Login.java
package com.tsinghua;
import javax.servlet.http.*;
import java.io.*;
public class Login extends HttpServlet{
//处理get请求
//req : 用于获得客户端(浏览器)的信息
//res : 用于向客户端(浏览器)返回信息
public void doGet(HttpServletRequest req,HttpServletResponse res){
try{
res.setContentType("text/html;charset=gbk");
PrintWriter pw = res.getWriter();
String error = (String)req.getParameter("info");
pw.println("<html>");
pw.println("<body>");
pw.println("<head>登陆界面</head>");
if(error!=null){
pw.println("<h1>您输入的用户名或密码错误</h1>");
}
pw.println("<form action=loginCheck method =post>");
pw.println("用户:<input type=text name =username><br>");
pw.println("密码:<input type=password name =password><br>");
pw.println("<input type=submit value=login>");
pw.println("</form>");
pw.println("</body>");
pw.println("</html>");
}catch(Exception e){
e.printStackTrace();
}
}
}
LoginCheck.java
package com.tsinghua;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.Statement;
import java.sql.ResultSet;
public class LoginCheck extends HttpServlet{
public void doGet(HttpServletRequest req,HttpServletResponse res){
Connection ct = null;
Statement sm = null;
ResultSet rs = null;
try{
String u = req.getParameter("username");
String p = req.getParameter("password");
//连接数据库
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
//得到链接 Connection对象
ct = DriverManager.getConnection("jdbc:sqlserver://127.0.0.1:1433;databaseName=spdb1","sa","admin");
// 创建statement
sm = ct.createStatement();
//得到结果集
//rs = sm.executeQuery("select top 1 from users where username='"+u+ "' and passwd='" +p+"'");
/*//if(u.equals("sp")&&p.equals("123")){
//if(p.equals("123")){
if(rs.next()){
// 将验证成功的信息写入session
//1:得到session
HttpSession hs = req.getSession(true);
//修改session的存在时间
hs.setMaxInactiveInterval(20);
hs.setAttribute("pass","OK");
res.sendRedirect("welcome?uname="+u+"&upass="+p);
}*/
rs = sm.executeQuery("select top 1 passwd from users where username = '"+u+"'");
if(rs.next()){
//说明用户是存在的
String dbPasswd = rs.getString(1);
if(dbPasswd.equals(p)){
// 将验证成功的信息写入session
//1:得到session
HttpSession hs = req.getSession(true);
//修改session的存在时间
hs.setMaxInactiveInterval(20);
hs.setAttribute("pass","OK");
res.sendRedirect("welcome?uname="+u+"&upass="+p);
// 真的合法
}
else{
res.sendRedirect("login");// 里面的内容是写你要跳转servlet的url
}
}
else{
res.sendRedirect("login");// 里面的内容是写你要跳转servlet的url
}
}catch(Exception e){
e.printStackTrace();
}finally{
try{
if(rs!=null){
rs.close();
}
if(sm!=null){
sm.close();
}
if(ct!=null){
ct.close();
}
}catch(Exception e){
e.printStackTrace();
}
}
}
public void doPost(HttpServletRequest req,HttpServletResponse res){
this.doGet(req,res);
}
}
Welcome.java
//用户欢迎servlet
package com.tsinghua;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter;
public class Welcome extends HttpServlet{
public void doGet(HttpServletRequest req,HttpServletResponse res){
res.setContentType("text/html;charset=gbk");
String u = req.getParameter("uname");
String p = req.getParameter("upass");
try{
HttpSession hs = req.getSession(true);
String va = (String)hs.getAttribute("pass");
if(va == null){
res.sendRedirect("login?info=error");
}
else{
u=new String(u.getBytes("iso-8859-1"),"gb2312");
PrintWriter pw = res.getWriter();
pw.println("Welcome!"+u+"! pass="+p);
}
}catch(Exception e){
e.printStackTrace();
}
}
public void doPost(HttpServletRequest req,HttpServletResponse res){
this.doGet(req,res);
}
}