send.jsp

用JSP写的一个在线购物网站的代码

<%@ page contentType="text/html;charset=gb2312" import="java.sql.*,java.lang.*" %>
<jsp:useBean id="data" scope="page" class="shop.data.conn" />
<%
String name=request.getParameter("name");
String admin=(String)session.getValue("admin");
String sql="select * from admin where admin='"+admin+"' and system='"+"1"+"'";
ResultSet rs=data.executeQuery(sql);
if(!rs.next())
{%>
<script language="javascript">
alert("对不起，您不是系统管理员不能进行相应操作");
history.back();
</script>
<%}else{
String id=request.getParameter("id");
String buy=request.getParameter("buy");
sql="select censor_yes from dingdan where dingdanid='"+id+"'";
rs=data.executeQuery(sql);
rs.next();
String censor_yes=rs.getString("censor_yes");
rs.close();
if(censor_yes.equals("0"))
{%>
<script language="JavaScript">
alert("该定单未经审核，不能发货");
history.back();
</script>
<%}else{
sql="select * from manager where name='"+buy+"'";
rs=data.executeQuery(sql);
rs.next();
int whetherShop=rs.getInt("whetherShop");
rs.close();

sql="update manager set whetherShop='"+(whetherShop+1)+"' where name='"+buy+"'";
rs=data.executeQuery(sql);

sql="update dingdan set send='"+"1"+"' where dingdanid='"+id+"'";
rs=data.executeQuery(sql);

response.sendRedirect("admin_index.jsp");
}}
%>