求求各位大大,这样使用了javabean就无法判断表单的用户名和密码啊。。。。
先看一下我的判断用户名密码的javabean
package com.jb.logon;
import com.jb.logon.DB;
import java.sql.*;
public class UserLogOn {
private String username;
private String userpassword;
private ResultSet rs;
private DB db=new DB();
HttpServletResponse response;
HttpServletRequest request;
public UserLogOn(){}
public void setUsername(String username){
this.username=username;
}
public String getUsername(){
return this.username;
}
public void setUserpassword(String userpassword){
this.userpassword=userpassword;
}
public String getUserpassword(){
return this.userpassword;
}
public String checkuser(){
String backstr= " ";
boolean mark=true;
if(this.username==null||this.username.equals( " ")){
backstr+= " <li> 请输入 <b> 用户名! </b> </li> <br> ";
mark=false;
}
if(this.userpassword==null||this.userpassword.equals( " ")){
backstr+= " <li> 请输入 <b> 密 码! </b> </li> <br> ";
mark=false;
}
if(mark){
String sql= "select * from tb_logon where user_name= ' "+this.username+ " ' and user_password= ' "+this.userpassword+ " ' ";
try{
rs=db.getRs(sql);
if(!rs.next())
backstr= "登录失败! <br> 输入的 <b> 用户名 </b> 或 <b> 密码 </b> 不存在! ";
else
backstr= "登录成功! <br> <table> <tr> <td> 用户名: </td> <td> "+this.username+ " </td> </tr> <tr> <td> 密 码: </td> <td> "+this.userpassword+ " </td> </tr> </table> ";
//response.sendRedirect( "main.jsp ");
}catch(Exception e){e.printStackTrace();}
}
db.closed();
return backstr;
}
}
----------------------------------------
然后获取表单数据的页面 dologon.jsp
<%@ page contentType= "text/html;charset=gb2312 "%>
<jsp:useBean id= "mylogon " class= "com.jb.logon.UserLogOn "/>
<%
String username=request.getParameter( "username ");
if(username==null)
username= " ";
username=new String(username.getBytes( "ISO-8859-1 "), "gbk ");
String userpassword=request.getParameter( "userpassword ");
if(userpassword==null)
userpassword= " ";
userpassword=new String(userpassword.getBytes( "ISO-8859-1 "), "gbk ");
mylogon.setUsername(username);
mylogon.setUserpassword(userpassword);
%>
<html>
<head>
<title> 用户登录模块 </title>
<link rel= "stylesheet " type= "text/css " href= "css/style.css ">
</head>
<body>
<center>
<table style= "margin-top:200 " width= "250 " border= "1 " cellpadding= "0 " cellspacing= "0 " bordercolor= "black " bordercolorlight= "black " bordercolordark= "white ">
<tr bgcolor= "lightgrey " height= "30 ">
<td align= "center "> 登录状况 </td>
</tr>
<tr height= "50 ">
<td align= "center ">
<%=mylogon.checkuser()%> <!-- fd -->
<% if (username.equals(username) && userpassword.equals(userpassword)){
response.sendRedirect( "main.jsp ");
}
%>
</td>
</tr>
</table>
<a href= "index.jsp "> [返回] </a>
</center>
</body>
</html>
其中,为啥这段用于判断用户名密码是否正确,如果正确就跳转到主页面的代码
就是不起作用:
<% if (username.equals(username) && userpassword.equals(userpassword)){
response.sendRedirect( "main.jsp ");
}
%>
也就是说,不管我在表单上输入什么,只要一点登陆,他就自动跳转到main.jsp页面上去了,也就是更本就没验证用户名和密码,就立刻跳转到main.jsp上去了。
抓狂,抓狂。。。。。。。。
[解决办法]
if (username.equals(username) && userpassword.equals(userpassword))
永远为true, 当然是跳到main.jsp了
[解决办法]
这个代码真烂啊,
竟然把sql语句都放到jsp里面了
[解决办法]
sql语句放进jsp里最傻子了
[解决办法]
兄弟,我真想帮你.但你贴了这么多代码,看的眼都花了.....
