login.java

jsp超市管理系统系统,是用经典的MVC设计模式开发的非常适合初学者学习。

package com.myservlet;

import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
import com.dbconn.*;

public class Login extends HttpServlet{
	
	/**
	 *  @author LiPeng
	 *  登陆验证，并和过滤器有关
	 */
	private static final long serialVersionUID = -3742410687756759209L;

	protected void doPost(HttpServletRequest request,HttpServletResponse response) 
	    throws ServletException, IOException {
				
		String id = request.getParameter("logname");
		String pwd = request.getParameter("password");
		String status = request.getParameter("status");
			   status = new String(status.getBytes("ISO-8859-1"),"gbk");

		//判断验证码是否正确
		int random = Integer.parseInt(request.getParameter("check"));
		int random2 = Integer.parseInt(request.getSession().getAttribute("random").toString());
		//System.out.println(random);
		//System.out.println(random2);
		
		if (random != random2) {
			request.getSession(true).setAttribute("error","验证码错误");
			//request.setAttribute("error", "验证码错误！");
			
			try {
				response.sendRedirect("login/login.jsp");	
				//request.getRequestDispatcher("login.jsp").forward(request, response);
			} 
			catch (Exception e) {
				System.out.println(e);
			}
		}			   			   
		   		
		//验证用户名、密码和身份权限
		ConnManager connManager = new ConnManager(); 
		Connection conn = connManager.getConnection("market");
		
		ResultSet rs = null;
		PreparedStatement ps = null;		
		String sql = "SELECT * FROM consumer WHERE id='"+id+"'AND pwd='"+pwd+"'AND status='"+status+"'";
		System.out.println(sql);
			
		try{			 								
			ps = conn.prepareStatement(sql);
			rs = ps.executeQuery();
			
			if (rs.next()){              // 登录成功时,把logname放入session中
				//System.out.println(rs.getString("name"));
				request.getSession(true).setAttribute("logname",rs.getString("name"));	//用户姓名
				request.getSession(true).setAttribute("logid",id);	// 用户编号
				request.getSession(true).setAttribute("status",status);				
				
				try{
					response.sendRedirect("index/index.jsp");
				} 
				catch (Exception e) {
					System.out.println(e);
				}	
			}						
			else{						//否则（记录集为空），表明用户名或密码错误。
				request.getSession(true).setAttribute("error","用户名或密码错误");				
				try {
					response.sendRedirect("login/login.jsp");
				} 
				catch (Exception e) {
					System.out.println(e);
				}
			}			
		} 
		catch (SQLException e) {
			System.out.println(e);			
		}
		finally {						
			try{
				rs.close();
				ps.close();
				conn.close();
			} 
			catch(SQLException e){
				System.out.println(e);
			}
			connManager.releaseConnection("market",conn);
		}			
	}
	
	protected void doGet(HttpServletRequest request, HttpServletResponse response) 
		throws ServletException, IOException {		
		doPost(request,response);
	}
}