import java.io.IOException;
import javax.servlet.Servlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import com.dao.UserDAO;
//这是控制层
public class UserServlet implements Servlet {
public void destroy() {
// TODO Auto-generated method stub
}
public ServletConfig getServletConfig() {
// TODO Auto-generated method stub
return null;
}
public String getServletInfo() {
// TODO Auto-generated method stub
return null;
}
public void init(ServletConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
/*
* 1.接收请求参数 2.调用业务(dao) 3.视图分发
*/
public void service(ServletRequest request, ServletResponse response)
throws ServletException, IOException {
// 处理中文,只能处理post提交
request.setCharacterEncoding("utf-8");
// 1.接收参数,双引号的username就是login.jsp中的用户名的<input type=text name=username
String username = request.getParameter("username");
String password = request.getParameter("password");
// 处理get
// username = new String(username.getBytes("iso8859-1"),"utf-8");
// System.out.println(username);
// System.out.println(password);
// 2.调用业务(dao)
UserDAO userDAO = new UserDAO();
boolean f = userDAO.checkLogin(username, password);
// 3.视图分发
if (f) {
//转发
request.getRequestDispatcher("/yes.jsp").forward(request, response);
} else {
//重定向
HttpServletResponse res = (HttpServletResponse)response;
res.sendRedirect("login.jsp");
}
}
}
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
//这是模型层
public class UserDAO {
// 登陆
//1' or '1'='1
public boolean checkLogin(String username, String password) {
String sql = "select * from users where username=? and password=?";
try {
//加载驱动
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
//建立连接
Connection con = DriverManager.getConnection(
"jdbc:sqlserver://127.0.0.1:1433;DatabaseName=test", "sa",
"sasa");
PreparedStatement ps = con.prepareStatement(sql);
ps.setObject(1, username);
ps.setObject(2, password);
ResultSet rs = ps.executeQuery();
if (rs.next()) {
return true;
}
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return false;
}
}
//这是web.xml的配置
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!-- servlet注册 -->
<servlet>
<servlet-name>FirstServlet</servlet-name>
<servlet-class>com.servlets.UserServlet</servlet-class>
</servlet>
<!-- servlet映射 -->
<servlet-mapping>
<servlet-name>FirstServlet</servlet-name>
<url-pattern>/go</url-pattern>
</servlet-mapping>
</web-app>
//这是是视图层
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<form action='go' method="post">
用户名:<input type=text name=username> <br>
密码:<input type=password name=password> <br>
<input type=submit value="登陆">
</form>