; resultNum = BaseDao.execeute(connection, sql, param, statement); BaseDao.close(null,statement,null); } return resultNum; }
-
编写业务层的接口
//修改当前用户密码 public int pwdModify(int id,String password);
-
编写业务层的实现类
//修改当前用户密码 public int pwdModify(int id, String password) { Connection connection = BaseDao.getConnection(); int resultNum = userDao.pwdModify(connection, id, password); BaseDao.close(connection,null,null); return resultNum; }
-
编写控制层
//修改密码 protected void pwdModify(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { //从前端获取新密码参数 String newPassword = req.getParameter("newpassword"); //从session中拿到id //别急,先判断一下拿到的是否存在,代码优化就在这一块 // User user = (User) req.getSession().getAttribute(Constant.USER_SESSION); Object o = req.getSession().getAttribute(Constant.USER_SESSION); boolean flag = false; if (o != null && !StringUtils.isNullOrEmpty(newPassword)){ UserService userService = new UserServiceImpl(); flag = userService.pwdModify(((User)o).getId(), newPassword); if (flag){//表示修改成功 //给请求携带一个参数 req.setAttribute(Constant.MESSAGE,"密码修改成功,请退出,使用新密码登录"); //密码修改完成,立即移除session req.getSession().removeAttribute(Constant.USER_SESSION); }else {//修改失败 //给请求携带一个参数 req.setAttribute(Constant.MESSAGE,"密码修改失败"); } }else { //给请求携带一个参数 req.setAttribute(Constant.MESSAGE,"新密码有问题"); } req.getRequestDispatcher("pwdmodify.jsp").forward(req,resp); }
-
注册servlet
<servlet> <servlet-name>UserServlet</servlet-name> <servlet-class>com.kuang.servlet.user.UserServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>UserServlet</servlet-name> <url-pattern>/jsp/user.do</url-pattern> </servlet-mapping>
密码修改遇到的问题:
由于没有验证旧密码,清除旧密码验证,又因为浏览器有缓存旧密码,使得不验证旧密码就无法提交
解决:清除浏览器缓存
问题:清除缓存后,css样式加载不出来,查看响应类型是text/html而不是text/css
原因:在字符编码过滤器中将所有页面信息以html的类型展示
使用servlet复用,在doGet中调用其方法
优化密码修改使用AJAX
-
使用json实现前后端交互
-
阿里巴巴的fastjson
<!-- https://mvnrepository.com/artifact/com.alibaba/fastjson --> <dependency> <groupId>com.alibaba</groupId> <artifactId>fastjson</artifactId> <version>1.2.78</version> </dependency>
-
-
编写servlet
//验证旧密码 public void pwdmodify(HttpServletRequest req, HttpServletResponse resp){ //session中有用户的密码,从里面取旧密码,与前端传递过来的参数做对比 String oldpassword = req.getParameter("oldpassword"); Object o = req.getSession().getAttribute(Constant.USER_SESSION); //使用map封装数据,一切的东西都可以使用map去保存 HashMap<String, String> resultMap = new HashMap<String, String>(); if (o==null){//session过期或者session已经失效 resultMap.put("result","sessionerror"); }else if(StringUtils.isNullOrEmpty(oldpassword)){//旧密码输入为空 resultMap.put("result","error"); }else { if (oldpassword.equals(((User)o).getUserPassword())){//旧密码输入正确 resultMap.put("result","true"); }else { resultMap.put("result","false"); } } //因为前端使用json,需要将map转换为json格式,让前端接收 try { //设置返回类型 resp.setContentType("application/json"); //将map转换成json格式输出,使用阿里巴巴的Json工具类 PrintWriter writer = resp.getWriter(); writer.write(JSONArray.toJSONString(resultMap)); writer.flush(); //关闭流操作 writer.close(); } catch (IOException e) { e.printStackTrace(); } }
用户管理实现
思路:
面向对象三大特性:
-
封装(属性私有,get/set方法,在set方法中情况一些不安全的情况)
-
继承
-
多态
-
导入分页的工具类
-
查看用户管理需要使用到哪些页面
-
userlist.jsp
-
1. 获取查询的用户数量
-
编写Dao层的接口
//根据用户名或用户角色查询用户总数 public int getUserCount(Connection connection,String username,int userRole) throws SQLException;
-
编写Dao层的实现类
//根据用户名或用户角色查询用户总数 public int getUserCount(Connection connection, String username, int userRole) throws SQLException { PreparedStatement statement = null; //不能使用Integer去包装,Integer可以为null,这里返回的的结果是始终是int类型 int count = 0; ResultSet rs = null; if (connection != null){ //使用list集合去封装参数 ArrayList<Object> params = new ArrayList<Object>(); //因为根据用户角色或用户名的条件查询,需要使用StringBuffer去拼接字符串 StringBuffer sb = new StringBuffer("SELECT count(1) 'count' from `smbms_user` u,`smbms_role` r WHERE u.userRole = r.id"); if (!StringUtils.isNullOrEmpty(username)){ sb.append(" and userName like ?"); params.add("%"+username+"%"); } if (userRole > 0){ sb.append(" and userRole = ?"); params.add(userRole); } rs = BaseDao.execute(connection, sb.toString(), params.toArray(), statement, rs); if (rs.next()){ count = rs.getInt("count"); } BaseDao.close(null,statement,rs); System.out.println("UserDaoImpl--->getUserCount:"+sb.toString()); } //如果上面的两个条件都满足,那么岂不是有两个and return count; }
-
编写service层的接口
//根据用户名或用户角色查询用户总数 public int getUserCount(String username,int userRole) throws SQLException;
-
编写service层的实现类
public int getUserCount(String username, int userRole) throws SQLException { Connection connection = BaseDao.getConnection(); int count = userDao.getUserCount(connection, username, userRole); BaseDao.close(connection,null,null); return count; }
2. 实现用户列表展示
-
UserDao
//查询用户列表 public List<User> getUserList(Connection connection,String username,int userRole,int currentPageNo,int pageSize) throws SQLException;
-
UserDaoImpl
public List<User> getUserList(Connection connection, String username, int userRole, int currentPageNo, int pageSize) throws SQLException { PreparedStatement statement = null; ResultSet rs = null; //使用ArrayList将用户信息封装到里面 ArrayList<User> users = new ArrayList<User>(); User user = null; if (connection != null){ //使用list集合去封装参数 ArrayList<Object> params = new ArrayList<Object>(); //因为根据用户角色或用户名的条件查询,需要使用StringBuffer去拼接字符串 StringBuffer sql = new StringBuffer("SELECT * from `smbms_user` u,`smbms_role` r WHERE u.userRole = r.id"); if (!StringUtils.isNullOrEmpty(username)){ sql.append(" and userName like ?"); params.add("%"+username+"%"); } if (userRole > 0){ sql.append(" and userRole = ?"); params.add(userRole); } //起始下标 int pageIndex = (currentPageNo - 1) * pageSize; sql.append(" order by u.creationDate DESC limit ?,?"); params.add(pageIndex); params.add(pageSize); rs = BaseDao.execute(connection, sql.toString(), params.toArray(), statement, rs); while (rs.next()){ user = new User(); user.setId(rs.getInt("id")); user.setUserCode(rs.getString("userCode")); user.setUserName(rs.getString("userName")); user.setUserPassword(rs.getString("userPassword")); user.setGender(rs.getInt("gender")); user.setBirthday(rs.getDate("birthday")); user.setPhone(rs.getString("phone")); user.setAddress(rs.getString("address")); user.setUserRole(rs.getInt("userRole")); user.setCreatedBy(rs.getInt("createdBy")); user.setModifyBy(rs.getInt("modifyBy")); user.setModifyDate(rs.getDate("modifyDate")); user.setId(rs.getInt("id")); user.setUserCode(rs.getString("userCode")); user.setUserName(rs.getString("userName")); user.setUserPassword(rs.getString("userPassword")); user.setGender(rs.getInt("gender")); user.setBirthday(rs.getDate("birthday")); user.setPhone(rs.getString("phone")); user.setAddress(rs.getString("address")); user.setUserRole(rs.getInt("userRole")); user.setCreatedBy(rs.getInt("createdBy")); user.setModifyBy(rs.getInt("modifyBy")); user.setModifyDate(rs.getDate("modifyDate")); users.add(user); } BaseDao.close(null,statement,rs); System.out.println("UserDaoImpl--->getUserCount:"+sql.toString()); } return users; }
-
UserService
//根据条件查询用户列表 public List<User> getUserList(String username,int userRole,int currentPageNo,int PageSize) throws SQLException;
-
UserServiceImpl
//查询用户列表 public List<User> getUserList(String username, int userRole, int currentPageNo, int pageSize) throws SQLException { ArrayList<User> users = new ArrayList<User>(); Connection connection = BaseDao.getConnection(); users = (ArrayList<User>) userDao.getUserList(connection, username, userRole, currentPageNo, pageSize); BaseDao.close(connection,null,null); return users; }
3. 获取角色列表
为了我们的职责分明,需要将角色列表另一起一个包,便于代码的维护
-
RoleDao
//获取角色列表 public List<Role> getRoleList(Connection connection) throws SQLException;
-
RoleDaoImpl
//获取角色列表 public List<Role> getRoleList(Connection connection) throws SQLException { System.out.println("UserDaoImpl--->getRoleList"); ArrayList<Role> roles = new ArrayList<Role>(); PreparedStatement statement = null; ResultSet resultSet = null; Role role = null; if (connection != null){ String sql = "select * from smbms_role "; Object[] params = {}; System.out.println(params.length); resultSet = BaseDao.execute(connection, sql, params, statement, resultSet); while (resultSet.next()){ role = new Role(); role.setId(resultSet.getInt("id")); role.setRoleCode(resultSet.getString("roleCode")); role.setRoleName(resultSet.getString("roleName")); role.setCreatedBy(resultSet.getInt("createdBy")); role.setModifyBy(resultSet.getInt("modifyBy")); role.setCreationDate(resultSet.getDate("creationDate")); role.setModifyDate(resultSet.getDate("modifyDate")); roles.add(role); } BaseDao.close(null,statement,resultSet); } return roles; }
-
RoleService
//查询角色列表 public List<Role> getRoleList() throws SQLException;
-
RoleServiceImpl
public List<Role> getRoleList() throws SQLException { System.out.println("RoleServiceImpl--->getRoleList"); List<Role> roles = new ArrayList<Role>(); Connection connection = BaseDao.getConnection(); roles = roleDao.getRoleList(connection); BaseDao.close(connection,null,null); return roles; }
4. 整合资源到Servlet
-
获取前端参数,其实就是为了查询做准备
-
实现分页操作,需要用到页面大小,总页数,总条数,页面数...
-
获取用户列表
-
根据前端需要的参数,进行传参
-
返回前端
public void query(HttpServletRequest req, HttpServletResponse resp) {
//获取前端数据
String userName = req.getParameter("queryname");
String temp = req.getParameter("queryUserRole");
String pageIndex = req.getParameter("pageIndex");
//如果用户未输入任何东西,要将页面展示出来,我们需设置一些初识值
if (userName == null){
userName = "";
}
int userRole = 0;
if (temp != null && !temp.equals("")){
userRole = Integer.parseInt(temp);
}
//第一次访问用户管理,一定是第一页,而且页面大小固定
int pageSize = 2;
int currentPageNo = 1;
if (pageIndex != null){
currentPageNo = Integer.parseInt(pageIndex);
}
UserService userService = new UserServiceImpl();
List<User> userList = null;
//获取用户总数,这里可以实现分页操作
int totalCount = 0;
try {
totalCount = userService.getUserCount(userName, userRole);
} catch (SQLException e) {
e.printStackTrace();
}
//引入总页数的支持
PageSupport pageSupport = new PageSupport();
pageSupport.setPageSize(pageSize);
pageSupport.setTotalCount(totalCount);
pageSupport.setCurrentPageNo(currentPageNo);
//控制首页和尾页,不让其溢出
int totalPageCount = pageSupport.getTotalPageCount();
if (currentPageNo > totalPageCount) {//超出总页数,就显示最后一页
currentPageNo = totalPageCount;
}else if (currentPageNo < 1){//出现负页数,就显示第一页
currentPageNo = 1;
}
//获取用户列表展示
try {
//获取用户列表展示
userList = userService.getUserList(userName, userRole, currentPageNo, pageSize);
} catch (SQLException e) {
e.printStackTrace();
}
//获取角色列表展示
RoleService roleService = new RoleServiceImpl();
List<Role> roleList = null;
try {
roleList = roleService.getRoleList();
} catch (SQLException e) {
e.printStackTrace();
}
//给前端传递数据,由于用户查询是执行的每一次请求操作,因此,将信息存放到请求中即可
req.setAttribute("userList",userList);
req.setAttribute("roleList",roleList);
req.setAttribute("queryUserName",userName);
req.setAttribute("queryUserRole",userRole);
req.setAttribute("totalCount",totalCount);
req.setAttribute("currentPageNo",currentPageNo);
req.setAttribute("totalPageCount",totalPageCount);
//返回前端
try {
req.getRequestDispatcher("userlist.jsp").forward(req,resp);
} catch (ServletException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
实现添加用户操作
1. 用户角色列表展示
//添加用户界面中的获取角色列表
public void getRoleList(HttpServletRequest req, HttpServletResponse resp) {
//获取角色列表
RoleService roleService = new RoleServiceImpl();
List<Role> roleList = null;
try {
roleList = roleService.getRoleList();
} catch (SQLException e) {
e.printStackTrace();
}
//将roleList转换成Json格式输出
try {
PrintWriter out = resp.getWriter();
out.write(JSONArray.toJSONString(roleList));
out.flush();
out.close();
} catch (IOException e) {
e.printStackTrace();
}
}
思路:
2. 用户编码判定
-
UserDao
//查询用户 public List<User> query(Connection connection) throws SQLException;
-
UserDaoImpl
//查询所有用户 public List<User> query(Connection connection) throws SQLException { PreparedStatement statement = null; ResultSet resultSet = null; Object[] params = {}; User user = null; List<User> users = new ArrayList<User>(); if (connection != null){ String sql = "select * from `smbms_user`"; resultSet = BaseDao.execute(connection, sql, params, statement, resultSet); while (resultSet.next()){ user = new User(); user.setUserCode(resultSet.getString("userCode")); users.add(user); } BaseDao.close(null,statement,resultSet); System.out.println("UserDaoImpl----->query:" +sql); } return users; }
-
UserService
//查询用户编码 public List<User> query() throws SQLException;
-
UserService
//查询用户 public List<User> query() throws SQLException { System.out.println("UserServiceImpl---->query..."); Connection connection = BaseDao.getConnection(); List<User> userList = userDao.query(connection); BaseDao.close(connection,null,null); return userList; }
-
Servlet
//判断用户编码是否存在 public void isUserExist(HttpServletRequest req, HttpServletResponse resp) { //获取前端参数 String InsertUserCode = req.getParameter("userCode"); //调取业务层 UserService userService = new UserServiceImpl(); List<User> userList = null; try { userList = userService.query(); } catch (SQLException e) { e.printStackTrace(); } //使用Map封装数据 HashMap<String, String> map = new HashMap<String, String>(); if (userList != null){ for (User user:userList){ if (InsertUserCode != null && !StringUtils.isNullOrEmpty(InsertUserCode)) { if (InsertUserCode.equals( user.getUserCode())){//用户已经存在 map.put("userCode","exist"); } } } } //将userList转换成Json格式输出 resp.setContentType("application/json"); PrintWriter out = null; try { out = resp.getWriter(); out.write(JSONArray.toJSONString(map)); out.flush(); out.close(); } catch (IOException e) { e.printStackTrace(); } }
3. 添加用户
-
UserDao
//添加用户 public boolean add(Connection connection,User user);
-
UserDaoImpl
//添加用户 public boolean add(Connection connection,User user) { PreparedStatement statement = null; boolean flag = false; if (connection != null){ //添加事务 try { //开启事务 connection.setAutoCommit(false); String sql = "insert into `smbms_user`(\n" + "userCode,userName,userpassword,gender,birthday,phone,address,userRole,createdBy,creationDate" + ")\n" + "VALUES(?,?,?,?,?,?,?,?,?,?)"; Object[] params = {user.getUserCode(),user.getUserName(),user.getUserPassword(),user.getGender(),user.getBirthday(),user.getPhone(),user.getAddress(),user.getUserRole(),user.getCreatedBy(),user.getCreationDate()}; int resultNum = BaseDao.execeute(connection, sql, params, statement); if (resultNum > 0){ flag = true; } System.out.println("UserDaoImpl--->add:"+sql.toString()); connection.commit(); System.out.println("UserDaoImpl---->add:" + sql); } catch (SQLException e) { try { connection.rollback(); } catch (SQLException ex) { ex.printStackTrace(); } }finally { BaseDao.close(null,statement,null); } } return flag; }
-
Userservice
//添加用户 public boolean add(User user);
-
UserserviceImpl
public boolean add(User user) { System.out.println("UserService---->add...."); Connection connection = BaseDao.getConnection(); boolean flag = false; if (user != null){ flag = userDao.add(connection,user); } BaseDao.close(connection,null,null); return flag; }
-
servlet
//添加用户 public void add(HttpServletRequest req, HttpServletResponse resp) { System.out.println("UserServlet---->add..."); String userCode = req.getParameter("userCode"); String userName = req.getParameter("userName"); String userPassword = req.getParameter("userPassword"); String genderTemp = req.getParameter("gender");//临时变量 String birthdayTemp = req.getParameter("birthday"); String phone = req.getParameter("phone"); String address = req.getParameter("address"); String userRoleTemp = req.getParameter("userRole");//临时变量 System.out.println("--------1---------"); int gender = 1; if (genderTemp != null && !StringUtils.isNullOrEmpty(genderTemp)) { gender = Integer.parseInt(genderTemp); } System.out.println("---------2--------"); Date birthday = null; try { //将日期字符串格式化 birthday = new SimpleDateFormat("yyyy-MM-dd").parse(birthdayTemp); } catch (ParseException e) { e.printStackTrace(); } System.out.println("---------3--------"); int userRole = 0; if (userRoleTemp != null) { userRole = Integer.parseInt(userRoleTemp); } System.out.println("---------4--------"); //将封装到User类中 User user = new User(); user.setUserCode(userCode); user.setUserName(userName); user.setUserPassword(userPassword); user.setGender(gender); user.setBirthday(birthday); user.setPhone(phone); user.setUserRole(userRole); Object o = req.getSession().getAttribute(Constant.USER_SESSION); if (o != null){ user.setCreatedBy(((User) o).getId()); } user.setCreationDate(new Date()); //调取业务层 UserService userService = new UserServiceImpl(); //添加用户 boolean flag = userService.add(user); System.out.println("---------5--------"); System.out.println(flag); //判断是否添加成功 if (flag){ //添加成功之后怎么操作 //返回用户管理界面 this.query(req, resp); }else { //添加失败之后怎么操作 //不必操作,还是在这个页面 } }
删除用户
如何获取指定用户id,前端有直接获取id
-
UserDao
//根据id删除用户 public boolean deleteUser(Connection connection,int id);
-
UserDaoImpl
//根据id删除用户 public boolean deleteUser(Connection connection, int id) { PreparedStatement statement = null; boolean flag = false; if (connection != null){ //添加事务 try { //开启事务 connection.setAutoCommit(false); String sql = "delete from `smbms_user` where id = ?"; Object[] params = {id}; int resultNum = BaseDao.execeute(connection, sql, params, statement); if (resultNum > 0){ flag = true; } connection.commit(); System.out.println("UserDaoImpl---->delete:" + sql); } catch (SQLException e) { try { connection.rollback(); } catch (SQLException ex) { ex.printStackTrace(); } }finally { BaseDao.close(null,statement,null); } } return flag; }
-
UserService
//根据id删除用户 public boolean deleteUser(int id);
-
UserServiceImpl
public boolean deleteUser(int id) { System.out.println("UserService---->delete...."); Connection connection = BaseDao.getConnection(); boolean flag = false; userDao.deleteUser(connection,id); BaseDao.close(connection,null,null); return flag; }
-
Servlet
//删除用户 public void deleteUser(HttpServletRequest req, HttpServletResponse resp) { //从前端获取参数 String userid = req.getParameter("uid"); //调用业务层 UserService userService = new UserServiceImpl(); HashMap<String, String> map = new HashMap<String, String>(); boolean flag = false; if (userid==null && StringUtils.isNullOrEmpty(userid)){ map.put("delResult","notexist"); }else { flag = userService.deleteUser(Integer.valueOf(userid)); if (flag){ map.put("delResult","true"); }else { map.put("delResult","false"); } } try { resp.setContentType("applicaton/json"); PrintWriter writer = resp.getWriter(); writer.write(JSONArray.toJSONString(map)); writer.flush(); writer.close(); } catch (IOException e) { e.printStackTrace(); } }
修改用户
-
分析需求
-
查看请求的路径
思路:
userDao
//根据id修改用户信息
public boolean modifyById(Connection connection,User user);
userDaoImpl
//根据id修改用户信息
public boolean modifyById(Connection connection, User user) {
PreparedStatement statement = null;
boolean flag = false;
if (connection != null){
//添加事务
try {
//开启事务
connection.setAutoCommit(false);
String sql = "update smbms_user set userName=?," +
"gender=?,birthday=?,phone=?,address=?,userRole=?,modifyBy=?,modifyDate=? where id = ? ";
Object[] params = {user.getUserName(), user.getGender(), user.getBirthday(),
user.getPhone(), user.getAddress(), user.getUserRole(), user.getModifyBy(),
user.getModifyDate(), user.getId()};
int resultNum = BaseDao.execeute(connection, sql, params, statement);
if (resultNum > 0){
flag = true;
}
connection.commit();
System.out.println("UserDaoImpl---->modifyById:" + sql);
} catch (SQLException e) {
try {
connection.rollback();
} catch (SQLException ex) {
ex.printStackTrace();
}
}finally {
BaseDao.close(null,statement,null);
}
}
return flag;
}
UserService
//根据id修改用户信息
public boolean modifyById(User user);
UserService
public boolean modifyById(User user) {
System.out.println("UserService---->delete....");
Connection connection = BaseDao.getConnection();
boolean flag = false;
flag = userDao.modifyById(connection,user);
BaseDao.close(connection,null,null);
return flag;
}
servlet
//根据id查询用户信息,返回usermodify.jsp页面
public void modifyById(HttpServletRequest request, HttpServletResponse resp) {
//获取前端参数
String id = request.getParameter("uid");
Integer uid = 0;
//判断是否获取到id值
if (id != null){
uid = Integer.valueOf(id);
}else {
try {
resp.sendRedirect(request.getContextPath() + "/error.jsp");
} catch (IOException e) {
e.printStackTrace();
}
}
//调取业务层
UserService userService = new UserServiceImpl();
User user = null;
try {
user = userService.getUserById(uid);
} catch (SQLException e) {
e.printStackTrace();
}
if (user != null){//用户信息存在
request.setAttribute("user",user);
try {
request.getRequestDispatcher("usermodify.jsp").forward(request,resp);
} catch (ServletException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
//根据id修改用户,返回用户列表页面
public void modifyExe(HttpServletRequest request, HttpServletResponse resp) {
System.out.println("UserServlet----->modifyExe...");
//从前端获取参数
String id = request.getParameter("uid");
String userName = request.getParameter("userName");
String gender = request.getParameter("gender");
String birthday = request.getParameter("birthday");
String phone = request.getParameter("phone");
String address = request.getParameter("address");
String userRole = request.getParameter("userRole");
System.out.println("UserServlet----->modifyById:"+ id);
User user = new User();
user.setId(Integer.valueOf(id));
user.setUserName(userName);
user.setGender(Integer.valueOf(gender));
try {
user.setBirthday(new SimpleDateFormat("yyyy-MM-dd").parse(birthday));
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
System.out.println("出现异常...");
}
user.setPhone(phone);
user.setAddress(address);
user.setUserRole(Integer.valueOf(userRole));
user.setModifyBy(((User) request.getSession().getAttribute(Constant.USER_SESSION)).getId());
user.setModifyDate(new Date());
//调取业务层
UserService userService = new UserServiceImpl();
boolean flag = false;
try {
flag = userService.modifyById(user);
} catch (Exception e) {
e.printStackTrace();
}
//这里不需要请求当中携带参数过去,需要用户自己输入request.setAttribute("user",user);
if (flag){//修改成功,重定向到用户列表页面
try {
resp.sendRedirect(request.getContextPath()+"/jsp/user.do?method=query");
} catch (IOException e) {
e.printStackTrace();
}
}else {//修改失败。可以不跳转,也可以重新转发到当前页面
try {
request.getRequestDispatcher("usermodify.jsp").forward(request,resp);
} catch (ServletException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}
查询指定用户信息
//根据id查询用户信息,返回userview.jsp页面
public void getUserById(HttpServletRequest req, HttpServletResponse resp) {
System.out.println("-----------1-----------");
String uid = req.getParameter("uid");
System.out.println(uid);
Integer id = 0;
try{
id = Integer.valueOf(uid);
}catch (Exception e){
//做一些异常处理 handle exception
id = 0;
}
System.out.println("-----------2-----------");
//调取业务层
UserService userService = new UserServiceImpl();
User user = null;
try {
user = userService.getUserById(id);
} catch (SQLException e) {
e.printStackTrace();
}
System.out.println(user);
req.setAttribute("user",user);
try {
req.getRequestDispatcher("userview.jsp").forward(req,resp);
} catch (ServletException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
订单管理实现
供应商管理实现
总结
简单的用户管理权限实现优化
-
从session中获取当前用户信息
-
判断用户是否为系统管理员
-
如果不是系统管理员,就返回权限不够页面
-
如果是就通行
用户权限需要使用过滤器
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
User user = (User) session.getAttribute(Constant.USER_SESSION);
if (!user.getUserCode().equals("admin")){
response.sendRedirect(request.getContextPath()+"/jsp/powererror.jsp");
}else {
filterChain.doFilter(servletRequest, servletResponse);
}
}
注册过滤器
<filter>
<filter-name>AuthorityFilter</filter-name>
<filter-class>com.kuang.filter.AuthorityFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AuthorityFilter</filter-name>
<!--指定具体的拦截路径-->
<url-pattern>/jsp/user.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthorityFilter</filter-name>
<url-pattern>/jsp/bill.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AuthorityFilter</filter-name>
<url-pattern>/jsp/provider.do</url-pattern>
</filter-mapping>