📄 reg_action.jsp
字号:
<%@ page language="java" contentType="text/html; charset=GBK"
pageEncoding="GBK"%>
<%@page import="java.util.*,java.io.*,java.sql.*"%>
<%@ include file="conn.jsp"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=GBK">
</head>
<body>
<%
try {
String strDo = "";
String username = "";
int id = 0;
String password = "";
String email = "";
if (null != request.getParameter("username"))
username = request.getParameter("username");
if (null != request.getParameter("password"))
password = request.getParameter("password");
if (null != request.getParameter("email"))
email = request.getParameter("email");
//除去username,password,email中空格
username = username.replaceAll(" ", "");
password = password.replaceAll(" ", "");
email = email.replaceAll(" ", "");
//字符过滤
for (int i = 1; i <= username.length(); i++) {
if (username.substring(i - 1, i).equals("'")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("\"")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("@")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("!")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("#")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("%")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("^")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("&")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("*")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("(")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals(")")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("-")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("+")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("/")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("\\")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("{")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("}")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("[")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("]")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals(";")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals(":")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals(",")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals(".")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("<")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals(">")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("?")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("`")) {
response.sendRedirect("error.jsp");
return;
}
if (username.substring(i - 1, i).equals("~")) {
response.sendRedirect("error.jsp");
return;
}
}
//判断用户名开头字符
for (int i = 1; i < 10; i++) {
if (username.substring(0, 1).equals(String.valueOf(i))) {
response.sendRedirect("error.jsp");
return;
}
}
//接收空值时跳转到登录页面 防止用户直接访问本页面
if ((username.equals("")) || (password.equals(""))
|| (email.equals(""))) {
response.sendRedirect("login.jsp");
return;
} else {
//查询用户存在性
boolean isexist = true;
//执行查询
strDo = "SELECT name FROM " + tuinfo + " WHERE name='"
+ username + "'";
System.out.print(strDo + "\n");
rs = stmt.executeQuery(strDo);
if (rs.next()) {
rs.close();
System.out.print("用户名存在\n");
isexist = true;
response.sendRedirect("error.jsp");
} else {
rs.close();
System.out.print("用户名不存在\n");
isexist = false;
}
if (isexist == false) {
//执行插入
strDo = "INSERT INTO " + tuinfo
+ " (name,password,email) VALUES ( '"
+ username + "' , SHA('" + password + "') , '"
+ email + "' )";
System.out.print(strDo + "\n");
stmt.executeUpdate(strDo);
//查询id
strDo = "SELECT id FROM " + tuinfo + " WHERE name='"
+ username + "'";
System.out.print(strDo + "\n");
rs = stmt.executeQuery(strDo);
if (rs.next()) {
id = rs.getInt("id");
rs.close();
} else {
response.sendRedirect("error.jsp");
}
//重定向 注册成功页
response.sendRedirect("success.jsp");
//注册成功
//用户名=session"login" id=session"loginid"
session.setAttribute("authorid", id);
session.setAttribute("login", username);
}
}
} catch (Exception e) {
response.sendRedirect("error.jsp");
e.printStackTrace();
} finally {
stmt.close();
conn.close();
}
%>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -