loginaction.java~2~

来自「采用web2.0技术,采用动态标签,sql语句全部存储在数据库里面.开发速度快.」· JAVA~2~ 代码 · 共 137 行

package com.sztheater.biz.login;


import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionForward;
import java.sql.*;
import com.sztheater.framework.web.*;
import com.sztheater.framework.util.*;
import java.util.*;
import javax.servlet.http.*;

public class LoginAction extends Action {



		protected int checkUser (String username,String password,HttpServletRequest request) {

			int iSuccFlag = 0;
			int iExistsNum =0;
			String strMsg = "";
			String strSQL = "";
			ResultSet  rs  = null;
		    Statement  st  = null;
		    String CustomerID = "";   //用户ID
		    HashMap userinfo = null;  //用户信息
		    userinfo     = new HashMap();
			HttpSession _httpSession  = null;
			_httpSession = request.getSession();
			Connection conn      = null;
			String temple = null;
			temple = (String)_httpSession.getAttribute("username");
			if (temple==null) temple="";
			System.out.println("**********"+temple);
            if(temple.equals(username))
			    {
			    	_httpSession.setAttribute("ERR_MSG_Login","改用户已登录");
			    	iSuccFlag = -30003;
			    	return iSuccFlag;
			    }
			try{

			    try{
				conn        = DbFunc.getConnection(false);
			    }catch(Exception e){
				if(conn!=null) DbFunc.free(conn,iSuccFlag);
				conn = null;
				iSuccFlag = -90102;
				strMsg    = "服务取数据库连接异常"+e.getMessage();

		       }
			    //取得执行数据库操作Statement
				st   = conn.createStatement();
		/*		strSQL  = "select count(*) as num \n"
					+ "from T_NetCustomer \n"
					+ "where LoginName = '"+username+"' \n"
					+ "and Passward= '"+password+"'";*/

				strSQL  = "select convert(char(6),CustomerID) as CustomerID \n"
					+ "from T_NetCustomer \n"
					+ "where LoginName = '"+username+"' \n"
					+ "and Passward= '"+password+"'";

			     rs   = st.executeQuery( strSQL);
			     System.out.println("strSQL Login="+strSQL);
				if (rs!=null && rs.next()){
					iExistsNum = 1; //确认有值
				    CustomerID = rs.getString("CustomerID").trim();
					userinfo.put("username",username);
				   	userinfo.put("customerid",CustomerID);
					_httpSession.setAttribute("userinfo",userinfo);
					_httpSession.setAttribute("username",username);
				}
				rs.close();
				rs = null;
				if(iExistsNum<1){
					iSuccFlag = -90010106;
					strMsg = "用户名密码错误";
				}else{
				 iSuccFlag = 20060710;
				request.setAttribute("username",username);
					}
				return iSuccFlag;

			} catch(Exception e){

		    iSuccFlag = -20102005;
			strMsg = e.getMessage();
			System.out.println(strMsg);
			strMsg    = "数据库操作异常"+e.getMessage();
			_httpSession.setAttribute("ERR_MSG_Login",strMsg);
			System.out.println(strMsg +"\n" + e.getMessage() + "\n" + strSQL);
			return iSuccFlag;
		}finally{
			try{
				if(rs!=null) rs.close();
			}catch(Exception e1){
			}
			try{
				if(st!=null) st.close();
				if(conn!=null)  conn.close();
			}catch(Exception e1){
			}
			rs= null;
			st= null;
		}
			}

		public ActionForward execute(ActionMapping mapping,
						ActionForm form,
						HttpServletRequest request,
						HttpServletResponse response)
						throws IOException,ServletException {

				String target = new String("success");
				String username = ((LoginForm)form).getUsername();
				String password = ((LoginForm)form).getPassword();
			    int iSuccFlag = 0;

		        iSuccFlag = checkUser(username,password,request);
				if(iSuccFlag>0) {
					return (mapping.findForward(target));
					}
				      target = "failure";
				      request.setAttribute("feedback",target);
					  return (mapping.findForward(target));
								}



	}