3、创建一个用户表user和用户类型表userType(项目中的角色和权限问题)
user:id,act,pwd,tid
userType:tid,tname
创建登录页面login.jsp,登录成功后将act和tid保存在session中
登录成功后跳转到manage.jsp页面,页面中有一个导航栏,有如下选项:
管理所有用户
个人中心
购物车
要求当用户类型是超级管理员时,能够显示出导航栏中的所有选项
当用户类型是其他时,只显示个人中心和购物车
create table user(
id int primary key auto_increment,
act varchar(100) ,
pwd varchar(100) ,
tid int
);
create table userType(
tid int primary key auto_increment,
tname varchar(100)
);
insert into User(act ,pwd ,tid ) values ("诗书画唱1","666",1),
("诗书画唱2","888",2);
insert into userType(tname) values ("超级管理员"),("其他");
--drop table User
--select * from User
--select * from userType
select * from User inner join userType on User.tid= userType.tid
package bean;
public class User {
private Integer id;
private String act;
private String pwd;
private Integer tid;
private String tname;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getAct() {
return act;
}
public void setAct(String act) {
this.act = act;
}
public String getPwd() {
return pwd;
}
public void setPwd(String pwd) {
this.pwd = pwd;
}
public Integer getTid() {
return tid;
}
public void setTid(Integer tid) {
this.tid = tid;
}
public String getTname() {
return tname;
}
public void setTname(String tname) {
this.tname = tname;
}
}
package controller;
import bean.User;
import DAO.Dao;
import java.io.IOException;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import bean.User;
import DAO.Dao;
@WebServlet("/UFirstPageServletStart")
public class FirstPageServletStart extends HttpServlet {
private static final long serialVersionUID = 1L;
public FirstPageServletStart() {
super();
// TODO Auto-generated constructor stub
}
/**
* @see HttpServlet#doGet(HttpServletRequest request,
* HttpServletResponse response)
*/
protected void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
// TODO Auto-generated method stub
this.doPost(request, response);
}
protected void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
String act = request.getParameter("act");
String pwd = request.getParameter("pwd");
System.out.println(act);
//2、查询数据库
Dao userDao = new Dao();
User u = userDao.selectByActAndPwd(act, pwd);
//3、根据查询出来的结果进行处理
if(u.getId() != null && u.getId() > 0) {
//将登录的账号存放到session
//后面当你跳转到任何的页面时,还需要验证是否是合法的访问
request.getSession().setAttribute("userName", act);
//a、根据账号和密码能够查询记录,就表示登录成功,跳转到后台管理页面
StringBuilder html = new StringBuilder();
if("超级管理员".equals(u.getTname())){
html.append("
");}
else if("其他".equals(u.getTname())){
html.append("
- 个人中心"
+ "
购物车");}
System.out.println(html);
request.setAttribute("html",html);
request.getRequestDispatcher("firstPage.jsp").forward(request, response);
} else {
String msg = "账号或者密码错误";
request.setAttribute("msg", msg);
//b、没有查询到记录,就表示登录失败,跳转回login.jsp
request.getRequestDispatcher("login.jsp")
.forward(request, response);
}
}
}
package DAO;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import utils.DBUtils;
import bean.User;
public class Dao {
public User selectByActAndPwd
(String act,String pwd){
String sql = "select * from user u inner"
+ " join userType ut on u.tid=ut.tid"
+ " where act = ? and pwd = ?";
Connection conn = null;
PreparedStatement pstm = null;
ResultSet rs = null;
User u = new User();
Listlist = new ArrayList();
try {
conn = DBUtils.getConn();
pstm = conn.prepareStatement(sql);
//设置占位符
pstm.setString(1, act);
pstm.setString(2, pwd);
rs = pstm.executeQuery();
if(rs.next()) {
Integer id = rs.getInt("id");
Integer tid= rs.getInt("tid");
String tname= rs.getString("tname");
u.setId(id);
u.setAct(act);
u.setPwd(pwd);
u.setTid(tid);
u.setTname(tname);
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
//清理资源
DBUtils.close(rs, pstm, conn);
}
return u;
}
}
package Filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
@WebFilter("/*")
public class CodeFilter implements Filter {
public CodeFilter() {
// TODO Auto-generated constructor stub
}
public void destroy() {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request,
ServletResponse response, FilterChain chain)
throws IOException, ServletException {
// TODO Auto-generated method stub
// place your code here
request.setCharacterEncoding("utf-8");
chain.doFilter(request, response);
}
public void init(FilterConfig fConfig) throws ServletException {
// TODO Auto-generated method stub
}
}
package utils;
import java.io.IOException;
import java.io.InputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Properties;
public class DBUtils {
private static String driverName;
private static String url;
private static String userName;
private static String pwd;
//静态块,随着类加载而运行的
static{
//读取db.properties文件中的内容:
Properties prop = new Properties();
InputStream is = DBUtils.class.getClassLoader()
.getResourceAsStream("db.properties");
try {
prop.load(is);
driverName = prop.getProperty("dn");
url = prop.getProperty("url");
userName = prop.getProperty("un");
pwd = prop.getProperty("up");
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public static Connection getConn(){
Connection conn = null;
try {
Class.forName(driverName);
conn = DriverManager.getConnection(url,userName,pwd);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return conn;
}
public static void close(ResultSet rs,
PreparedStatement pstm
,Connection conn){
try {
if(rs != null) {
rs.close();
}
if(pstm != null) {
pstm.close();
}
if(conn != null) {
conn.close();
}
} catch(Exception e) {
e.printStackTrace();
}
}
}
dn=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/firstjsp?useUnicode=true&characterEncoding=UTF-8
un=root
up=root
charset=UTF-8" pageEncoding="UTF-8"%>
//中文乱码处理
request.setCharacterEncoding("utf-8");
//1、获取用户输入的账号和密码
String act = request.getParameter("act");
String pwd = request.getParameter("pwd");
System.out.println(act);
//2、查询数据库
Dao userDao = new Dao();
User u = userDao.selectByActAndPwd(act, pwd);
//3、根据查询出来的结果进行处理
if(u.getId() != null && u.getId() > 0) {
//将登录的账号存放到session
//后面当你跳转到任何的页面时,还需要验证是否是合法的访问
request.getSession().setAttribute("userName", act);
//a、根据账号和密码能够查询记录,就表示登录成功,跳转到后台管理页面
request.getRequestDispatcher("firstPage.jsp")
.forward(request, response);
} else {
String msg = "账号或者密码错误";
request.setAttribute("msg", msg);
//b、没有查询到记录,就表示登录失败,跳转回login.jsp
request.getRequestDispatcher("login.jsp")
.forward(request, response);
}
%>
charset=UTF-8" pageEncoding="UTF-8"%>
String path = request.getContextPath();
String basePath = request.getScheme()
+"://"+request.getServerName()
+":"+request.getServerPort()+path+"/";
%>
"keyword1,keyword2,keyword3">
ul
{
list-style-type:none;
margin:0;
padding:0;
overflow:hidden;
background-color:black;
}
li
{
float:left;
padding:50px;
}
a
{
display:block;
text-decoration: none;
}
${html }
charset=UTF-8" pageEncoding="UTF-8"%>
String path = request.getContextPath();
String basePath = request.getScheme()+
"://"+request.getServerName()
+":"+request.getServerPort()+path+"/";
%>
*{
font-size:50px;
}
账号: | placeholder="请输入账号"/> |
密码: | |