我想以树格式显示每个数据库的所有数据库和表。所以我在我的代码中编写了一个代码Jsp页面,获取数据库名称和表名称并将其传递给javascript页面。但是在我的代码中使用Javascript页面只显示一个数据库名称。任何人都可以帮我找出原因吗?我的代码:
LeftFrameset.jsp
<%--
Document : LeftFrameset
Created on : Nov 13, 2014, 1:10:22 PM
Author : user
--%>
<%@page import="querywork.DBConnection"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.DatabaseMetaData"%>
<%@page import="java.sql.DriverManager"%>
<%@page import="java.sql.Connection"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
<!DOCTYPE html>
<HTML>
<!--------------------------------------------------------------->
<!-- Copyright (c) 2006 by Conor O'Mahony. -->
<!-- For enquiries, please email GubuSoft@GubuSoft.com. -->
<!-- Please keep all copyright notices below. -->
<!-- Original author of TreeView script is Marcelino Martins. -->
<!--------------------------------------------------------------->
<!-- This document includes the TreeView script. The TreeView -->
<!-- script can be found at http://www.TreeView.net. The -->
<!-- script is Copyright (c) 2006 by Conor O'Mahony. -->
<!--------------------------------------------------------------->
<!-- Instructions: -->
<!-- - Through the <STYLE> tag you can change the colors and -->
<!-- types of fonts to the particular needs of your site. -->
<!-- - A predefined block with black background has been -->
<!-- made for stylish people :-) -->
<!--------------------------------------------------------------->
<HEAD>
<!-- This is the <STYLE> block for the default styles. If -->
<!-- you want the black background, remove this <STYLE> -->
<!-- block. -->
<STYLE>
BODY {
background-color: white;}
TD {
font-size: 10pt;
font-family: verdana,helvetica;
text-decoration: none;
white-space:nowrap;}
A {
text-decoration: none;
color: black;}
.specialClass {
font-family:garamond;
font-size:12pt;
color:green;
font-weight:bold;
text-decoration:underline}
</STYLE>
<!-- If you want the black background, replace the contents -->
<!-- of the <STYLE> tag above with the following...
BODY {
background-color: black;}
TD {
font-size: 10pt;
font-family: verdana,helvetica;
text-decoration: none;
white-space:nowrap;}
A {
text-decoration: none;
color: white;}
<!-- This is the end of the <STYLE> contents. -->
<!-- Code for browser detection. DO NOT REMOVE. -->
<SCRIPT src="ua.js"></SCRIPT>
<!-- Infrastructure code for the TreeView. DO NOT REMOVE. -->
<SCRIPT src="ftiens4.js"></SCRIPT>
<!-- Scripts that define the tree. DO NOT REMOVE.
<SCRIPT src="demoFramesetNodes.js"></SCRIPT> -->
</HEAD>
<BODY topmargin="16" marginheight="16">
<!------------------------------------------------------------->
<!-- IMPORTANT NOTICE: -->
<!-- Removing the following link will prevent this script -->
<!-- from working. Unless you purchase the registered -->
<!-- version of TreeView, you must include this link. -->
<!-- If you make any unauthorized changes to the following -->
<!-- code, you will violate the user agreement. If you want -->
<!-- to remove the link, see the online FAQ for instructions -->
<!-- on how to obtain a version without the link. -->
<!------------------------------------------------------------->
<DIV style="position:absolute; top:0; left:0;"><TABLE border=0><TR><TD><FONT size=-2><A style="font-size:7pt;text-decoration:none;color:silver" href="http://www.treemenu.net/" target=_blank>Javascript Tree Menu</A></FONT></TD></TR> </TABLE></DIV>
<%
try {
String responseText = "";
Class.forName("com.mysql.jdbc.Driver").newInstance();
Connection conn = DriverManager.getConnection("jdbc:mysql://localhost/", "root", "");
DatabaseMetaData dbmd = conn.getMetaData();
ResultSet ctlgs = dbmd.getCatalogs();
while (ctlgs.next()) {
String text = "";
String db = ctlgs.getString(1);
DBConnection dbc = new DBConnection(db);
ResultSet rs = dbc.SelectTable();
while (rs.next()) {
String tableName = rs.getString("TABLE_NAME");
text += tableName + ",";
}
%>
<!--Scripts that define the tree. DO NOT REMOVE. -->
<input type="hidden" name="value1" id="hiddenvalue1" value=>
<input type="hidden" name="value" id="hiddenvalue" value=<%=ctlgs.getString(1)%>>
<SCRIPT src="demoFramesetNodes.js"></SCRIPT>
<%
}
} catch (Exception e) {
out.println(e);
}%>
<!-- Build the browser's objects and display default view -->
<!-- of the tree. -->
<SCRIPT>initializeDocument()</SCRIPT>
<NOSCRIPT>
A tree for site navigation will open here if you enable JavaScript in your browser.
</NOSCRIPT>
</BODY>
</HTML>
DemoFramesetNodes.js
var str=document.getElementById("hiddenvalue") .value
var str1=document.getElementById("hiddenvalue1") .value
alert (str);
var table=str1 .split(",");
USETEXTLINKS = 1
// Configures whether the tree is fully open upgmon loading of the page, or whether
// only the root node is visible.
STARTALLOPEN = 0
// Specify if the images are in a subdirectory;
ICONPATH = ''
foldersTree = gFld("<i>Treeview Demo</i>", "demoFramesetRightFrame.html")
foldersTree.treeID = "Frameset"
aux1 = insFld(foldersTree, gFld("New", "Databases.jsp"))
aux2 = insFld(foldersTree, gFld(str, "http://www.treeview.net/treemenu/demopics/beenthere_america.gif"))
insDoc(aux2, gLnk("R", "New Table", "CreateTable.jsp?dbname="+str))
for(var i=0;i<table. length;i++)
{
// alert ('sessionNameVal' + dbname[i]);
insDoc(aux2, gLnk("R", table[i], "http://www.treeview.net/treemenu/demopics/beenthere_america.gif"))
}
DBConnection.java
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package querywork;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Locale;
import java.util.Random;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.swing.JOptionPane;
/**
*
* @author ash
*/
public class DBConnection {
Connection conn;
Statement st;
ResultSet rs;
PreparedStatement ps,ps1;
String dbname;
public DBConnection(String dbname){
try{
this.dbname=dbname;
Class.forName("com.mysql.jdbc.Driver").newInstance();
conn=DriverManager.getConnection("jdbc:mysql://localhost/"+dbname,"root","");
System.out.println("connected to the DB");
}catch(Exception e){
e.printStackTrace();
}
}
public ResultSet SelectTable()
{
ResultSet rs1 = null;
boolean flg=true;
try{
DatabaseMetaData meta = conn.getMetaData();
rs1 = meta.getTables(null, null, null, new String[]{"TABLE"});
}catch(Exception e){
e.printStackTrace();
}
return rs1;
}
}
答案 0 :(得分:0)
好的,在您发表评论后,我开始认为我理解您的问题。
让我们从图片中谈出数据库,因为这不是问题所在。最终,您的JSP生成类似于此的HTML:
<input type="hidden" name="value1" id="hiddenvalue1" value=>
<input type="hidden" name="value" id="hiddenvalue" value=information_schema>
<SCRIPT src="demoFramesetNodes.js"></SCRIPT>
<input type="hidden" name="value1" id="hiddenvalue1" value=>
<input type="hidden" name="value" id="hiddenvalue" value=mysql>
<SCRIPT src="demoFramesetNodes.js"></SCRIPT>
<input type="hidden" name="value1" id="hiddenvalue1" value=>
<input type="hidden" name="value" id="hiddenvalue" value=user>
<SCRIPT src="demoFramesetNodes.js"></SCRIPT>
<input type="hidden" name="value1" id="hiddenvalue1" value=>
<input type="hidden" name="value" id="hiddenvalue" value=test>
<SCRIPT src="demoFramesetNodes.js"></SCRIPT>
(数据库名称可能会有所不同。)
这里的问题是,每次加载demoFramesetNodes.js时,浏览器都会运行以下行:
var str = document.getElementById("hiddenvalue").value
在您的情况下,您有7个ID为hiddenvalue的元素。 ID在HTML页面中是唯一的。我不知道任何JavaScript规范说明如果您使用不唯一的ID调用document.getElementById会发生什么,但如果它是未定义的行为,我不会感到惊讶。如果它是未定义的行为,浏览器将有权返回具有给定ID的第一个元素,最后一个元素,这些元素中的任意元素,甚至null。在您的情况下,看起来您的浏览器返回第一个元素。因此,您会information_schema七次收到警报。
解决此问题的一种方法是在JSP中写出str和str1的赋值,而不是将它们放在隐藏的表单输入中,并在{{1}的开头读出它们}}。因此,您的JSP将包含以下内容,而不是demoFramesetNodes.js行:
<input type="hidden" ...>(您还必须从<SCRIPT type="text/javascript">
var str = "<%= ctlgs.getString(1) %>";
var str1 = "<%= text %>";
</SCRIPT>
删除str和str1的作业。)
仔细看看demoFramesetNodes.js,那个脚本中的一些东西应该只进行一次,例如声明常量和创建树的顶级节点,其他东西应该每秒一级(即数据库)节点完成一次。我建议:
demoFramesetNodes.js循环中调用该函数,而不是每次都分配给while和str,str1元素中加载demoFramesetNodes.js一次。我将此作为练习留给您。
您的数据库和表格的名称可能只包含字母,数字和下划线,因此您可以直接将其名称直接写入JavaScript字符串,如上所述。但是,更一般地说,这根本不是安全的事情。例如,假设某人设法创建了一个名称为
的表或数据库HEAD这会导致输出
x";document.location='http://www.evil.com/';//
会导致浏览器导航到var str = "x";document.location='http://www.evil.com/';//";
。
显然,这是不可取的,并且是一种称为跨站点脚本(XSS)的安全漏洞。 escaping the value before writing it into JavaScript可以避免此安全问题。