auth.jsp

java + sqlserver2000编写的一个网上购书系统,实现了一些基本的功能,但对于初学者来说这个系统已经足以起到帮助作用

<%@ page language="java" pageEncoding="GB2312"%>
<%@ page import="java.sql.*" %>
<%@ page import=" java.util.*"%>
<jsp:useBean id="database" scope="page" class="ConnBean.conn"/>
<jsp:useBean id='oMD5' scope='request' class='MD5digest.MD5'/>
<%
	String AName=request.getParameter("AdminName");
	String APas=request.getParameter("AdminPas");
	String strMD5=oMD5.getMD5ofStr(APas);
	String AuthCode=request.getParameter("AuthCode");
	//out.print(AName+APas+AuthCode);
	int y,m,d,h,mm,miao;
	//int cishu=0;
	Calendar c = Calendar.getInstance();
	y = c.get(Calendar.YEAR); //年
	m = c.get(Calendar.MONTH) + 1; //月
	d = c.get(Calendar.DAY_OF_MONTH); //日
	h = c.get(Calendar.HOUR) + 12; //时
	mm = c.get(Calendar.MINUTE); //分
	miao=c.get(Calendar.SECOND);//秒
	String nowtime=y+"-"+m+"-"+d+" "+h+":"+mm+":"+miao;
	String IP=request.getRemoteAddr();
	//out.print(nowtime);
	//out.print(IP);
	ResultSet rs=null;
	try{
		if(AuthCode.equals(session.getAttribute("rand").toString())){
		    String strSQL="select * from admin where AdminName='"+AName+"' ";
		    String strSQL2="select AdminPass from admin where AdminName='"+AName+"' ";
		    rs=database.executeQuery(strSQL2);
			    if(rs.next()){
					    if(strMD5.equals(rs.getString("AdminPass"))){
					    	session.setAttribute("Name",AName);
					        //String aname=session.getAttribute("Name");
					        try{
					        ResultSet rs2=null;
							String strsql="select * from login where AdminName='"+AName+"'  order by ID desc" ;
							rs2=database.executeQuery(strsql);
							//rs2.beforeFirst();
							rs2.absolute(1);
						    int cishu=rs2.getInt("Logincishu");
							cishu=cishu+1;
							rs2.close();
					        String strsql2="insert into login(AdminName,LoginTime,LoginIP,Logincishu)  values('"+session.getAttribute("Name")+"','"+nowtime+"','"+IP+"','"+cishu+"')";
					        //out.print(strsql2);
					        database.executeUpdate(strsql2);
					        //out.print(count);
					        }catch(Exception e){out.print(e);}
							out.println("<script language=javascript>");
							out.println("alert('"+AName+"欢迎你!登陆成功!');");
							out.println("window.location.href='main.jsp';");
							out.println("</script>");
						}
						else
						{
							out.println("<script language=javascript>");
							out.println("alert('密码错误!请重新登陆!');");
							out.println("window.location.href='login.jsp';");
							out.println("</script>");
						}
			 }else
				{	
					out.println("<script language=javascript>");  
					out.println("alert('该用户不存在,请勿违规操作!');");	
					out.println("window.location.href='login.jsp';");
					out.println("</script>");
				}		
			
	 }else
	 	{
	 		out.println("<script language=javascript>");
			out.println("alert('登陆失败,请重新输入!!');");
			out.println("window.location.href='login.jsp';");
			out.println("</script>");
	 	}
	}catch(Exception e){
		out.println(e);
	}
%>