我
在我的网络应用程序中,我正在使用动态下拉菜单进行选择 class,division和student_id。在选择班级时 根据所选择的类别下拉填充.. Simmilarly in the student_id通过上课和分工来填写下拉列表。
我的问题是我无法同时将类值和除法值传递给jsp页面。
我的Home.jsp。代码是......
<%@page import="java.sql.*"%>
<html>
<head>
<script language="javascript" type="text/javascript">
var xmlHttp
var xmlHttp
function showdivision(str){
if (typeof XMLHttpRequest != "undefined"){
xmlHttp= new XMLHttpRequest();
}
else if (window.ActiveXObject){
xmlHttp= new ActiveXObject("Microsoft.XMLHTTP");
}
if (xmlHttp==null){
alert("Browser does not support XMLHTTP Request")
return;
}
var url="divisionn.jsp";
url +="?passclassname=" +str;
xmlHttp.onreadystatechange = divisionChange;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
function divisionChange(){
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete"){
document.getElementById("division").innerHTML=xmlHttp.responseText
}
}
function showstudid(str){
var select = document.getElementById("class");
var classvalue = select.options[select.selectedIndex].value;
if (typeof XMLHttpRequest != "undefined"){
xmlHttp= new XMLHttpRequest();
}
else if (window.ActiveXObject){
xmlHttp= new ActiveXObject("Microsoft.XMLHTTP");
}
if (xmlHttp==null){
alert("Browser does not support XMLHTTP Request")
return;
}
var url="studid.jsp";
url +="?passdivision=" +encodeURI(str);
url +="&passclass=" +encodeURI(classvalue);
xmlHttp.onreadystatechange = studidchange;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
function studidchange(){
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete"){
document.getElementById("studid").innerHTML=xmlHttp.responseText
}
}
</script>
</head>
<body>
<table border="1">
<tr><th>Class</th><th>Division</th><th>studid</th></tr>
<tr><td>
<select name='class' onchange="showdivision(this.value)">
<option value="none">Select</option>
<%
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/demo","root","password");
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("Select class from class1");
while(rs.next()){
%>
<option value="<%=rs.getString(1)%>"><%=rs.getString(1)%></option>
<%
}
%>
</select>
</td>
<td id='division'><select name='division' >
<option value='-1'></option>
</select>
</td>
<td id='studid'> <select name='studid' >
<option value='-1'></option>
</select>
</td>
</tr>
</table>
</body>
</html>
Divisionn.jsp代码是..
<%@page import="java.sql.*"%>
<%
String classs=request.getParameter("passclassname");
String bu="<select name='division' onchange='showstudid(this.value);'><option value='-1'>Select</option>";
try{
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/demo","root","password");
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("Select division_no from class1 where class='"+classs+"' ");
while(rs.next()){
bu=bu+"<option value='"+rs.getString(1)+"'>"+rs.getString(1)+"</option>";
}
bu=bu+"</select>";
response.getWriter().println(bu);
}
catch(Exception e){
System.out.println(e);
}
%>
studid.jsp代码是......
<%--
Document : divisionn
Created on : Nov 26, 2016, 11:13:27 AM
Author : Jithin
--%>
<%@page import="java.sql.*"%>
<%
String division=request.getParameter("passdivision");
String classs=request.getParameter("passclass");
String bu="<select name='division'><option value='-1'>---Select--</option>";
try{
Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/demo","root","password");
Statement stmt = con.createStatement();
ResultSet rs = stmt.executeQuery("Select studid from class1 where division_no='"+ division+"' and class='"+ classs+"' ");
while(rs.next()){
bu=bu+"<option value='"+rs.getString(1)+"'>"+rs.getString(1)+"</option>";
}
bu=bu+"</select>";
response.getWriter().println(bu);
}
catch(Exception e){
System.out.println(e);
}
%>
此代码无效..问题在于传递所选类名的代码..
function showstudid(str){
var select = document.getElementById("class");
var classvalue = select.options[select.selectedIndex].value;
if (typeof XMLHttpRequest != "undefined"){
xmlHttp= new XMLHttpRequest();
}
else if (window.ActiveXObject){
xmlHttp= new ActiveXObject("Microsoft.XMLHTTP");
}
if (xmlHttp==null){
alert("Browser does not support XMLHTTP Request")
return;
}
var url="studid.jsp";
url +="?passdivision=" +encodeURI(str);
url +="&passclass=" +encodeURI(classvalue);
xmlHttp.onreadystatechange = studidchange;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
任何人都可以帮我找到解决方案..提前谢谢......
答案 0 :(得分:1)
要通过URL传递多个参数,您需要使用正确的URL编码。
var url="studid.jsp";
url +="?passdivision=" +encodeURI(str);
url +="&passclass=" +encodeURI(xclass);
请注意,其他参数由&amp;分隔。并且encodeURI函数将对您的数据进行URL编码。
另外考虑使用预准备语句,因为您的SQL查询有明显的SQL注入漏洞。