我想使用Servlet&创建一个登录页面。 JSP。
我创建了一个获取用户名和用户名的页面。密码。
我创建了一个包含用户名和表的数据库的数据库。密码。
<form action="LoginPage" method="POST">
User name: <input type="text" name="userName" size="20"><br>
Password: <input type="password" name="password" size="20">
<br><br>
<input type="submit" value="Submit">
</form>
我在doPost()
中输入了以下代码 response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
String userName = request.getParameter("userName").toString();
String passWord = request.getParameter("password").toString();
Connection con = null;
String url = "jdbc:mysql://localhost:3306/";
String dbName = "userdb";
String driver = "com.mysql.jdbc.Driver";
String user = "root";
String password = "1234";
try {
Class.forName(driver).newInstance();
Connection conn = DriverManager.getConnection(url+dbName, user, password);
PreparedStatement pstmt;
String sql = "SELECT USR_NAME FROM LOGIN WHERE USR_NAME='userName'";
pstmt = conn.prepareStatement(sql);
ResultSet rs=pstmt.executeQuery();
String usr = null;
String pass = null;
while(rs.next())
{
pass = rs.getString(3);
}
if(pass != null && pass.equals(passWord))
{
out.println("<html>");
out.println("<head>");
out.println("<title>Login Sucessfull</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Login Sucessfull " + request.getContextPath () + "</h1>");
out.println("<p>Welcome</p> " + userName);
out.println("</body>");
out.println("</html>");
out.close();
}
} catch (Exception e) {
out.println("<html>");
out.println("<head>");
out.println("<title>Login is not Sucessfull</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Login is not Sucessfull " + request.getContextPath () + "</h1>");
out.println("<p>Wrong Username Or Password</p> ");
out.println("</body>");
out.println("</html>");
out.close();
我不知道如何让它发挥作用。 我可以使用任何快速修复程序吗?
它不是一个大项目,我想要一个登录页面获取用户名&amp;密码 然后servlet将在DB中搜索用户名,然后检查密码。 我已经做了你们所说的改变。 但输出看起来像什么 在try块中出错,因为,我得到了Login not successful页面。 我在Catch块中输入了代码“Login not successful Page”。
答案 0 :(得分:6)
目前还不清楚你对“如何让它发挥作用”的意思。怎么了?怎么回事?至少我可以在你的代码中发现几个问题:
finally。WHERE。ServletException或者至少记录异常类型,消息和原因。这些信息很重要,因为它告诉了问题的根本原因。您知道,一旦根本原因理解,解决方案显而易见。此外,如果您将页面更改为用户除了面对错误消息之外什么都不做的页面,那么用户体验也会很糟糕。用户必须进行额外处理才能返回登录页面以重新输入详细信息。而是使用内联的错误消息重新显示同一页面。
重写您的doPost()方法,如下所示:
String userName = request.getParameter("userName");
String passWord = request.getParameter("password");
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://localhost:3306/";
String dbName = "userdb";
String user = "root";
String password = "1234";
String sql = "SELECT * FROM LOGIN WHERE USR_NAME = ? AND USR_PASS = ?"; // Not sure how the password column is named, you need to check/update it. You should leave those ? there! Those are preparedstatement placeholders.
Connection connection = null;
PreparedStatement statement = null;
ResultSet resultSet = null;
boolean login = false;
try {
Class.forName(driver); // You don't need to call it EVERYTIME btw. Once during application's startup is more than enough.
connection = DriverManager.getConnection(url + dbName, user, password);
statement = connection.prepareStatement(sql);
statement.setString(1, userName);
statement.setString(2, password);
resultSet = statement.executeQuery();
login = resultSet.next();
} catch (Exception e) {
throw new ServletException("Login failed", e);
} finally {
if (resultSet != null) try { resultSet.close(); } catch (SQLException ignore) {}
if (statement != null) try { statement.close(); } catch (SQLException ignore) {}
if (connection != null) try { connection.close(); } catch (SQLException ignore) {}
}
if (login) {
request.getSession().setAttribute("username", userName); // I'd prefer the User object, which you get from DAO, but ala.
response.sendRedirect("home.jsp"); // Redirect to home page.
} else {
request.setAttribute("message", "Unknown username/password, try again"); // This sets the ${message}
request.getRequestDispatcher("login.jsp").forward(request, response); // Redisplay JSP.
}
将${message}添加到您的JSP:
<form action="LoginPage" method="POST">
User name: <input type="text" name="userName" size="20"><br>
Password: <input type="password" name="password" size="20">
<br><br>
<input type="submit" value="Submit"> ${message}
</form>
以下是一些了解如何正确执行JSP / Servlet / JDBC的链接。
答案 1 :(得分:1)
请求.getParameter的toString()不需要。
您可以将查询修改为
String sql = "SELECT <PASSWORD_CLM> FROM LOGIN WHERE USR_NAME="+userName;
while(rs.next())
{
//read the password in pass.
}
if(pass !=null && pass.equals(passWord))
{
// Code
}
答案 2 :(得分:1)
你应该在sql查询中使用SELECT PASSWORD from Login
此处PASSWORD是列名,其中包含数据库表LOGIN
答案 3 :(得分:0)
我看到线条出现问题:
String sql = "SELECT USR_NAME FROM LOGIN WHERE USR_NAME='userName'";
pstmt = conn.prepareStatement(sql);
ResultSet rs=pstmt.executeQuery();
String usr = null;
String pass = null;
应该是:
String sql = "SELECT * from LOGIN WHERE USR_NAME="+ userName+";";
还要检查表名以获取登录信息,因为LOGIN确定登录信息不是login?
另外,我会避免在servlet中编写HTML,只是让它转发到另一个JSP。它现在可能只是简单的事情。说登录。
迪恩