下面给大家带来的java实例是登陆servlet如何用java实现吗?下面就一起来看看下面的例子吧。
Login.java代码package com.bai;
import javax.servlet.http.*;
import java.io.*;
public class Login extends HttpServlet
{
public void doGet(HttpServletRequest req, HttpServletResponse res)
{
try
{
req.setCharacterEncoding("gb2312");
res.setContentType("text/html;charset=gb2312");
PrintWriter pw = res.getWriter();
pw.println("");
pw.println("
");pw.println("
登陆界面
");pw.println("
");pw.println("用户名:
");
pw.println("密码:
");
pw.println("
");
pw.println("
");pw.println("");
pw.println("");
}
catch (Exception e)
{
e.printStackTrace();
}
}
public void doPost(HttpServletRequest req, HttpServletResponse res)
{
this.doGet(req, res);
}
}
LoginCl.java代码package com.bai;
import javax.servlet.http.*;
import java.io.*;
import java.sql.*;
public class LoginCl extends HttpServlet
{
public void doGet(HttpServletRequest req, HttpServletResponse res)
{
Connection conn = null;
Statement stmt = null;
ResultSet rs = null;
String sql = "select username,passwd from users where username = ? and passwd = ?";
try
{ //req.setCharacterEncoding("gb2312");
String user = req.getParameter("username");
String password = req.getParameter("passwd");
Class.forName("com.mysql.jdbc.Driver");
conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/sqdb", "root", "root");
// stmt=conn.createStatement();
PreparedStatement pstmt = conn.prepareStatement(sql);
pstmt.setString(1, user);
pstmt.setString(2, password);
rs = pstmt.executeQuery();
// rs=stmt.executeQuery("select top 1 * from users where username='"+user
// +"' and passwd='"+password+"'");
if (rs.next())
{
HttpSession hs = req.getSession(true);
hs.setMaxInactiveInterval(60);
hs.setAttribute("name", user);
res.sendRedirect("welcome?&uname=" + user + "&upass=" + password);
}
else
{
res.sendRedirect("login"); //url
}
}
catch (Exception e)
{
e.printStackTrace();
}
finally
{
try
{
if (rs != null)
{
rs.close();
}
if (stmt != null)
{
stmt.close();
}
if (conn != null)
{
conn.close();
}
}
catch (Exception e)
{
e.printStackTrace();
}
}
}
public void doPost(HttpServletRequest req, HttpServletResponse res)
{
this.doGet(req, res);
}
}
不知道你有没有发现,上面的这个处理用户名密码带有明显注入漏洞,能够依据用户名从数据库取密码,用取出的密码和用户输入的密码比较。
代码sql = select passwd from users where username = ? limit 1
if (rs.next())
{
String passwd = rs.getString(1);
if (passwd.equals(password))
//密码正确
else //密码错误
}
Welcome.java代码package com.bai;
import javax.servlet.http.*;
import java.io.*;
public class Welcome extends HttpServlet
{
public void doGet(HttpServletRequest req, HttpServletResponse res)
{
HttpSession hs = req.getSession();
String val = (String) hs.getAttribute("pass");
if (val == null)
{
try
{
System.out.print(1);
res.sendRedirect("login");
}
catch (Exception e)
{
e.printStackTrace();
}
}
String u = req.getParameter("uname");
String p = req.getParameter("upass");
try
{ //req.setCharacterEncoding("gb2312");
PrintWriter pw = res.getWriter();
pw.println("welcome! " + u + "&pass=" + p);
}
catch (Exception e)
{
e.printStackTrace();
}
}
public void doPost(HttpServletRequest req, HttpServletResponse res)
{
this.doGet(req, res);
}
}
关于java写一个servlet实现登录的例子就给你介绍到这里了,希望上面的内容可以对你有所帮助哦,更多java实例,请继续关注奇Q工具网来进行了解吧。
推荐阅读: