profile_action.jsp

自己编写的jsp+mysql论坛系统,带后台系统.不是很完善,但是功能是完整的

<%@ page language="java" contentType="text/html; charset=GBK"
	pageEncoding="GBK"%>
<%@page import="java.util.*,java.io.*,java.sql.*"%>
<%@ include file="conn.jsp"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=GBK">
		<title>Insert title here</title>
	</head>
	<body>
		<%
			if (null != session.getAttribute("login")) {
				try {
					String strDo = "";
					String username = "";
					String old_password = "";
					String new_password = "";
					String new_email = "";

					if (null != session.getAttribute("login"))
						username = session.getAttribute("login").toString();

					if (null != request.getParameter("old_password"))
						old_password = request.getParameter("old_password");
					if (null != request.getParameter("password"))
						new_password = request.getParameter("password");
					if (null != request.getParameter("email"))
						new_email = request.getParameter("email");

					//接收空值时跳转到登录页面 防止用户直接访问本页面
					if ((username.equals(null)) || (old_password.equals(""))) {
						response.sendRedirect("error.jsp");
					} else {
						//执行查询
						strDo = "SELECT * FROM " + tuinfo + " WHERE name='"
								+ username + "' and password=SHA('"
								+ old_password + "')";
						System.out.print(strDo + "\n");
						rs = stmt.executeQuery(strDo);
						if (rs.next()) {
							rs.close();
							System.out.print("登录成功\n");
							strDo = "UPDATE " + tuinfo + " SET";
							//判断修改不同信息
							if ((!new_password.equals(""))
									&& (new_email.equals(""))) {
								strDo += " password=SHA('" + new_password
										+ "') WHERE name='" + username + "'";
								System.out.print(strDo + "\n");
								stmt.executeUpdate(strDo);
								session.removeAttribute("login");
							}
							if ((!new_email.equals(""))
									&& (new_password.equals(""))) {
								strDo += " email='" + new_email
										+ "' WHERE name='" + username + "'";
								System.out.print(strDo + "\n");
								stmt.executeUpdate(strDo);
							}
							if ((!new_password.equals(""))
									&& (!new_email.equals(""))) {
								strDo += " password=SHA('" + new_password
										+ "'),email='" + new_email
										+ "' WHERE name='" + username + "'";
								System.out.print(strDo + "\n");
								stmt.executeUpdate(strDo);
								session.removeAttribute("login");
							}
							response.sendRedirect("success.jsp");
						} else {
							rs.close();
							System.out.print("登录失败\n");
							//重定向 登录页
							response.sendRedirect("error.jsp");
						}
					}
				} catch (Exception e) {
					e.printStackTrace();
					response.sendRedirect("error.jsp");
				} finally {
					stmt.close();
					conn.close();
				}
			} else {
				response.sendRedirect("error.jsp");
			}
		%>
	</body>
</html>