我有一个本地数据库,一个登录页面和一个servlet。我可以从数据库中获取我想要的值,例如用户名和密码。我也可以在html登录表单中获取用户输入。我使用request.getParameter作为html。我想检查数据库中的用户名是否等于输入的用户名,如果数据库中的密码等于输入的密码,则授予访问权限,否则访问被拒绝。这是我的代码:
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package com.Servlet;
import static com.sun.corba.se.spi.presentation.rmi.StubAdapter.request;
import java.sql.*;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;
import javax.servlet.RequestDispatcher;
import javax.sql.DataSource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
*
* @author Jony
*/
public class LoginServlet extends HttpServlet {
private static Object request;
public static void main(String[] args) throws SQLException, ClassNotFoundException {
Connection connection = null;
Statement stmt = null;
try {
//STEP 2: Register JDBC driver
Class.forName("com.mysql.jdbc.Driver");
} catch (Exception e) {
}
//STEP 3: Open a connection
System.out.println("Connecting to database...");
connection = DriverManager
.getConnection("jdbc:mysql://localhost:3306/user_pass", "user", "pass");
//STEP 4: Execute a query
System.out.println("Creating statement...");
stmt = connection.createStatement();
String sql;
sql = "SELECT username, password FROM information";
ResultSet rs = stmt.executeQuery(sql);
while (rs.next()) {
//retrieve by column name
String usernamedb = rs.getString("username");
String passworddb = rs.getString("password");
if (usernamedb.equals(inputUsername) && passworddb.equals(inputPassword)) {
System.out.println("Login successful " + usernamedb + " " + passworddb);
} else {
System.out.println("Login failed " + usernamedb + " " + passworddb);
}
}
}
/**
*
* @param request
* @param response
* @throws ServletException
* @throws IOException
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();
String title = "Welcome";
String docType =
"<!doctype html public \"-//w3c//dtd html 4.0 " +
"transitional//en\">\n";
out.println(docType + title);
String inputUsername = request.getParameter("Name");
String inputPassword = request.getParameter("Pass");
}
}
答案 0 :(得分:0)
您正在混合基于命令行的Java应用程序和servlet基础应用程序。 有关基本的servlet数据库示例,请参阅https://www.tutorialspoint.com/servlets/servlets-database-access.htm。
答案 1 :(得分:0)
你会改变你的主要方法吗
public static void main(String[] args) throws SQLException, ClassNotFoundException {
Connection connection = null;
try {
//STEP 2: Register JDBC driver
Class.forName("com.mysql.jdbc.Driver");
} catch (Exception e) {
}
//STEP 3: Open a connection
System.out.println("Connecting to database...");
connection = DriverManager
.getConnection("jdbc:mysql://localhost:3306/user_pass", "user", "pass");
//STEP 4: Execute a query
System.out.println("Creating statement...");
sql = "SELECT username, password FROM information";
PreparedStatement ps = connection.prepareStatement(sql);
ResultSet rs = ps.executeQuery();
while (rs.next()) {
//retrieve by column name
String usernamedb = rs.getString("username");
String passworddb = rs.getString("password");
if (usernamedb.equals(inputUsername) && passworddb.equals(inputPassword)) {
System.out.println("Login successful " + usernamedb + " " + passworddb);
} else {
System.out.println("Login failed " + usernamedb + " " + passworddb);
}
}
}
答案 2 :(得分:0)
我认为你只是在学习servlet。我也看到你是HvA的学生,我也是,我们正在研究相同的主题。只需继续课程并问你的老师,这一切都会变得清晰。目前,此代码将按您希望的方式运行:
package servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.*;
/**
* @author Jony
*/
public class LoginServlet extends HttpServlet {
private static Object request;
private boolean isValidUser(String username, String password) {
Connection connection = null;
Statement stmt = null;
ResultSet rs = null;
try {
//STEP 2: Register JDBC driver
Class.forName("com.mysql.jdbc.Driver");
//STEP 3: Open a connection
System.out.println("Connecting to database...");
connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/user_pass", "user", "pass");
//STEP 4: Execute a query
System.out.println("Creating statement...");
stmt = connection.createStatement();
String sql = "SELECT username, password FROM information WHERE username='" + username + "' AND password = '" + password + "';";
rs = stmt.executeQuery(sql);
// Return true if a result is found.
if (rs != null && rs.next()) {
return true;
}
} catch (SQLException | ClassNotFoundException e) {
e.printStackTrace();
}
// Return false if no result is found or if there was an error.
return false;
}
/**
* @param request
* @param response
* @throws ServletException
* @throws IOException
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
PrintWriter out = response.getWriter();
String title = "Welcome";
String docType =
"<!doctype html public \"-//w3c//dtd html 4.0 " +
"transitional//en\">\n";
out.println(docType + title);
String inputUsername = request.getParameter("username");
String inputPassword = request.getParameter("password");
// Check if user is valid.
boolean validUser = isValidUser(inputUsername, inputPassword);
// If user is valid, go to ...
if (validUser) {
System.out.println("Login successful");
}// If user is not valid, do ...
else {
System.out.println("Login failed.");
}
}
}
有些事情可以改进,比如使用prepared statements,但这也将在未来的课程中讲授。快乐的编码!