loginbean.java

一个用java实现的bbs论坛系统...........................

/**
 * @author woexpert@yahoo.com
 * @version v0 110400
 */

import java.sql.*;

public class LoginBean {

    private static final boolean DEBUG = false;

	private String acctName;
	public String getAcctName() { return acctName; }
	public void setAcctName(String s) { acctName = s; }

	private String password;
	public String getPassword() { return password; }
	public void setPassword(String s) { password = s; }

    private Connection conn;
    
	public LoginBean() {
		acctName = null;
		password = null;

        // Get connection:
        try {
            Class.forName("oracle.jdbc.driver.OracleDriver");
            conn = DriverManager.getConnection
                    ("jdbc:oracle:oci8:@JavaBBS.woexpert", "bbsdev", "bbsdev");
        } catch (ClassNotFoundException e) {
            System.err.println("Err: " + e.getMessage());
        } catch (SQLException e) {
            System.err.println("Err: " + e.getMessage());
        }
	}

    protected void finalize() throws Throwable {
        try {
            conn.close();
        } catch (SQLException e) {
            System.err.println("Err: " + e.getMessage());
        }
        super.finalize();
    }

    /**
     * This function might be unnecessary. (hold)
     */
    public boolean isLoginSuccess() {

        // Encrypt password:
        byte [] pbytePwdEnc = A1Encryption.encryptPwd(password);
        if (DEBUG) System.out.println("pbytePwdEnc: " + pbytePwdEnc +
                " w/ length: " + pbytePwdEnc.length);

        String sSqlStmt = "select count(rowid) from customer" +
                " where" +
                " acct_name = '" + acctName + "' and" +
                " pwd_enc = ?";
        if (DEBUG) System.out.println("sSqlStmt:\n" + sSqlStmt);

        int nCustomerMatched = -1;
        try {
            PreparedStatement pstmt = conn.prepareStatement(sSqlStmt);
            pstmt.setBytes(1, pbytePwdEnc);
            if (DEBUG) System.out.println("pstmt:\n" + pstmt);
            ResultSet rs = pstmt.executeQuery();
            if (DEBUG) System.out.println("rs: " + rs);

            rs.next();
            nCustomerMatched = rs.getInt(1);
            if (DEBUG) System.out.println("nCustomerMatched: " + nCustomerMatched);
            rs.close();
            pstmt.close();
        } catch (SQLException e) {
            System.err.println("Err: " + e.getMessage());
        }

        if (nCustomerMatched == 0) {
            return false;
        } else if (nCustomerMatched == 1) {
            return true;
        } else {
            throw new RuntimeException("Err: Invalid nCustomerMatched or some other errors.");
        }
    }
    
    public int fetchCustomerId() {

        // Encrypt password:
        byte [] pbytePwdEnc = A1Encryption.encryptPwd(password);
        if (DEBUG) System.out.println("pbytePwdEnc: " + pbytePwdEnc +
                " w/ length: " + pbytePwdEnc.length);

        String sSqlStmt = "select id from customer" +
                " where" +
                " acct_name = '" + acctName + "' and" +
                " pwd_enc = ?"; // don't need to bind acct_name (hold)
        if (DEBUG) System.out.println("sSqlStmt:\n" + sSqlStmt);

        try {
            PreparedStatement pstmt = conn.prepareStatement(sSqlStmt);
            pstmt.setBytes(1, pbytePwdEnc);
            ResultSet rs = pstmt.executeQuery();

            rs.next();
            int nCustomerId = rs.getInt(1);
            rs.close();
            pstmt.close();
            return nCustomerId;
        } catch (SQLException e) {
            System.err.println("Err: " + e.getMessage());
            return -1; // (hold)
        }
    }
}