upnew.jsp

用JSP写的一个在线购物网站的代码

<%@ page contentType="text/html;charset=gb2312" import="java.sql.*,com.jspsmart.upload.*" %>
<jsp:useBean id="upload" scope="page" class="com.jspsmart.upload.SmartUpload" />
<jsp:useBean id="data" scope="page" class="shop.data.conn" />
<%
String admin=(String)session.getValue("admin");
if(admin=="" || admin==null)
{%>
<script language="javascript">
alert("请登陆后再执行管理操作");
self.location="index.jsp";
</script>
<%}else{
String sql="select * from admin where admin='"+admin+"'";
ResultSet rs=data.executeQuery(sql);
if(!rs.next())
{%>
<script language="javascript">
alert("对不起，无此管理员帐号");
history.back();
</script>
<%}}%>
<%
String setpic="";
upload.initialize(pageContext);
upload.upload();   
String pic=upload.getFiles().getFile(0).getFileName();
try{
    int i=upload.save("C:\\Program Files\\Apache Group\\Tomcat 4.1\\webapps\\examples\\shop\\news\\");
    }catch(Exception e){
    out.println("文件没有上传成功！");
     }  
String id=upload.getRequest().getParameter("id");	 	 
String oldpic=upload.getRequest().getParameter("oldpic");	 
String title=upload.getRequest().getParameter("title");
String text=upload.getRequest().getParameter("text");
String addid=upload.getRequest().getParameter("addid");
String nominate=upload.getRequest().getParameter("nominate");
if(pic.equals(""))
{ setpic=oldpic; }
else{ setpic=pic; }

String sql="update news set title='"+title+"',text='"+text+"',addid='"+addid+"',nominate='"+nominate+"',pic='"+setpic+"' where id='"+id+"'";
ResultSet rs=data.executeQuery(sql);
response.sendRedirect("editnew.jsp");
%>