上海驾校
特点
客户端确认
– 减少服务器负载
– 缩短用户等待时间
– 兼容性难
• 服务器端确认
– 统一确认
– 兼容性强
– 服务器负载重
JavaScript实现客户端验证
<html>
<head>
<script type="text/javascript">
function validate() {
var userName = document.getElementById("userName1");
var passWord = document.getElementById("passWord1");
var repassWord = document.getElementById("repassWord1");
if(userName.value == "") {
alert("用户名不能不为空");
return false;
}
if(passWord.value.length < 6 || passWord.value.length > 10){
alert("密码必须符合规则");
return false;
}
if(repassWord.value.length < 6 || repassWord.value.length > 10){
alert("密码必须符合规则");
return false;
}
if(passWord.value != repassWord.value){
alert("密码前后不一致");
return false;
}
return true;
}
</script>
</head>
<body>
<form method="post" onsubmit="return validate()">
userName:
<input type="text" name="userName" id="userName1">
<br>
passWord:
<input type="password" name="passWord" id="passWord1">
<br>
re-passWord:
<input type="password" name="repassWord" id="repassWord1">
<br>
<input type="submit" value="提交">
</form>
</body>
</html>
但是客户端验证是不可靠的,如用户直接在浏览器输入栏输入:localhost:8080/temp/login.jsp/servlet?username=123&password=123
服务端验证
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String userName = request.getParameter("userName");
String passWord = request.getParameter("passWord");
String repassWord = request.getParameter("repassWord");
List<String> list = new ArrayList<String>();
if ("".equals(userName)) {
list.add("用户名不能不为空");
}
if (passWord.length() < 6 || passWord.length() > 10) {
list.add("密码必须符合规则");
}
if (repassWord.length() < 6 || repassWord.length() > 10) {
list.add("密码必须符合规则");
}
if (passWord != null && repassWord != null
&& passWord.equals(repassWord)) {
list.add("密码前后不一致");
}
if(list.isEmpty()){
request.setAttribute("userName", userName);
request.setAttribute("userName", passWord);
request.getRequestDispatcher("失败的的jsp页面");
}else{
request.setAttribute("error", list);
}
}