login_action.jsp

自己编写的jsp+mysql论坛系统,带后台系统.不是很完善,但是功能是完整的

<%@ page language="java" contentType="text/html; charset=GBK"
	pageEncoding="GBK"%>
<%@page import="java.util.*,java.io.*,java.sql.*"%>
<%@ include file="conn.jsp"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=GBK">
	</head>
	<body>
		<%
			try {
				String strDo = "";
				String username = "";
				String password = "";
				if (null != request.getParameter("username"))
					username = request.getParameter("username");
				if (null != request.getParameter("password"))
					password = request.getParameter("password");

				//接收空值时跳转到登录页面 防止用户直接访问本页面
				if ((username.equals("")) || (password.equals(""))) {
					response.sendRedirect("error.jsp");
				} else {
					//执行查询
					strDo = "SELECT id,name,password FROM " + tuinfo
							+ " WHERE name='" + username
							+ "' and password=SHA('" + password + "')";
					System.out.print(strDo + "\n");
					rs = stmt.executeQuery(strDo);
					if (rs.next()) {
						int id = rs.getInt("id");
						rs.close();
						System.out.print("登录成功\n");
						//重定向 主页
						response.sendRedirect("success.jsp");
						//登录成功
						//用户名=session"login" id=session"loginid"
						session.setAttribute("authorid", id);
						session.setAttribute("login", username);
						//普通用户登录 清空session adminlogin
						if (null != session.getAttribute("adminlogin"))
							session.removeAttribute("adminlogin");
					} else {
						rs.close();
						System.out.print("登录失败\n");
						//重定向 登录页
						response.sendRedirect("error.jsp");
					}
				}
			} catch (Exception e) {
				e.printStackTrace();
				response.sendRedirect("error.jsp");
			} finally {
				stmt.close();
				conn.close();
			}
		%>
	</body>
</html>