checkuser.jsp

公文办理系统

<%@page contentType="text/html;charset=GBK"%>
<%@include file="const\global.jsp"%>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="css/style.css" type="text/css">
<base target="left">
<title></title>
</head>
<body>
<%
String StrMsg="";
try{
	Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
	sqlCon = java.sql.DriverManager.getConnection(ConnStr,ConnUser,ConnPassword);
	sqlStmt = sqlCon.createStatement();

	String userid=new String(request.getParameter("workername").getBytes("8859_1"));
	String pwd=new String(request.getParameter("workerpass").getBytes("8859_1"));

	String strinfo="";
	strSQL="select * from userlist where userid='"+ userid +"'";
	sqlRst = sqlStmt.executeQuery(strSQL);
	if(sqlRst.next()){		
		if(!sqlRst.getString("pwd").equals(pwd)){
			strinfo="密码错误！";
		}
	}
	else{
		strinfo="用户错误！";
	}
	sqlRst.close();

	if (strinfo.equals("")) {		
		session.setAttribute("Login", "OK");
		session.setAttribute("Loginuser",userid);
		response.sendRedirect("main.jsp");
	}
	else {			
		//response.sendRedirect("login.jsp);	
		out.println("<font color=red>###"+strinfo+"三秒后自动跳转</font>");
		response.setHeader("Refresh","3;URL=login.jsp");
	}

    //关闭SQL语句对象 
    sqlStmt.close();
    //关闭数据库
    sqlCon.close();
    }catch(SQLException s) { 
        StrMsg="SQL错误信息："+s.toString()+" "+s.getErrorCode()+" "+s.getSQLState();
    }catch(Exception e) { 
        StrMsg="错误信息："+e.toString()+e.getMessage();
    }

	if(!StrMsg.equals("")){
		out.println("<font color=red>"+StrMsg+"</font>");
	}
%>
</body>