adminloginaction.java

这是一个公告管理系统

package nm.admin.action;

import java.util.Vector;

import nm.Constants;
import nm.DB;
import nm.User;
import nm.admin.form.AdminLoginForm;

import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.sql.DataSource;

import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;

public final class AdminLoginAction extends Action {
	public ActionForward execute(ActionMapping mapping, ActionForm form,
			HttpServletRequest request, HttpServletResponse response)
			throws Exception {

		AdminLoginForm adminLoginForm = (AdminLoginForm) form;
		String username = adminLoginForm.getUsername();
		String password = adminLoginForm.getPassword();

		ServletContext context = servlet.getServletContext();
		DataSource dataSource = (DataSource) context
				.getAttribute(Constants.DATASOURCE_KEY);
		DB db = new DB(dataSource);

		HttpSession session = request.getSession(true);
		ActionMessages errors = new ActionMessages();
		String PageForward = "ToErrorPage";

		//只有用户名与密码相匹配，而且用户身份为管理员时才能进入系统
		if (User.checkUser(db, username, password)
				&& "admin".equals(User.getUserGrade(db, username))) {
			User user = User.search(db, username, password);
			session.setAttribute(Constants.LOGIN_USER_KEY, user);
			
			Vector userVector = User.searchUsers(db);
			session.setAttribute(Constants.USER_LIST_KEY, userVector);
			
			PageForward = "ToUserList";
		} else {
			errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(
					"error.admin.accessDeny"));
			if (!errors.isEmpty()) {
//				saveErrors(request, errors);
				this.saveMessages(request, errors);
			}
		}

		db.close();
		return mapping.findForward(PageForward);
	}

}