servletlogin.java

在线教育平台： 从小学

package edu;

import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;

public class Servletlogin extends HttpServlet {

	public void doPost(HttpServletRequest req, HttpServletResponse res)
			throws ServletException, IOException {
		String message = null;
		String name = null;
		name = new String(req.getParameter("name").getBytes("ISO-8859-1"),"gbk");
		HttpSession session = req.getSession(true);

		Md5Bean md5 = new Md5Bean();
		String password = null;
		password = md5.getMD5ofStr(req.getParameter("password"));

		String sort = null, rand = null, rand1 = null;
		sort = req.getParameter("sort");
		try {
			rand = req.getParameter("rand");

			rand1 = (String) session.getAttribute("rand");
		} catch (NullPointerException e) {
		}
		String userid = null;
		if (sort.equalsIgnoreCase("teacher") || sort.equalsIgnoreCase("user")) {
			userid = getUserId(req, res, name, sort);
			String temp = getPassword(req, res, name, sort);
			if (password.equals(temp)) {
				session.setAttribute("userid", String.valueOf(userid));
				session.setAttribute("name", String.valueOf(name));
				session.setAttribute("sort", String.valueOf(sort));
				goo(req, res, sort);
			} else {
				message = "用户名或密码有误！";
				doError(req, res, message);
			}
		}
		if (sort.equalsIgnoreCase("admin") && rand.equals(rand1)) {
			userid = getUserId(req, res, name, sort);
			String temp = getPassword(req, res, name, sort);
			if (password.equals(temp)) {
				session.setAttribute("userid", String.valueOf(userid));
				session.setAttribute("name", String.valueOf(name));
				session.setAttribute("sort", String.valueOf(sort));
				goo(req, res, sort);
			} else {
				message = "用户名或密码有误！";
				doError(req, res, message);
			}
		}

		if (rand != null && rand1 != null && !rand.equals(rand1)) {
			message = "认证码有误！";
			doError(req, res, message);
		}

	}

	public void goo(HttpServletRequest req, HttpServletResponse res, String sort)
			throws ServletException, IOException {

		if (sort.equals("user")) {
			RequestDispatcher rd = getServletContext().getRequestDispatcher(
					"/index.jsp");
			rd.forward(req, res);
		}
		if (sort.equals("teacher")) {
			RequestDispatcher rd = getServletContext().getRequestDispatcher(
					"/index.jsp");
			rd.forward(req, res);
		}
		if (sort.equals("admin")) {
			RequestDispatcher rd = getServletContext().getRequestDispatcher(
					"/admin.jsp");
			rd.forward(req, res);
		}
	}

	public String getPassword(HttpServletRequest req, HttpServletResponse res,
			String name, String sort) throws ServletException, IOException {
		SqlBean db = new SqlBean();
		String pw = "", psw = "", name1 = "";
		if (sort.equalsIgnoreCase("user")) {
			name1 = "u_name";
			psw = "u_psw";
		}
		if (sort.equalsIgnoreCase("teacher")) {
			name1 = "t_teacher";
			psw = "t_psw";
		}
		if (sort.equalsIgnoreCase("admin")) {
			name1 = "admin";
			psw = "psw";
		}
		String sql = "select " + psw + " from " + sort + " where " + name1
				+ "='" + name + "'";
		try {
			ResultSet rs = db.executeQuery(sql);
			if (rs.next()) {
				pw = rs.getString(1);
			}
		} catch (Exception e) {
			System.out.print(e.toString());
		}
		return pw;
	}

	public String getUserId(HttpServletRequest req, HttpServletResponse res,
			String name, String sort) throws ServletException, IOException {
		SqlBean db = new SqlBean();
		String userid = "", id = "", name1 = "";
		if (sort.equalsIgnoreCase("user")) {
			name1 = "u_name";
			id = "u_id";
		}
		if (sort.equalsIgnoreCase("teacher")) {
			name1 = "t_teacher";
			id = "t_id";
		}
		if (sort.equalsIgnoreCase("admin")) {
			name1 = "admin";
			id = "id";
		}
		String sql = "select " + id + " from " + sort + " where " + name1
				+ "='" + name + "'";
		try {
			ResultSet rs = db.executeQuery(sql);
			if (rs.next()) {
				userid = rs.getString(1);
			}
		} catch (Exception e) {
			System.out.print(e.toString());
		}
		return userid;
	}

	public void doError(HttpServletRequest req, HttpServletResponse res,
			String str) throws ServletException, IOException {

		req.setAttribute("problem", str);
		RequestDispatcher rd = getServletContext().getRequestDispatcher(
				"/error_ad.jsp");
		rd.forward(req, res);
	}

	public void doGet(HttpServletRequest req, HttpServletResponse res)
			throws ServletException, IOException {
		String action = null;
		action = req.getParameter("action");
		if ("logout".equalsIgnoreCase(action)) {
			HttpSession session = req.getSession(true);
			session.invalidate();
			RequestDispatcher rd = getServletContext().getRequestDispatcher(
					"/index.jsp");
			rd.forward(req, res);
		}
	}

}