regok.jsp

用JSP写的一个在线购物网站的代码

<%@ page contentType="text/html;charset=gb2312" import="java.sql.*" %>
<jsp:useBean id="data" scope="page" class="shop.data.conn" />
<%
String name=request.getParameter("name");
String pwd=request.getParameter("pwd");
String sex=request.getParameter("sex");
byte[] tmp=sex.getBytes("ISO8859_1");
sex=new String(tmp);
String pwdquery=request.getParameter("pwdquery");
tmp=pwdquery.getBytes("ISO8859_1");
pwdquery=new String(tmp);
String pwdanswer=request.getParameter("pwdanswer");
tmp=pwdanswer.getBytes("ISO8859_1");
pwdanswer=new String(tmp);
String email=request.getParameter("email");
String realname=request.getParameter("realname");
tmp=realname.getBytes("ISO8859_1");
realname=new String(tmp);
String rate=request.getParameter("rate");
tmp=rate.getBytes("ISO8859_1");
rate=new String(tmp);
String mode=request.getParameter("mode");
tmp=mode.getBytes("ISO8859_1");
mode=new String(tmp);
String zone=request.getParameter("zone");
String phone=request.getParameter("phone");
String tel=zone+"-"+phone;
String address=request.getParameter("address");
tmp=address.getBytes("ISO8859_1");
address=new String(tmp);
String year=request.getParameter("year");
String month=request.getParameter("month");
String day=request.getParameter("day");
String brith=year+"-"+month+"-"+day;
String IDcard=request.getParameter("IDcard");
String zipcode=request.getParameter("zipcode");
java.util.Date today=new java.util.Date();
String regTime=today.toLocaleString();

String sql="select * from manager where name='"+name+"'";
ResultSet rs=data.executeQuery(sql);
if(rs.next())
{%>
<script language="javascript">
alert("对不起，此用户已经存在，请重新注册");
history.back();
</script>
<%}else{
if(rate.equals("0"))
{
String sql1="Insert into manager(name,pwd,pwdquery,pwdanswer,sex,realname,email,address,tel,brith,IDcard,zipcode,rate,whetherShop,preordainShop,regTime,lastTime,mode,ddnum) ";
sql=sql1+"values(\'"+name+"\',\'"+pwd+"\',\'"+pwdquery+"\',\'"+pwdanswer+"\',\'"+sex+"\',\'"+realname+"\',\'"+email+"\',\'"+address+"\',\'"+tel+"\',\'"+brith+"\',\'"+IDcard+"\',\'"+zipcode+"\',\'"+rate+"\',\'"+0+"\',\'"+0+"\',\'"+regTime+"\',\'"+regTime+"\',\'"+mode+"\',\'"+0+"')";
rs=data.executeQuery(sql);
}else{
String sql2="Insert into manager(name,pwd,pwdquery,pwdanswer,sex,realname,email,address,tel,brith,IDcard,zipcode,rate,whetherShop,preordainShop,regTime,lastTime,mode,ddnum) ";
sql=sql2+"values(\'"+name+"\',\'"+pwd+"\',\'"+pwdquery+"\',\'"+pwdanswer+"\',\'"+sex+"\',\'"+realname+"\',\'"+email+"\',\'"+address+"\',\'"+tel+"\',\'"+brith+"\',\'"+IDcard+"\',\'"+zipcode+"\',\'"+rate+"\',\'"+0+"\',\'"+0+"\',\'"+regTime+"\',\'"+regTime+"\',\'"+mode+"\',\'"+0+"')";
rs=data.executeQuery(sql);

sql="insert into vip(name,actiontime,repel) values(\'"+name+"\',\'"+regTime+"\',\'"+"0"+"\')";
rs=data.executeQuery(sql);
}
sql="select * from manager where name='"+name+"'";
rs=data.executeQuery(sql);
if(rs.next())
{
if(rate.equals("0"))
{
%>
<script language="JavaScript">
alert("恭喜您，注册成功，您的用户ID:<%=name%>");
self.location="index.jsp";
</script>
<%}else{%>
<script language="JavaScript">
alert("恭喜您，注册成功，您的用户ID:<%=name%>\n您现在可以用普通用户的身份登陆，请等候vip审核")
self.location="index.jsp";
</script>
<%}}else{%>
<script language="JavaScript">
alert("出现异常错误，请重新注册！");
history.back();
</script>
<%}}%>