- 论坛徽章:
- 0
|
我想输入用户名和密码进行数据库验证,但是我不输入也可以进去,数据库是连上了的,可以插入数据进去,一下是我的代码:package org.vcs.contract.jdbc;
import org.vcs.contract.exceptions.*;
import org.vcs.contract.dao.*;
import org.vcs.contract.dto.*;
import org.vcs.contract.factory.*;
import org.vcs.contract.jdbc.*;
import java.sql.Connection;
import java.sql.Types;
import java.util.Collection;
import org.apache.log4j.Logger;
import java.sql.PreparedStatement;
import java.sql.Statement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Time;
import java.util.List;
import java.util.Iterator;
import java.util.ArrayList;
public class SysuserDaoImpl implements SysuserDao{
/**
* The factory class for this DAO has two versions of the create() method - one that
takes no arguments and one that takes a Connection argument. If the Connection version
is chosen then the connection will be stored in this attribute and will be used by all
calls to this DAO, otherwise a new Connection will be allocated for each operation.
*/
protected java.sql.Connection userConn;
protected static final Logger logger = Logger.getLogger(SysuserDaoImpl.class);
/**
* All finder methods in this class use this SELECT constant to build their queries
*/
protected final String SQL_SELECT = "SELECT userid,username,password,lastlogin FROM " + getTableName() + "";
/**
* Finder methods will pass this value to the JDBC setMaxRows method
*/
private int maxRows;
/**
* SQL INSERT statement for this table
*/
protected final String SQL_INSERT = "INSERT INTO " + getTableName() + " (username,password) VALUES ( ?,?)";
/**
* SQL UPDATE statement for this table
*/
protected final String SQL_UPDATE = "UPDATE " + getTableName() + " SET jfbm = ?, jfmc = ? WHERE jfbm = ?";
/**
* SQL DELETE statement for this table
*/
protected final String SQL_DELETE = "DELETE FROM " + getTableName() + " WHERE jfbm = ?";
/**
* SQL CheckSysuser statement for this table
*/
protected final String SQL_SYSUSER="SELECT username,password"+getTableName()+"WHERE username=? and password=?";
/**
* Index of column jfbm
*/
protected static final int COLUMN_JFBM = 1;
/**
* Index of column jfmc
*/
protected static final int COLUMN_JFMC = 2;
/**
* Number of columns
*/
protected static final int NUMBER_OF_COLUMNS = 2;
/**
* Index of primary-key column jfbm
*/
protected static final int PK_COLUMN_JFBM = 1;
/**
* Method 'JfDaoImpl'
*
* @param userConn
*/
public SysuserDaoImpl(final java.sql.Connection userConn)
{
this.userConn = userConn;
}
/**
* Method 'getTableName'
*
* @return String
*/
public String getTableName()
{
return "Sysuser";
}
public void Insert(Sysuser dto)throws SysuserDaoException{
long t1 = System.currentTimeMillis();
// declare variables
final boolean isConnSupplied = (userConn != null);
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
try {
// get the user-specified connection or get a connection from the ResourceManager
conn = isConnSupplied ? userConn : ResourceManager.getConnection();
conn.setAutoCommit(false);
stmt = conn.prepareStatement( SQL_INSERT );
//stmt.setString(1,dto.getUserid());
stmt.setString(1, dto.getUsername());
stmt.setString(2, dto.getPassword());
//stmt.setTimestamp(4, dto.getLastlogin()==null ? null : new java.sql.Timestamp( dto.getLastlogin().getTime()));
int rows=stmt.executeUpdate();
conn.commit();
long t2 = System.currentTimeMillis();
if (logger.isDebugEnabled()) {
logger.debug( rows + " rows affected (" + (t2-t1) + " ms)");
}
}
catch (SQLException _e) {
logger.error( "SQLException: " + _e.getMessage(), _e );
throw new SysuserDaoException( "SQLException: " + _e.getMessage(), _e );
}
catch (Exception _e) {
logger.error( "Exception: " + _e.getMessage(), _e );
throw new SysuserDaoException( "Exception: " + _e.getMessage(), _e );
}
finally {
ResourceManager.close(stmt);
if (!isConnSupplied) {
ResourceManager.close(conn);
}
}
}
public boolean CheckSysuser(Sysuser dto)throws SysuserDaoException{
// declare variables
final boolean isConnSupplied = (userConn != null);
boolean tt;
Connection conn = null;
PreparedStatement stmt = null;
ResultSet rs = null;
try{
conn = isConnSupplied ? userConn : ResourceManager.getConnection();
conn.setAutoCommit(false);
stmt = conn.prepareStatement(SQL_SYSUSER);
stmt.setString(1,dto.getUsername());
stmt.setString(2,dto.getPassword());
rs=stmt.executeQuery();
//stmt.execute();
conn.commit();
if((rs.getString(1)!=null)&&(rs.getString(2)!=null)){
return true;
}else {
return false;
}
}catch(Exception e){
e.printStackTrace();
}
return false;
}
public SysuserDaoImpl() {
}
}
package org.vcs.contract.struts.action;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionForm;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForward;
import org.vcs.contract.struts.forms.LoginForm;
import org.apache.struts.action.Action;
import org.vcs.contract.factory.*;
import org.vcs.contract.dao.*;
import org.vcs.contract.dto.*;
public class Login extends Action {
public ActionForward execute(ActionMapping mapping,
ActionForm form,
HttpServletRequest request,
HttpServletResponse response) throws Exception {
LoginForm loginForm = (LoginForm) form;
// create the DAO class
SysuserDao dao = SysuserDaoFactory.create();
Sysuser dto = new Sysuser();
dto.setUsername(loginForm.getUsername());
dto.setPassword(loginForm.getPassword());
if(!dao.CheckSysuser(Sysuser)){
return mapping.findForward("success");
}
else {
return mapping.findForward("faliure");
}
}
} |
|
免费注册
发表于 2006-03-11 09:39
