JSP中的out.println

时间:2014-05-18 16:14:43

标签: java html jsp

我写了这个jsp代码。它是一个基本的登录控件。我正在尝试使用我的数据库检查输入。如果它们是正确的那么没有问题,但是如果输入为空或者它们不在数据库中,我想给出错误并将访客重定向到登录页面。

<%@ page import ="java.sql.*" %>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>Login Process</title>
</head>
<body>
<%
    String userid = request.getParameter("username");    
    String pwd = request.getParameter("password");
    Class.forName("com.mysql.jdbc.Driver");

    Connection con = DriverManager.getConnection("jdbc:mysql://localhost/ecommerce", "root1" , "1234");
    Statement st = con.createStatement();
    ResultSet rs;
    rs = st.executeQuery("select * from users where UserFirstName='" + userid + "' and UserPassword='" + pwd + "'");
    while(rs.next()){
        if(userid.length()!= 0 || pwd.length()!= 0){
            if (rs.getInt("Admin") == 1) {
                session.setAttribute("userid", userid);
                response.sendRedirect("Admin.jsp");
            } else if(rs.getInt("Admin") == 0){
                session.setAttribute("userid", userid);
                response.sendRedirect("User.jsp");
            }
            else {
                out.println("Invalid username or password <a href='index.jsp'>try again</a>");
            }
        }
        else{
            out.println("Empty username or password <a href='index.jsp'>try again</a>");
        }
    }
%>
</body>

在此代码中,两行无法正常工作

else {
           out.println("Invalid username or password <a href='index.jsp'>try again</a>");
            }

和这一个

else{
            out.println("Empty username or password <a href='index.jsp'>try again</a>");
        }

我的浏览器只是给了我一个空白页而不是范围。

2 个答案:

答案 0 :(得分:1)

如果输入为空或者它们不在数据库中我想提供错误

使用if (rs.next())代替while (rs.next())来检查没有记录。

示例代码:(根据您的要求修改)

String userid = request.getParameter("username");
String pwd = request.getParameter("password");

// check for empty username or password before making a call to database
if (userid == null || userid.trim().length() == 0 || pwd == null
        || pwd.trim().length() == 0) {
   out.println("Invalid username or password <a href='index.jsp'>try again</a>");
} else {
   ... // request for database query
   if (rs.next()) { // use if instead of while to check for no record
   ...
   } else {
     out.println("Empty username or password <a href='index.jsp'>try again</a>");
   }
}

答案 1 :(得分:0)

将代码包含在try-catch块中,如果发生任何异常,将重定向到登录页面。 

try
{
String userid = request.getParameter("username");    
String pwd = request.getParameter("password");
Class.forName("com.mysql.jdbc.Driver");

Connection con = DriverManager.getConnection("jdbc:mysql://localhost/ecommerce", "root1" , "1234");
Statement st = con.createStatement();
ResultSet rs;
rs = st.executeQuery("select * from users where UserFirstName='" + userid + "' and UserPassword='" + pwd + "'");

while(rs.next())
{
    if(userid.length()!= 0 || pwd.length()!= 0){
    if (rs.getInt("Admin") == 1) {
            session.setAttribute("userid", userid);
            response.sendRedirect("Admin.jsp");
      } else if(rs.getInt("Admin") == 0){
            session.setAttribute("userid", userid);
            response.sendRedirect("User.jsp");
        }
        else {
            out.println("Invalid username or password <a href='index.jsp'>try again</a>");
        }
    }
    else{
        out.println("Empty username or password <a href='index.jsp'>try again</a>");
    }
}
}
  catch (Exception e)
    {
          out.println("Exception: "+e.getMessage()+" :Invalid username or password <a href='index.jsp'>try again</a>");
      }

e.getMessage(),将显示异常消息,是可选的,因为它有助于调试,但如果它在生产系统中,可能会泄露敏感信息。

相关问题
最新问题