queryuserservlet.java

应用系统的权限管理

package com.gmdq.util;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.gmdq.connection.SybaseConn;
import com.gmdq.entitybeans.ADUser;

public class QueryUserServlet extends javax.servlet.http.HttpServlet{

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	private Connection conn;
	

	@Override
	public void init() throws ServletException {
        SybaseConn sysbase=new SybaseConn();
		
		conn=sysbase.getConnection();
		
	}

	@Override
	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		System.out.println("***************************");
		StringBuffer sb=new StringBuffer("<data>\n");

		
		 String chinaname = request.getParameter("chinaname");
		 System.out.println("chinaname====="+chinaname);
		 String sql="select * from aduser where 1=1 ";
		 if(chinaname!=null&&!chinaname.equals(""))
		 {
			 sql=sql+" and username like'%"+chinaname+"%'";
		 }
		 System.out.println("&&&&&&&&&&&&&&&&&&&====="+sql);
		 PreparedStatement myPreparedStatement;
        try {
			myPreparedStatement = conn.prepareStatement(sql);
			ResultSet myResultSet = myPreparedStatement.executeQuery();
			 while(myResultSet.next())
	         {
				    sb.append("<user>\n");
				    sb.append("<username>"+myResultSet.getString("username").trim()+"</username>\n");
				    sb.append("<displayname>"+myResultSet.getString("displayname").trim()+"</displayname>\n</user>\n");
				  
				    
				 
	         }
			 response.setContentType("text/xml");
	         response.setHeader("Cache-Control", "no-cache");
	         sb.append("</data>");
	         response.setCharacterEncoding("UTF-8");
	         //System.out.println(sb.toString());
	         
            PrintWriter out=response.getWriter();
            
            out.write(sb.toString());
            out.close();


		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}

	@Override
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		StringBuffer sb=new StringBuffer("<data>\n");

		
		 String chinaname = request.getHeader("chinaname");
		 String sql="select * from aduser where 1=1 ";
		 if(chinaname!=null&&!chinaname.equals(""))
		 {
			 sql=sql+" and username like'%"+chinaname+"%'";
		 }
		 PreparedStatement myPreparedStatement;
         try {
			myPreparedStatement = conn.prepareStatement(sql);
			ResultSet myResultSet = myPreparedStatement.executeQuery();
			 while(myResultSet.next())
	         {
				    sb.append("<user username="+myResultSet.getString("username")+" displayname="+myResultSet.getString("displayname")+"\n");
				  
				    
				 
	         }
			 response.setContentType("text/xml");
			 response.setCharacterEncoding("UTF-8");
	         response.setHeader("Cache-Control", "no-cache");
	         sb.append("</state>");
             PrintWriter out=response.getWriter();
             out.write(sb.toString());
             out.close();


		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
		
		
	}
	

}