web.xml
<?
xml version="1.0" encoding="UTF-8"
?>
<! DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd" >
< web-app >
< display-name > jspLogin </ display-name >
</ web-app >
<! DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd" >
< web-app >
< display-name > jspLogin </ display-name >
</ web-app >
index.jsp
<%
if (session.getAttribute( " passed " ) == null ) ... {
response.sendRedirect("login.jsp");
return;
}
%>
passed !
if (session.getAttribute( " passed " ) == null ) ... {
response.sendRedirect("login.jsp");
return;
}
%>
passed !
login.jsp
<%
...
@ page contentType="text/html; charset=utf-8"
%>
< html >
< head >
< title >
login
</ title >
</ head >
< body bgcolor ="#ffffff" >
<% ...
String flag=request.getParameter("flag");
if(flag!=null&&flag.equals("0")){
out.println("Pls input valid username and password!<br><br>");
}
%>
< form name ="form1" method ="post" action ="loginSuccess.jsp" >
< input name ="username" type ="text" >< br />
< input name ="password" type ="password" >< br />
< input name ="reset" type ="reset" value ="reset" >
< input name ="submit" type ="submit" value ="submit" >
</ form >
</ body >
</ html >
< html >
< head >
< title >
login
</ title >
</ head >
< body bgcolor ="#ffffff" >
<% ...
String flag=request.getParameter("flag");
if(flag!=null&&flag.equals("0")){
out.println("Pls input valid username and password!<br><br>");
}
%>
< form name ="form1" method ="post" action ="loginSuccess.jsp" >
< input name ="username" type ="text" >< br />
< input name ="password" type ="password" >< br />
< input name ="reset" type ="reset" value ="reset" >
< input name ="submit" type ="submit" value ="submit" >
</ form >
</ body >
</ html >
loginSuccess.jsp
<%
@ page
import
=
"
java.sql.*
"
%>
<%
String username = request.getParameter( " username " );
String password = request.getParameter( " password " );
String sql = " select * from user where username=' " + username + " ' and password=' " + password + " ' " ;
boolean flag = false ;
//
Class.forName( " com.mysql.jdbc.Driver " ) ;
Connection conn = DriverManager.getConnection( " jdbc:mysql://localhost:3306/test?user=cwb&password=cwb123&useUnicode=true " );
Statement pstmt = conn.prepareStatement(sql) ;
ResultSet rs = pstmt.executeQuery(sql);
if (rs.next()) ... {
flag = true ;
}
//
rs.close() ;
pstmt.close() ;
conn.close() ;
if (flag) ... {
session.setAttribute("passed","true");
response.sendRedirect("index.jsp");
} else ... {
response.sendRedirect("login.jsp?flag=0");
}
%>
<%
String username = request.getParameter( " username " );
String password = request.getParameter( " password " );
String sql = " select * from user where username=' " + username + " ' and password=' " + password + " ' " ;
boolean flag = false ;
//
Class.forName( " com.mysql.jdbc.Driver " ) ;
Connection conn = DriverManager.getConnection( " jdbc:mysql://localhost:3306/test?user=cwb&password=cwb123&useUnicode=true " );
Statement pstmt = conn.prepareStatement(sql) ;
ResultSet rs = pstmt.executeQuery(sql);
if (rs.next()) ... {
flag = true ;
}
//
rs.close() ;
pstmt.close() ;
conn.close() ;
if (flag) ... {
session.setAttribute("passed","true");
response.sendRedirect("index.jsp");
} else ... {
response.sendRedirect("login.jsp?flag=0");
}
%>