//jdbc的使用包括 connection、statement/preparestatement、resultset对象,首先要加载驱动类,然后建立连接。。。通常利用preparestatement快速注入参数,并且高效
//用statement的情况
<%
boolean flag=false;
Connection conn=null;
Statement stmt=null;
ResultSet rs=null;
request.setCharacterEncoding("utf-8");
String username=request.getParameter("username").trim();
String password=request.getParameter("password").trim();
//加载驱动
try{
Class.forName("com.mysql.jdbc.Driver");
}catch(ClassNotFoundException e){
e.printStackTrace();
}
try{
//建立连接
conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/shop", "root", "root");
stmt=conn.createStatement();
String sql="select * from user";
rs=stmt.executeQuery(sql);
while(rs.next()){
if(rs.getString(2).equals(username)&&rs.getString(4).equals(password)){
session.setAttribute("username", username);
//设置session的最大有效时间,40分钟无操作,session将会失效
session.setMaxInactiveInterval(40*60);
out.println("欢迎您"+rs.getString(3));
flag=true;
}
}
if(!flag){
response.sendRedirect("fail.jsp");
}
}catch(SQLException e){
e.printStackTrace();
}finally{
//关闭连接
try{
if(null!=stmt){
stmt.close();
}
if(null!=conn){
conn.close();
}
}catch(SQLException e){
e.printStackTrace();
}
}
%>
//用preparestatement的情况
<%
Connection conn=null;
PreparedStatement pstate=null;
ResultSet rs=null;
request.setCharacterEncoding("utf-8");
String username=request.getParameter("username").trim();
String password=request.getParameter("password").trim();
//加载驱动
try{
Class.forName("com.mysql.jdbc.Driver");
}catch(ClassNotFoundException e){
e.printStackTrace();
}
try{
//建立连接
conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/shop", "root", "root");
String sql="select * from user where login=? and pass=?";
pstate=conn.prepareStatement(sql);
//在sql语句中设置参数?的值,1代表第一个
pstate.setString(1, username);
pstate.setString(2, password);
rs=pstate.executeQuery();
if(rs.next()){
session.setAttribute("username", username);
//设置session的最大有效时间,40分钟无操作,session将会失效
session.setMaxInactiveInterval(40*60);
out.println("欢迎您"+rs.getString(3));
}else{
System.out.println("登录失败!");
response.sendRedirect("fail.jsp");
}
}catch(SQLException e){
e.printStackTrace();
}finally{
//关闭连接
try{
if(null!=pstate){
pstate.close();
}
if(null!=conn){
conn.close();
}
}catch(SQLException e){
e.printStackTrace();
}
}
%>
//用statement的情况
<%
boolean flag=false;
Connection conn=null;
Statement stmt=null;
ResultSet rs=null;
request.setCharacterEncoding("utf-8");
String username=request.getParameter("username").trim();
String password=request.getParameter("password").trim();
//加载驱动
try{
Class.forName("com.mysql.jdbc.Driver");
}catch(ClassNotFoundException e){
e.printStackTrace();
}
try{
//建立连接
conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/shop", "root", "root");
stmt=conn.createStatement();
String sql="select * from user";
rs=stmt.executeQuery(sql);
while(rs.next()){
if(rs.getString(2).equals(username)&&rs.getString(4).equals(password)){
session.setAttribute("username", username);
//设置session的最大有效时间,40分钟无操作,session将会失效
session.setMaxInactiveInterval(40*60);
out.println("欢迎您"+rs.getString(3));
flag=true;
}
}
if(!flag){
response.sendRedirect("fail.jsp");
}
}catch(SQLException e){
e.printStackTrace();
}finally{
//关闭连接
try{
if(null!=stmt){
stmt.close();
}
if(null!=conn){
conn.close();
}
}catch(SQLException e){
e.printStackTrace();
}
}
%>
//用preparestatement的情况
<%
Connection conn=null;
PreparedStatement pstate=null;
ResultSet rs=null;
request.setCharacterEncoding("utf-8");
String username=request.getParameter("username").trim();
String password=request.getParameter("password").trim();
//加载驱动
try{
Class.forName("com.mysql.jdbc.Driver");
}catch(ClassNotFoundException e){
e.printStackTrace();
}
try{
//建立连接
conn=DriverManager.getConnection("jdbc:mysql://localhost:3306/shop", "root", "root");
String sql="select * from user where login=? and pass=?";
pstate=conn.prepareStatement(sql);
//在sql语句中设置参数?的值,1代表第一个
pstate.setString(1, username);
pstate.setString(2, password);
rs=pstate.executeQuery();
if(rs.next()){
session.setAttribute("username", username);
//设置session的最大有效时间,40分钟无操作,session将会失效
session.setMaxInactiveInterval(40*60);
out.println("欢迎您"+rs.getString(3));
}else{
System.out.println("登录失败!");
response.sendRedirect("fail.jsp");
}
}catch(SQLException e){
e.printStackTrace();
}finally{
//关闭连接
try{
if(null!=pstate){
pstate.close();
}
if(null!=conn){
conn.close();
}
}catch(SQLException e){
e.printStackTrace();
}
}
%>