(一)搭建简单的登陆页面
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>用户登录</title>
</head>
<body>
<form action="login.do" method="post">
用户名:<input type="text" name="name" /><br/>
密 码 :<input type="text" name="password" /><br />
<input type="submit" value="登录" />
<a href="register.jsp">没有账号,去注册</a>
</form>
<font color="red" size="2"> ${mes }</font>
</body>
</html>
(二)将工程结构进行完善
(三)编写User类与DBCPUtils类以及配置
1.User类
public class User {
private int id;
private String name;
private String password;
public User() {
}
public User(String name, String password) {
super();
this.name = name;
this.password = password;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
@Override
public String toString() {
return "User [id=" + id + ", name=" + name + ", password=" + password + "]";
}
}
2.DBCPUtils数据库连接池
import java.io.IOException;
import java.io.InputStream;
import java.sql.Connection;
import java.sql.SQLException;
import java.util.Properties;
import javax.sql.DataSource;
import org.apache.commons.dbcp.BasicDataSource;
import org.apache.commons.dbcp.BasicDataSourceFactory;
public class DBCPUtils {
private static DataSource ds=null;
static {
try {
InputStream is=DBCPUtils.class.getClassLoader().getResourceAsStream("dbcpconfig.properties");
Properties pro=new Properties();
pro.load(is);
ds=BasicDataSourceFactory.createDataSource(pro);
} catch ( Exception e) {
e.printStackTrace();
}
}
public static DataSource getDataSource() {
return ds;
}
public static Connection getConnection() {
try {
return ds.getConnection();
} catch (SQLException e) {
e.printStackTrace();
}
return null;
}
}
3.连接数据库
在src目录下新建dbcpconfig.properties文件
配置:
#\u8FDE\u63A5\u8BBE\u7F6E
driverClassName=com.mysql.jdbc.Driver
url=jdbc:mysql://localhost:3306/myjdbc
username=root
password=root
#\u521D\u59CB\u5316\u8FDE\u63A5
initialSize=5
#\u6700\u5927\u8FDE\u63A5\u6570\u91CF
maxActive=10
#\u6700\u5927\u7A7A\u95F2\u8FDE\u63A5
maxIdle=10
(四)写LoginServlet类
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import dao.UserDao;
@WebServlet("/login.do")
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public LoginServlet() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("text/html;charset=utf-8");
String name = request.getParameter("name");
String password = request.getParameter("password");
if(name.equals("")||password.equals("")){
HttpSession session = request.getSession();
request.getSession().setAttribute("mes", "用户名和密码不能为空");
request.getRequestDispatcher("index.jsp").forward(request, response);
return;
}
UserDao dao = new UserDao();
try {
boolean flag = dao.login(name, password);
if (flag == true) {
HttpSession session = request.getSession();
session.setAttribute("isLogin", "登录成功");
response.sendRedirect("success.jsp");
} else {
request.getSession().setAttribute("mes", "登录失败,用户名或密码错误!");
response.sendRedirect("index.jsp");
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
(五)在UserDao类下实现login()方法并测试
1.设计并实现login()方法
public boolean login(String name, String password) throws Exception {
QueryRunner runner = new QueryRunner(DBCPUtils.getDataSource());
String sql = "select * from tb_user where name=? and password=?";
User user = runner.query(sql, new BeanHandler<User>(User.class), name, password);
if (user != null) {
return true;
} else {
return false;
}
}
2.测试
(六)完成注册页面
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>用户注册</title>
</head>
<body>
<form action="reg.do" method="post">
用 户 名 :<input type="text" name="name"/><br/>
密 码 :<input type="text" name="password"/><br/>
确认密码:<input type="text" name="password2"/><br/>
<input type="submit" value="注册"/>
</form>
<font color="red" size="2"> ${mess }</font>
</body>
</html>
(七)创建并完成RegisterServlet类
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import dao.UserDao;
import domain.User;
@WebServlet("/reg.do")
public class RegistServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public RegistServlet() {
super();
}
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=utf-8");
PrintWriter out=response.getWriter();
String name=request.getParameter("name");
String password=request.getParameter("password");
String password2=request.getParameter("password2");
User user=new User(name,password);
HttpSession session=request.getSession();
if(name.equals("")||password.equals("")){
request.getSession().setAttribute("mess", "用户名和密码不能为空");
request.getRequestDispatcher("register.jsp").forward(request, response);
return;
}
if(!password.equals(password2)){
request.getSession().setAttribute("mess", "两次输入的密码不同");
request.getRequestDispatcher("register.jsp").forward(request, response);
return;
}
UserDao dao=new UserDao();
if(dao.select(name)==true) {
request.setAttribute("mess", "用户名已存在!");
request.getRequestDispatcher("register.jsp").forward(request, response);
return;
}
if(dao.addUser(user)>=1) {
//根据结果判断 给出不同的view页面
request.getRequestDispatcher("regSuccess.jsp").forward(request, response);
}else {
request.getSession().setAttribute("mess", "注册失败,请重试!!!");
request.getRequestDispatcher("register.jsp").forward(request, response);
}
}
}
(八)完善UserDao类中的select()方法与addUser()方法,然后测试
1.select()方法
public boolean select(String name) {
String sql = "select * from tb_user where name=?";
QueryRunner run = new QueryRunner(DBCPUtils.getDataSource());
User u=null;
try {
u=run.query(sql,new BeanHandler<User>(User.class),name);
if (u!=null&&u.getName().equals(name)) {
return true;
}
} catch (Exception e) {
e.printStackTrace();
}
return false;
2.addUser()方法
public int addUser(User user) {
int result = 0;
String sql = "insert into tb_user(name,password)values(?,?)";
QueryRunner run = new QueryRunner(DBCPUtils.getDataSource());
try {
result = run.update(sql, user.getName(), user.getPassword());
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
3.测试
(九)应该注意的问题
1.需要传输数据时使用post请求相对于get请求更安全
2.不登录时,可以通过输入url地址直接访问登录成功界面,所以,登录成功界面也需要验证
在登录成功页面添加下面代码可以完成验证。
<%
if(session.getAttribute("isLogin")==null){
response.sendRedirect("fail.jsp");
return;
}
%>
输入url地址直接访问时,会出现如下界面