微信公众平台深度开发JAVA版第一季 20.微信猜数字活动2

122336_j1SN_3206447.png

Surround With->Try/Catch Block.

133950_qypB_3206447.png

INSERT-TimeStamp尽量不要这么去用,它会给你的查询带来困惑.

insert into huo (openid,shuzi) values ('x','1');

134255_BtWq_3206447.png

Creates a PreparedStatement object for sending parameterized SQL statements to the database. 
A SQL statement with or without IN parameters can be pre-compiled and stored in a PreparedStatement object. This object can then be used to efficiently execute this statement multiple times. 

PrepareStatement帮你很好地解决了SQL注入的问题.就是你每条SQL的这么一个问题.但是PrepareStatement针对不同的数据库它会有一个不同的实现,有些个数据库可能你这个JDK的版本它这个简单的拼装一下或者是替换一下,这个你要注意一下看看你使用的是什么驱动.

不去过多的涉及到跟J2EE/J2SE的东西了.

package net.server;

import java.sql.Connection;
import java.sql.SQLException;
import java.sql.Statement;

import net.db.DBUtil;

public class HouServer {
	/**
	 * 保存记录
	 * @param openid
	 * @param shuzi
	 * @throws SQLException 
	 */
    public static void saveJiLu(String openid,String shuzi) throws SQLException{//Server层的异常推荐使用向外抛出异常的方式.
    	//因为你要通知外面这个Server执行的有错误.
    	Connection conn = DBUtil.getConn();
    	Statement stmt = conn.createStatement();
    	//conn.prepareStatement(sql);//PrepareStatement是预编译/预处理,Statement就不行了
    	//Statement是PrepareSatement的父类/父接口.
    	String sql = "insert into huo (openid,shuzi) values ('"+openid+"','"+shuzi+"');";
    	stmt.executeUpdate(sql);
    	if(null!=stmt){
    		stmt.close();
    	}
    	//关Connection涉及到一个数据源的问题.数据源/连接池,什么时候是真关闭(物理关闭),什么时候是逻辑关闭
    	//有人会用自己开发的数据源对Connection进行管理.关于数据库操作这一部分求职的时候会很容易被问到.
    	if(null!=conn){
    		conn.close();
    	}
    }
}
package net.db;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;

//以后用到什么数据源了再在这块替换.现在先写这个意思
public class DBUtil {
   public static Connection getConn(){
	   Connection conn = null;
	   try {
		Class.forName("com.mysql.jdbc.Driver");
		   //这块不读配置文件(properties/xml)
		   //先写业务逻辑,后期再重构recode,读配置文件/用mybatis/hibernate/其他自己封装的第三方的连接数据库的东西
		conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/wx","root","");
		   //至少是一个数据库对应一个用户
		   //有的账号只允许添加操作,有的账号只允许修改操作,有的账号只有查询权限
		   //Oracle里面有些个角色的这些东西
		   //写程序要考虑周全
		   
	} catch (ClassNotFoundException e1) {
		// TODO Auto-generated catch block
		e1.printStackTrace();
	}
 catch (SQLException e) {
		// TODO Auto-generated catch block
		e.printStackTrace();
	}

	   return conn;
   }
}
package net.wxinterface;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.Map;

import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.dom4j.DocumentException;

import wx.event.Subscribe_Unsubscribe;
import wx.in.In;
import wx.in.In_Image;
import wx.in.In_Text;
import wx.in.In_Util;
import wx.in.In_Video;
import wx.in.In_Voice;
import wx.out.Out_Image;
import wx.out.Out_News;
import wx.out.Out_Text;
import wx.out.Out_Video;
import wx.out.Out_Voice;
import wx.util.Util;

import com.imooc.po.TextMessage;
import com.imooc.util.MessageUtil;
public class WX_Interface extends HttpServlet {

	/**
	 * Constructor of the object.
	 */
	public WX_Interface() {
		super();
	}

	/**
	 * Destruction of the servlet. <br>
	 */
	public void destroy() {
		super.destroy(); // Just puts "destroy" string in log
		// Put your code here
	}

	/**
	 * The doGet method of the servlet. <br>
	 *
	 * This method is called when a form has its tag value method equals to get.
	 * 
	 * @param request the request send by the client to the server
	 * @param response the response send by the server to the client
	 * @throws ServletException if an error occurred
	 * @throws IOException if an error occurred
	 */
	public void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		//΢�ż���ǩ��,signature����˿�������д��tocken����������е�timestamp����nonce����
		String signature = request.getParameter("signature");
		//ʱ���
		String timestamp = request.getParameter("timestamp");
		//����� 
		String nonce = request.getParameter("nonce");
		
		String echostr = request.getParameter("echostr");
		
		String tocken = "test";
		try{
			if(null != signature){
			String[] ArrTmp = {tocken,timestamp,nonce};	
			Arrays.sort(ArrTmp);
			StringBuffer sb = new StringBuffer();
			for(int i=0;i<ArrTmp.length;i++){
				sb.append(ArrTmp[i]);
			}
			MessageDigest md = MessageDigest.getInstance("SHA-1");
			byte[] bytes = md.digest(new String(sb).getBytes());
			StringBuffer buf = new StringBuffer();
			for(int i=0;i<bytes.length;i++){
				if(((int)bytes[i] & 0xff)<0x10){
					buf.append("0");
				}
				buf.append(Long.toString((int) bytes[i] & 0xff,16));
				
			}
			if(signature.equals(buf.toString())){
				response.getOutputStream().println(echostr);
			}
		}
	}catch(Exception e){
			e.printStackTrace();
		}
		
		System.out.println("test0");

		
		System.out.println("doGet");
		System.out.println("signature     "+signature);
		System.out.println("timstamp      "+timestamp);
		System.out.println("nonce         "+nonce);
		System.out.println("echostr         "+echostr);
		
		
		System.out.println("doGet");
	
	}

	/**
	 * The doPost method of the servlet. <br>
	 *
	 * This method is called when a form has its tag value method equals to post.
	 * 
	 * @param request the request send by the client to the server
	 * @param response the response send by the server to the client
	 * @throws ServletException if an error occurred
	 * @throws IOException if an error occurred
	 */
	public void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		/*request.setCharacterEncoding("UTF-8");
		response.setCharacterEncoding("UTF-8");
PrintWriter out = response.getWriter();
try {
	Map<String,String> map = MessageUtil.xmlToMap(request);
	String fromUserName = map.get("FromUserName");
			String toUserName = map.get("ToUserName");
					String msgType = map.get("MsgType");
					String content = map.get("Content");//
					String message = null;
					
					//if("text".equals(msgType)){
					if(MessageUtil.MESSAGE_TEXT.equals(msgType)){
					if("1".equals(content)){
						message = MessageUtil.initText(toUserName,fromUserName,MessageUtil.firstMenu());				
					}else if("3".equals(content)){
						//message = MessageUtil.initText(toUserName,fromUserName,content);				
					//�Ϳ��������ﰴ3����ͼƬ��Ϣ,���ͼƬ��Ϣ�Ĵ����Լ��ظ��Ѿ�д����
						message = MessageUtil.initImageMessage(toUserName,fromUserName);
					}else if("4".equals(content)){//��servlet����һ���ж�,������4��ʱ��ظ�һ�����ָ���  
						message = MessageUtil.initMusicMessage(toUserName,fromUserName);
					}else if("2".equals(content)){
						//message = MessageUtil.initText(toUserName,fromUserName,MessageUtil.secondMenu());			
                        //�����ͼ����Ϣ�Ĵ����Լ��ظ��Ѿ�д���� 
						message= MessageUtil.initNewsMessage(toUserName,fromUserName);
					}else if("?".equals(content)||" ? ".equals(content)){
						message = MessageUtil.initText(toUserName,fromUserName,MessageUtil.menuText());
					}
						TextMessage text = new TextMessage();
					text.setFromUserName(toUserName);//˭������,��ͷ���˭
					text.setToUserName(fromUserName);
					text.setMsgType("text");
					text.setCreateTime(new Date().getTime());
					text.setContent("���͵���Ϣ��:"+content);
					 message = MessageUtil.textMessageToXml(text);
					
					System.out.println(message);
					}else if(MessageUtil.MESSAGE_EVENT.equals(msgType)){//�����Ϣ���͵��߼�
						String eventType = map.get("Event");
						if(MessageUtil.MESSAGE_SUBSCRIBE.equals(eventType)){//��Ϣ�����¼�������
							message = MessageUtil.initText(toUserName, fromUserName, content);//��ע΢�Ź��ں�֮��΢�ź�̨����
						}//�������Servlet�������һ���߼����ж�
						else if(MessageUtil.MESSAGE_CLICK.equals(eventType)){//�����������Click�˵���һ���¼�����
							//Click���͵���Ϣ����,���Event��Click���͵Ļ�,��ô����ظ�һ�����˵�
							message = MessageUtil.initText(toUserName, fromUserName, MessageUtil.menuText());
						}else if(MessageUtil.MESSAGE_VIEW.equals(eventType)){//�����View���Ͳ˵�,�ͻظ�һ�������õ�Url
							String url  = map.get("EventKey");//�����View���Ͳ˵��Ļ�,���EventKey�������Url��ֵ
							if("11".equals(url)){//���Keyֵ��11
							message = MessageUtil.initText(toUserName, fromUserName, url);
							}
						}else if(MessageUtil.MESSAGE_SCANCODE.equals(eventType)){//�ظ�һ�����ɨ���¼�
							String key  = map.get("EventKey");//�����Click���Ͳ˵��Ļ�,EventKey���������õ�Keyֵ
							message = MessageUtil.initText(toUserName, fromUserName, key);
						}
						
					}
					out .print(message);
} catch (DocumentException e) {
	// TODO Auto-generated catch block
	e.printStackTrace();
}finally{
	out.close();
}

System.out.println("doPost");*/
		//response.setContentType("text/html");
		//PrintWriter out = response.getWriter();
		
/*		StringBuffer strb = new StringBuffer();
		ServletInputStream in = request.getInputStream();
          BufferedReader     breader=       new BufferedReader( new InputStreamReader(in,"UTF-8"));
		
          String str = null;
          while(null!=(str=breader.readLine())){
        	  strb.append(str);
          }
          //out.println(str);
          System.out.println(strb);*/
        //out.flush();
		//out.close();
/*response.setContentType("text/html");
PrintWriter out = response.getWriter();

StringBuffer strb = new StringBuffer();
//strb要存储一下request获取过来的东西
ServletInputStream in =  request.getInputStream();

BufferedReader breader =  new BufferedReader( new InputStreamReader(in,"UTF-8"));//接收是对的,已经进行转码了.
String str = null;
//+-*\/\是运算符,赋值运算符=也是运算符
	/*
while(null!=(str = breader.readLine())){
	 strb.append(str);
}
out.println(strb);
System.out.println(strb);
out.flush();
out.close();*/
		//response.setContentType("text/html;charset=utf-8");
		//response.setContentType("text/html");
		response.setCharacterEncoding("UTF-8");
		PrintWriter out = response.getWriter();
		//String requestStr = In_Util.getStringFromRequest(request);
		String requestStr = Util.getStringFromRequest(request);
		In in = new In(requestStr);
		System.out.println(requestStr);
		System.out.println("北风网");
/*		In_Text in_Text = new In_Text(requestStr);
		System.out.println(in_Text);
		in_Text.setContent(in_Text.getContent()+ "  吃屎啦");*/
	 /*    In_Image in_Image = new In_Image(requestStr);
         System.out.println(in_Image);*/
		//Out_Text out_Text = new Out_Text(in_Text);
		//Out_Text out_Text = new Out_Text(in_Text,in_Text.getContent()+ "  吃屎啦");
/*		Out_Text out_Text = new Out_Text(in_Text);
		out_Text.setContent(in_Text.getContent());*/
		//System.out.println(out_Text.getStr("这是北风网。。。。。。。"));
		//response.getOutputStream().print(out_Text.getStr(in_Text.getContent()+ "  吃屎啦"));
		//response.getWriter().print(out_Text.getStr(in_Text.getContent()+ "  吃屎啦"));
		//response.getWriter().print(out_Text.getStr());
		//new BufferedWriter(new OutputStreamWriter(response.getOutputStream(),"UTF-8")).write(out_Text.getStr(in_Text.getContent()+ "  chishila"));
		//response.getOutputStream().print(out_Text.getStr("这是北风网。。。。。。。"));
		//System.out.println(out_Text.getStr(in_Text.getContent()+ "  吃屎啦"));
		//System.out.println(out_Text.getStr());
		
		/*In_Image in_Image = new In_Image(requestStr);
		System.out.println(in_Image.getMediaId());
		
		Out_Image out_Image = new Out_Image(in_Image);
		out_Image.setMediaId(in_Image.getMediaId());
	    response.getWriter().print(out_Image.getStr());*/
/*		String shanghai = "szNaZ9h5SbG4kMDlCexVMvNLuezqTB20QE9XOgpbK5plhmCOnaO6JG6-ISXsIdvn";
		String xxx= "T9Bi3d-qxYbZnE6f1CsYJ2EfNrWDdr9x3Kpas_WUo04tc9b4zwTq9KZs1vQ6taQB";
		In_Text in_Text = new In_Text(requestStr);
		Out_Image out_Image = new Out_Image(in_Text);
		if("1".equals(in_Text.getContent())){
			out_Image.setMediaId(shanghai);
			
		}else{
			out_Image.setMediaId(xxx);
		}
		response.getWriter().print(out_Image.getStr());*/
/*		In_Voice in_Voice = new In_Voice(requestStr);
		Out_Voice out_Voice = new Out_Voice(in_Voice);
		out_Voice.setMediaId(in_Voice.getMediaId());
		response.getWriter().print(out_Voice.getStr());*/
/*		In_Video in_Video = new In_Video(requestStr);

		Out_Video out_Video = new Out_Video(in_Video);
		out_Video.setMediaId(in_Video.getMediaId());
		out_Video.setTitle("title");
		out_Video.setDescription("description");
		System.out.println(out_Video.getStr());
		//response.getWriter().print(out_Video.getStr());
	    response.getOutputStream().print(out_Video.getStr());*/
		Subscribe_Unsubscribe subscribe_Unsubscribe = new Subscribe_Unsubscribe(requestStr);
		/*System.out.println(subscribe_Unsubscribe);
		Out_News out_News = new Out_News(subscribe_Unsubscribe);
		List<Out_News> out_NewsList = new ArrayList<Out_News>();
		Out_News out_News_0 = new Out_News();
		out_News_0.setTitle("北风网微信系统");
		out_News_0.setDescription("北风网");
		out_News_0.setPicUrl("http://www.ibeifeng.com/themes/default/images/logo.png");
		out_News_0.setUrl("http://www.ibeifeng.com/");
		out_NewsList.add(out_News_0);
		Out_News out_News_1 = new Out_News();
		out_News_1.setTitle("java北风网微信系统");
		out_News_1.setDescription("北风网xxxxxxxxxxxxx");
		out_News_1.setPicUrl("http://www.ibeifeng.com/data/indeximg/a2.jpg");
		out_News_1.setUrl("http://www.ibeifeng.com/tc_java2.html");
		out_NewsList.add(out_News_1);
		Out_News out_News_2 = new Out_News();
		out_News_2.setTitle(".net北风网微信系统");
		out_News_2.setDescription("北风网AAAAAAAAAAAA");
		out_News_2.setPicUrl("http://www.ibeifeng.com/data/indeximg/a3.jpg");
		out_News_2.setUrl("http://www.ibeifeng.com/netcourse.html");
		out_NewsList.add(out_News_2);
		System.out.println(out_News.getStr(out_NewsList));
		response.getWriter().print(out_News.getStr(out_NewsList));*/
		/**
		 * 关注微信号时的欢迎信息
		 * 欢迎你关注本微信号
		 */
		if("event".equals(in.getMsgType())){//如果接收的消息是事件类型的话
		if("subscribe".equals(subscribe_Unsubscribe.getEvent())){
			//Out_Text out_Text = new Out_Text(in);
			Out_Text out_Text = new Out_Text(subscribe_Unsubscribe);
			out_Text.setContent("欢迎你关注本微信号。本游戏说明");
			out.print(out_Text.getStr());
			
		}
		//判断是text类型
		}else if("text".equals(in.getMsgType())){
			In_Text in_Text = new In_Text(requestStr);
			Out_Text out_Text = new Out_Text(in);
			//out_Text.setContent("这是您选择的数字"+in_Text.getContent());
			
			//如果不是数字
			try {
				Integer.parseInt(in_Text.getContent());
			} catch (NumberFormatException e) {
				// TODO Auto-generated catch block
				//e.printStackTrace();
				out_Text.setContent("这个不是数字");
				out.print(out_Text.getStr());
				return;
			}
			//判断是否小于1000
			if(1000<Integer.parseInt(in_Text.getContent())){
				out_Text.setContent("这个数字太大了,应该小于1000");
				out_Text.getStr();
				return;
			}
			//记录到数据库
			
			out.print(out_Text.getStr());
		}else{
			Out_Text out_Text = new Out_Text(in);
			out_Text.setContent("请选择一个数字");
			out.print(out_Text.getStr());
			
		}
		
		out.flush();
		out.close();
	}

	/**
	 * Initialization of the servlet. <br>
	 *
	 * @throws ServletException if an error occurs
	 */
	public void init() throws ServletException {
		// Put your code here
	}

}

 

转载于:https://my.oschina.net/u/3206447/blog/906117

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值