我正在eclipse Java EE中做一个web应用程序项目。目前,我的应用程序返回存储员工个人信息的数据库中的所有值。但是,我设置了默认的预准备语句来搜索employee_id = 1234的表,而不是登录员工的employee_id。这意味着无论哪个员工登录到我的系统,它都只会显示员工的个人信息ID为1234,如下面的预备声明中所示:
PreparedStatement ps = con.prepareStatement("select employeeID, FirstName, LastName, Admin, DOB, Address, Email, HourlyRate, Gender, ALeaveBalance, SLeaveBalance, ActiveStatus, Role, BSB, BankName, AccNumber, SuperNumber, SuperCompany from payroll_system.employee_info where **employeeID = 1234**");
请注意上面的employeeID如何设置为1234.这意味着我的程序(请参阅下面的代码)仅显示该员工的信息。但是,我希望将employeeID设置为登录的人的id(登录由另一个servlet管理。如果有人可以帮助我,那将非常感谢,谢谢:)
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;
public class PersonalInfoOutput extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
boolean st = false;
try {
Class.forName("com.mysql.jdbc.Driver").newInstance();
Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/payroll_system", "root", "");
**PreparedStatement ps = con.prepareStatement("select employeeID, FirstName, LastName, Admin, DOB, Address, Email, HourlyRate, Gender, ALeaveBalance, SLeaveBalance, ActiveStatus, Role, BSB, BankName, AccNumber, SuperNumber, SuperCompany from payroll_system.employee_info where employeeID = 1234");**
ResultSet rs = ps.executeQuery();
st = rs.next();
if(st){
boolean adminTrue = rs.getBoolean("Admin");
boolean activeTrue = rs.getBoolean("ActiveStatus");
out.println("<html>");
out.println("<head>");
out.println("<title> Personal Information </title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Personal Information</h1>");
out.println("<p><b>" + "Employee ID: " + "</b>" + rs.getString("employeeID") + "</p>");
out.println("<p><b>" + "Name: " + "</b>" + rs.getString("FirstName") + " " + rs.getString("LastName")+ "</p>");
if(adminTrue) {
out.println("<p><b>"+ "Admin: " + "</b>" +"Yes" + "</p>");
}
else {
out.println("<p><b>"+ "Admin: " + "</b>" +"No" + "</p>");
}
out.println("<p><b>" + "Date of Birth: " +"</b>" + rs.getString("DOB") + "</p>");
out.println("<p><b>" + "Address: " + "</b>" + rs.getString("Address") + "</p>");
out.println("<p><b>" + "Email: " + "</b>" + rs.getString("Email") + "</p>");
out.println("<p><b>" + "Hourly Income: " + "</b>" + "$" + rs.getString("HourlyRate") + "</p>");
out.println("<p><b>" + "Gender: " + "</b>" + rs.getString("Gender") + "</p>");
out.println("<p><b>" + "Annual Leave Balance: " + "</b>" + rs.getString("ALeaveBalance") + "</p>");
out.println("<p><b>" + "Sick Leave Balance: " + "</b>" + rs.getString("SLeaveBalance") + "</p>");
if(activeTrue) {
out.println("<p><b>"+ "Currently Active: " + "</b>" +"Yes" + "</p>");
}
else {
out.println("<p><b>"+ "Currently Active: " + "</b>" +"No" + "</p>" );
}
out.println("<p><b>" + "Role: " +"</b>" + rs.getString("Role") + "</p>");
out.println("<p><b>" + "BSB: " + "</b>" + rs.getString("BSB") + "</p>");
out.println("<p><b>" + "Bank: " + "</b>" + rs.getString("BankName") + "</p>");
out.println("<p><b>" + "Bank Account Number: " + "</b>" + rs.getString("AccNumber") + "</p>");
out.println("<p><b>" + "Superannuation Company: " + "</b>" + rs.getString("SuperCompany") + "</p>");
out.println("<p><b>" + "Superannuation Number: " + "</b>"+ rs.getString("SuperNumber") + "</p>");
}
}catch(Exception e)
{
e.printStackTrace();
}
out.close();
}
}
答案 0 :(得分:3)
您需要在准备好的声明中使用参数,例如:如下:
PreparedStatement ps = con.prepareStatement("select ... where employeeID = ?");
ps.setInt(1, 1234);
或者使用命名参数:
PreparedStatement ps = con.prepareStatement("select ... where employeeID = :employeeId");
ps.setInt("employeeId", 1234);
答案 1 :(得分:1)
将employeeID的值从之前的Servlet传递到当前的Servlet。
Replace id:1243 with placeHolder: ? .
然后设置其值ps.setInt(1,"value that you got from previous servlet");
对PersonalInfoOutput.java的更改:
HttpSession session = request.getSession(false);
if(session != null) {
String employeeid = (String)session.getAttribute("employeeid");
}
到:
HttpSession session = request.getSession(false);
String employeeid="";
if(session != null) {
employeeid = (String)session.getAttribute("employeeid");
}