updateproduct.jsp

一个网站的系统主要是jsp的进存销的系统

<%@ page language="java" contentType="text/html; charset=gb2312"
    pageEncoding="gb2312"%>
<%@ page import="java.sql.DriverManager" %>
<%@ page import="java.sql.Connection" %>
<%@ page import="java.sql.PreparedStatement" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@page import="java.util.Date"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>Insert title here</title>
</head>
<body>
<%
   //设定获取的参数的字符编码
   request.setCharacterEncoding("gb2312");

   //获取参数的值
   String Code = request.getParameter("txtCode");
   String Name = request.getParameter("txtName");
   String Category = request.getParameter("txtCategory");
   String FromAddress = request.getParameter("txtFromAddress");
   String Specs = request.getParameter("txtSpecs");
   String Unit = request.getParameter("txtUnit");
   String CPrice = request.getParameter("txtCPrice");
   String WPrice = request.getParameter("txtWPrice");
   String RPrice = request.getParameter("txtRPrice");

   String DoType = request.getParameter("do");

   //写入数据
   try
   {
      Class.forName("oracle.jdbc.driver.OracleDriver");
      Connection  cn = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:Name","Scott","Tiger");

      String sqlStr = "";
      if (DoType.equals("New"))
      {
    	  sqlStr = "Insert into Product values(Seq_Product.NextVal,?,?,?,?,?,?,?,?,?,'',sysdate,?)";

//    	  sqlStr = "Insert into Product values(Seq_Product.NextVal,'"+ Code +"','"+Name+"','"+Category+"','"+Specs+"','"+FromAddress+"','"+Unit+"',"+CPrice+","+WPrice+","+RPrice+",'',sysdate,'管理员')";
      }
      else if (DoType.equals("Edit"))
      {
    	  sqlStr = "Update Product ";
    	  sqlStr += "Set CategoryId = '"+Category+"',";
    	  sqlStr += "Name ='"+Name+"',";
          sqlStr += "Specs ='"+Specs+"',";
          sqlStr += "FromAddress ='"+FromAddress+"',";
          sqlStr += "Unit ='"+Unit+"',";
          sqlStr += "CostPrice ="+CPrice+",";
          sqlStr += "WholesalePrice ="+WPrice+",";
          sqlStr += "RetailPrice ="+RPrice+",";
          sqlStr += "ProUpDate ="+"sysdate"+",";
          sqlStr += "Operater ='"+"管理员"+"' ";
    	  sqlStr += "Where Code = '"+Code+"'";
      }
      else
      {
    	  String id = request.getParameter("PID");
    	  sqlStr = "Delete From Product Where ProId = "+id;
      }
      PreparedStatement pstmt = cn.prepareStatement(sqlStr);

      if (DoType.equals("New"))
      {
    	  pstmt.setString(1,Code);
    	  pstmt.setString(2,Name);
    	  pstmt.setString(3,Category);
    	  pstmt.setString(4,Specs);
    	  pstmt.setString(5,FromAddress);
    	  pstmt.setString(6,Unit);
    	  pstmt.setFloat(7,Float.parseFloat(CPrice));
    	  pstmt.setFloat(8,Float.parseFloat(WPrice));
    	  pstmt.setFloat(9,Float.parseFloat(RPrice));
    	  pstmt.setString(10,session.getAttribute("UserName").toString());
      }
      else if (DoType.equals("Edit"))
      {

      }
      else
      {

      }
      pstmt.execute();

      out.println(sqlStr);
      pstmt.close();
      cn.close();
      response.sendRedirect("Product.jsp");
   }
   catch(Exception e)
   {
 	  out.println("系统出错了，呵呵~~~~，原因："+e.getMessage());
   }
%>
</body>
</html>