📄 logon.java
字号:
package kangyi.model;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
//import java.util.HashMap;
import java.util.StringTokenizer;
import zhangchunliang.model.AppMode;
//import java.util.*;
import kangyi.form.LogonForm;
import kangyi.ConnectionPool.DbConnection;
/** * <p>Description : 判断登陆用户信息是否正确与权限的获取 </p>
* <p>Project : ciqms
* <p>Company : 东软股份国际合作事业部</p>
* <p>Create Date : 2005.4.25</P>
* @author : 康毅 | kangyi@neusoft.com
* @version : 0.1 */
public class Logon {
/**
*
* @uml.property name="db"
* @uml.associationEnd multiplicity="(0 1)"
*/
DbConnection db = null;
Connection con=null;
/*
* name: 转换字符串方法
* Description: 把屏幕上获取的中文字符串正确的传入MODEL中
* @return Str 转换完的字符串
*/
public String change(String s){
String str=s;
try{
byte b[]=str.getBytes("ISO-8859-1");
str=new String(b);
return str;
}
catch(Exception e){
return str;
}
}
/*
* name: 登陆判断
* describing: 判断用户名是否输入正确 正确跳转到主页
* @return int info
*/
public int UserLogon(LogonForm lf){
AppMode.registerUser();
Statement sql=null;
ResultSet rs=null;
int info=1;
String id=lf.getId();
String password=lf.getPassword();
id=change(id);
password=change(password);
try {
db=new DbConnection();
con=db.getCon();
sql = con.createStatement();
/*构造查询语句*/
String condition = "select * from stuff "
+"where sid="
+ "'"+ id + "'";
rs=sql.executeQuery(condition);
rs.first();
System.out.println(rs.getString(3));
if(rs.getRow()!=0&&!id.equals("null")){
if(password.equals(rs.getString(3))){
con.close();
db.d_close();
AppMode.loginoutUser();
return info=1;//成功
}
else{
con.close();
db.d_close();
AppMode.loginoutUser();
return info=2;//密码错误
}
}else{
con.close();
db.d_close();
AppMode.loginoutUser();
return info=3;//无此人
}
} catch (SQLException e) {
AppMode.loginoutUser();
System.out.print("操作失败"+e);
return info=7;
}
}
/*
* name: 获得权限
* describing: 通过登陆的ID获得此人的权限
* @return String[]
*/
public String[] UserGrant(LogonForm lf){
AppMode.registerUser();
Statement sql=null;
ResultSet rs=null;
String id=lf.getId();
id=change(id);
String privselect="N";
String privadd="N";
String privdelete="N";
String privupdate="N";
String privadmin="N";
String groupno;
String strgrant[]={privselect,privadd,privdelete,privupdate,privadmin};
try {
db=new DbConnection();
con=db.getCon();
sql = con.createStatement();
/*构造查询语句*/
String condition = "select groupString from stuff "
+"where sid="
+ "'"+ id + "'";
String condition1;
rs=sql.executeQuery(condition);
rs.first();
System.out.println(rs.getString(1));
/*得到员工所在的组*/
String groupstring=rs.getString("groupstring");
/*分析员工所在的组的字符串*/
StringTokenizer fenxi=new StringTokenizer(groupstring,";");
int n=fenxi.countTokens();
while(fenxi.hasMoreTokens()){
groupno=fenxi.nextToken();
condition1="select * from privgroup "
+"where groupno="
+ "'"+ groupno + "'";
rs=sql.executeQuery(condition1);
rs.first();
if(rs.getString(3).equals("Y")){
privselect="Y";
}
if(rs.getString(4).equals("Y")){
privadd="Y";
}
if(rs.getString(5).equals("Y")){
privdelete="Y";
}
if(rs.getString(6).equals("Y")){
privupdate="Y";
}
if(rs.getString(7).equals("Y")){
privadmin="Y";
}
}
strgrant[0]=privselect;
strgrant[1]=privadd;
strgrant[2]=privdelete;
strgrant[3]=privupdate;
strgrant[4]=privadmin;
con.close();
db.d_close();
AppMode.loginoutUser();
return strgrant;
} catch (SQLException e) {
AppMode.loginoutUser();
System.out.print("操作失败"+e);
return strgrant;
}
}
/*
* name: 获得用户能管理的表名
* describing: 通过登陆的ID获得此人能管理的表名
* @return String
*/
/** public String UserTable(LogonForm lf){
Statement sql=null;
ResultSet rs=null;
String id=lf.getId();
id=change(id);
String tablename="null";
try {
db=new DbConnection();
con=db.getCon();
sql = con.createStatement();
String condition = "select tablename from stuff,systable "
+"where sid="
+ "'"+ id + "'"
+"and stuff.depno=systable.depno";
rs=sql.executeQuery(condition);
rs.first();
System.out.println(rs.getString(1));
tablename=rs.getString(1);
con.close();
db.d_close();
return tablename;
}
catch (SQLException e) {
System.out.print("操作失败"+e);
return tablename;
}
}
这里到下边是我加的
public List findTables(LogonForm lf){
Statement sql=null;
ResultSet rs=null;
String id=lf.getId();
List a=new ArrayList();
id=change(id);
try{
db=new DbConnection();
con=db.getCon();
sql = con.createStatement();
String condition = "select tablename from stuff,systable "
+"where sid="
+ "'"+ id + "'"
+"and stuff.depno=systable.depno";
rs=sql.executeQuery(condition);
//rs.first();
System.out.println("你好");
//a.add(rs.getString(1));
while(rs.next()){
a.add(rs.getString(1));
}
System.out.println(a.get(1));
System.out.println(a.get(2));
System.out.println(a.size());
con.close();
db.d_close();
return a;
}catch(Exception e){
System.out.println(e.getMessage());
return a;
}
}
到这里是我加的*/
/**我们就用这个*/
/**我添加的第二个方法,返回的是字符串*/
public String findTable(LogonForm lf){
AppMode.registerUser();
Statement sql=null;
ResultSet rs=null;
String id=lf.getId();
StringBuffer stringBuffer=new StringBuffer();
String str="";
id=change(id);
try{
db=new DbConnection();
con=db.getCon();
sql = con.createStatement();
String condition = "select tablename from stuff,deptable "
+"where sid="
+ "'"+ id + "'"
+"and stuff.depno=deptable.depno";
rs=sql.executeQuery(condition);
//rs.first();
System.out.println("hello!");
//stringBuffer.append(rs.getString(1)+";");
while(rs.next()){
stringBuffer.append(rs.getString(1)+";");
}
str=stringBuffer.toString();
System.out.println(str);
con.close();
db.d_close();
AppMode.loginoutUser();
return str;
}catch(Exception e){
AppMode.loginoutUser();
System.out.println(e.getMessage());
return str;
}
}
/**到这里是我添加的第二个方法*/
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -