bankserver.java

虚拟银行

package BankServer;

import Tools.*;
import java.io.*;
import java.net.*;
import java.sql.*;
import java.lang.*;

public class BankServer {

    protected int listenPort;
    public ServerSocket server;
    public BankServer(int aListenPort) {
        listenPort = aListenPort;

    }

    public void acceptConnections() {
        try {
            server = new ServerSocket(listenPort);
            Socket incomingConnection = null;
            while (true) {
                incomingConnection = server.accept();
                handleConnection(incomingConnection);
            }
        } catch (BindException e) {
            System.out.println("Unable to bind to port " + listenPort);
        } catch (IOException e) {
            System.out.println("Unable to instantiate a ServerSocket on port: " + listenPort);
        }
    }

    public void handleConnection(Socket connectionToHandle) {
        new Thread(new ConnectionHandler(connectionToHandle)).start();
    }
    public static void main(String[] args) {
        BankServer server = new BankServer(5000);
        server.acceptConnections();
    }

}

class ConnectionHandler implements Runnable {


    protected Socket socketToHandle;

    public ConnectionHandler(Socket aSocketToHandle) {
        this.socketToHandle = aSocketToHandle;

    }

    public void run() {
        BufferedReader reader;
        PrintWriter writer;
        String in, name, password, address, phone, cmdText, time;
        int money;
        try {
            reader = new BufferedReader(new InputStreamReader(socketToHandle.getInputStream()));
            writer = new PrintWriter(socketToHandle.getOutputStream(), true);
            in = reader.readLine();
            System.out.println("BankServer:in:" + in);
            String[] result = in.split("&");
            if (result[0].equals("login")) {
                name = result[1];
                password = result[2];
                sql Sql = new sql();
                cmdText = "select * from account where username='" + name + "'and password='" + password + "'";
                ResultSet Rst = Sql.sqlQuery(cmdText);
                if (!Rst.next()) {
                    writer.println("false");
                } else {
                    writer.println("true&" + Rst.getString("username") + "&" + Rst.getString("password") + "&" + Rst.getInt("money") + "&" + Rst.getString("role"));
                }
            } 
            else if (result[0].equals("clerkquery")) {
                name = result[1];
                sql Sql = new sql();
                cmdText = "select * from account where username='" + name  + "'";
                ResultSet Rst = Sql.sqlQuery(cmdText);
                if (!Rst.next()) {
                    writer.println("false");
                } else {
                    writer.println("true&" + Rst.getInt("money") +"&"+ Rst.getString("password"));
                }
            
            } else if (result[0].equals("regester")) {
                name = result[1];
                password = result[2];
                money = Integer.parseInt(result[3]);
                sql Sql = new sql();
                cmdText = "select * from account where username='" + name + "'";
                ResultSet Rst = Sql.sqlQuery(cmdText);
                if (Rst.next()) {
                    writer.println("false");
                } else {
                    sql Sql1 = new sql();
                    cmdText = "INSERT INTO account (username,password,money)VALUES ('" + name + "','" + password + "'," + money + ")";
                    Sql1.sqlUpdate(cmdText);
                    writer.println("true");
                }
            } 
            else if (result[0].equals("loan")) {
                name = result[1];
                password = result[2];
                money = Integer.parseInt(result[3]);
                sql Sql = new sql();
                cmdText = "select * from account where username='" + name + "'";
                ResultSet Rst = Sql.sqlQuery(cmdText);
                if (Rst.next()) {
                    writer.println("false");
                } else {
                    sql Sql1 = new sql();
                    cmdText = "INSERT INTO account (username,password,money)VALUES ('" + name + "','" + password + "'," + money + ")";
                    Sql1.sqlUpdate(cmdText);
                     sql Sql2 = new sql();
                    String cmdText2 = "update  account set money=money-" + money + " where username='" + "bank"+ "'";
                    Sql2.sqlUpdate(cmdText2);
                    writer.println("true");
                }
            }else if (result[0].equals("deposit")) {
                name = result[1];
                int qian = Integer.parseInt(result[2]);
                sql Sql = new sql();
                cmdText = "update  account set money=money+" + qian + " where username='" + name + "'";
                Sql.sqlUpdate(cmdText);
            } else if (result[0].equals("withdraw")) {
                name = result[1];
                int qian = Integer.parseInt(result[2]);
                sql Sql = new sql();
                cmdText = "update  account set money=money-" + qian + " where username='" + name + "'";
                Sql.sqlUpdate(cmdText);
            } else if (result[0].equals("transfer")) {
                String nameout = result[1];
                String namein = result[2];
                int qian = Integer.parseInt(result[3]);
                sql Sql = new sql();
                cmdText = "update  account set money=money-" + qian + " where username='" + nameout + "'";
                Sql.sqlUpdate(cmdText);
                sql Sql1 = new sql();
                cmdText = "update  account set money=money+" + qian + " where username='" + namein + "'";
                Sql1.sqlUpdate(cmdText);
            } else if (result[0].equals("changepwd")) {
                name = result[1];
                String pwdnew = result[2];
                sql Sql = new sql();
                cmdText = "update  account set password='" + pwdnew + "' where username='" + name + "'";
                Sql.sqlUpdate(cmdText);
            }

            writer.flush();
            reader.close();
            writer.close();
        } catch (Exception e) {
            System.out.println("Error handling a client: " + e);
        }
    }
}