loginaction.java

一个不错的bbs论坛系统．对初学者很有帮助

package com.yhbbs.user.action;

import java.util.HashMap;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;

import com.yhbbs.bbs.biz.BbsPropBiz;
import com.yhbbs.bbs.biz.WealthBiz;
import com.yhbbs.bbs.itface.WealthDto;
import com.yhbbs.user.bean.OsBrowser;
import com.yhbbs.user.bean.UserLgDtoIm;
import com.yhbbs.user.biz.OnlineBizIm;
import com.yhbbs.user.biz.SessionBiz;
import com.yhbbs.user.biz.UserBiz;
import com.yhbbs.user.form.LoginForm;
import com.yhbbs.user.itface.bean.UserLgDto;
import com.yhbbs.user.itface.bean.UserSession;
import com.yhbbs.utils.Constants;
import com.yhbbs.utils.DateUtils;
import com.yhbbs.utils.MD5;
import com.yhbbs.utils.StringUtils;
/**
 * <p>Title:论坛用户登录Action</p>
 * <li>	取得用户Cookie保存时间、是否隐身
 * <li> 判断用户是否存在，若用户登录成功，则将去加到在线用户列表同时更新该用户相关信息
 * <li>	处理成功或失败后分别跳转到相关页面并提示相关信息和操作<br>
 * <br><b>WebSite: www.yyhweb.com</b>
 * <br><b>CopyRight: yyhweb[由由华网]</b>
 * @author stephen
 * @version YHBBS-2.0
 */
public class LoginAction extends Action {
	public ActionForward execute(ActionMapping mapping,ActionForm form,
			  HttpServletRequest request,HttpServletResponse response){
		    ActionMessages errors = new ActionMessages();
		    Logger bbslog = Logger.getLogger(LoginAction.class);
		    HttpSession session = request.getSession(true);
		    LoginForm login = (LoginForm)form;
		    
		    //	验证码检验
		    if(BbsPropBiz.getParameter().getLoginCode()==1){
				String checkNum = login.getCode();
				String randNum = (String) session.getAttribute(Constants.bbscode);
				// 从session中删除rand
				session.removeAttribute(Constants.bbscode);
				if(checkNum==null || randNum ==null || (!checkNum.equals(randNum))){
					errors.add("user.checkNum.wrong",new ActionMessage("user.checkNum.wrong"));
					saveErrors(session,errors);
					return mapping.findForward("Failure");
				}
		    }
			
		    MD5 md = new MD5();
			String username = login.getUsername();
			//  检查是否允许该IP登录
			String ips = BbsPropBiz.getForbid(2);
			if(StringUtils.isRightIp(ips,request)){
				errors.add("login.ip.forbid",new ActionMessage("login.ip.forbid"));
				saveErrors(request,errors);
				return mapping.findForward("Failure");
			}
			String password = md.getMD5ofStr(login.getPassword());
			String hd = login.getHd();
			String ck = login.getCk();
			int ctime = 0;
			int userId = 0;
			HashMap<String,String> userMap = new HashMap<String,String>();
			userMap.put("username",username);
			userMap.put("password",password);

			UserLgDto userdto = new UserLgDtoIm();
			UserSession onlineUser = null;
			WealthDto wealth = WealthBiz.getLoginWth();
			String ltime = DateUtils.getCurFormatDate(Constants.dateFL);
			String lip = request.getRemoteAddr();
			userdto.setCharam(wealth.getCharam());
			userdto.setExperience(wealth.getExperc());
			userdto.setMoney(wealth.getMoney());
			userdto.setLoginip(lip);
			userdto.setLogintime(ltime);
			userdto.setLasttime(ltime);
			if(hd!=null&&hd.length()>0){//not indexlogin
				 if(hd.equals("d"))
					 userdto.setIsonline("1");
				 else
					 userdto.setIsonline("0");
			 }else{
				 userdto.setIsonline("1");
			 }
			
			userId = UserBiz.userLogin(userMap,userdto);
			 if(userId > 0) {  //	登录成功
				 //判断是否已经登录,此时从session里取得的用户还不是刚刚登录的用户
				 UserSession bbsuser = (UserSession) session.getAttribute(Constants.bbsuser);
				 boolean again = false;
				 again = OnlineBizIm.getUseridlist().contains((Object)userId);
				 if(bbsuser!=null){	// 这个地方表示用户重新登录，故不用提示。
					if(userId==bbsuser.getUserId())
						 again = false;
				 }
				 /**
				  * 如果检查到用户已经登录，仍然创建该用户，在session创建的时候，检查到该用户已经登录，
				  * 先从useridlist里删除，再从onlinelist删除，未解决：让先登录用户失效
				  */
				 onlineUser = UserBiz.getOnlineUser(userId);
				 onlineUser.setIp(request.getRemoteAddr());
				 onlineUser.setForumid(0);
				 onlineUser.setActivetime(ltime);
				 onlineUser.setLogintime(ltime);
				 onlineUser.setPostion("论坛首页");
				 onlineUser.setBrowser(OsBrowser.getUserBrowser(request.getHeader("User-Agent")));
				 onlineUser.setOs(OsBrowser.getUserOs(request.getHeader("User-Agent")));
				 SessionBiz.userlogin(request,onlineUser);
				 
				 //cookie
				 if(ck.equals("n"))
					 ctime = 0;
				 if(ck.equals("d"))
					 ctime = 24*60;
				 if(ck.equals("m"))
					 ctime = 24*30*60;
				 if(ck.equals("w"))
					 ctime = 24*30*7*60;
				 Cookie namecookie = new Cookie(Constants.cookiename,StringUtils.encodeString(username));
				 namecookie.setMaxAge(ctime);
				 response.addCookie(namecookie);
				 if(again){
					bbslog.warn("A User login in another place the userId:"+userId);
					errors.add("login.many.times",new ActionMessage("login.many.times"));
					saveErrors(request,errors);
					return mapping.findForward("Failure"); 
				 }
				 return mapping.findForward("Success");
			}else{
				bbslog.warn("A User login bbs unsuccessfully!The ip is:"+lip);
				errors.add("login.fail",new ActionMessage("login.fail"));
				saveErrors(request,errors);
				return mapping.findForward("Failure");
			}
	}
}