实际上密码匹配,但是用equals条件判断出的结果是不匹配。
最后发现是因为数据库(我用的是sql server2017)自动在密码后面补了空格
不知道是不是数据库补的…总之用ResultSet的对象去getString的时候,密码后面忽然多出了很多空格。使用.trim()去除首尾空格即可。
String type = request.getParameter("userType");
String userPasswd = request.getParameter("password");
String name = request.getParameter("username");
try {
String sql = "SELECT * FROM ycUser WHERE userName=?";
PreparedStatement pstmt = dbconn.prepareStatement(sql);
pstmt.setString(1,name);
ResultSet rst = pstmt.executeQuery();
if(rst.next())
{
String pass = rst.getString("userPasswd").trim();
if(userPasswd.equals(pass))//没有去空格之前就是这里的if打死也进不去
{
request.setAttribute("name",name);
if(type.equals("student"))
request.getRequestDispatcher("student.jsp").forward(request, response);
else if(type.equals("teacher"))
request.getRequestDispatcher("teacher.jsp").forward(request, response);
}
}
response.sendRedirect("loginFailed.jsp");
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}