loginservlet.java

网上购书系统 采用jsp+servlet+sql2000

package servlet;

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import base.DaoBase;
import bean.User;

public class LoginServlet extends HttpServlet {

	@Override
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		DaoBase db=new DaoBase();
		String username=request.getParameter("username");
		username=new String(username.getBytes("iso-8859-1"),"gbk");
		String password=request.getParameter("password");
		User ub=new User();
		ub.setUsername(username);
		ub.setPassword(password);	
		Connection conn=db.getConn();
		String sql="select * from [user] where username=? and password=?";
		try{
			PreparedStatement ps=conn.prepareStatement(sql);
			ps.setString(1, ub.getUsername());
			ps.setString(2, ub.getPassword());
			ResultSet rs=ps.executeQuery();
			if(rs.next())
			{
				HttpSession s=request.getSession();
				s.setAttribute("user", ub);
				request.getRequestDispatcher("broswer").forward(request, response);
			}
			else
			{
				request.setAttribute("sb", "sb");
				request.getRequestDispatcher("index.jsp").forward(request, response);
			}
			rs.close();
			ps.close();
		}
		catch(SQLException e){
			e.printStackTrace();
		}
	}

	@Override
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		doGet(request,response);
	}

}