JSP_6_JSP状态管理(cookie)

---6-1 HTTP协议的无状态性--------------------------------------------------------------------------

依靠Cookie和Session保存状态

---6-2 Cookie概述--------------------------------------------------------------------------

保存状态用户状态的两大机制:

1 Session(JSP内置对象)

2 Cookie

Cookie:"小甜饼",是Web服务器保存在客户端的一系列文本信息。

    典型应用一:判断注册用户的是否已经登录网站。

  典型应用二:"购物车"的处理

Cookie的作用
  对特定对象的追踪

  保存用户信息 

风险:容易泄露用户信息

 

---6-3 JSP页面中创建与使用Cookie --------------------------------------------------------------------------

创建Cookie对象

  Cookie newCookie = new Cookie(String key,Object value);

写入Cookie对象

  response.addCookie(newCookie);

读取Cookie对象

  Cookie[] cookies=request.getCookies();

2.常用方法

void setMaxAge(int expriy)  设置cookie有效期,秒单位

void setValue(String value)  在cookie创建后,对cookie赋值

String getName()      获取cookie名称

String getValue()      获取cookie值

int getMaxAge()        获取cookie有效期,秒单位

---6-4 Cookie在登录中的应用--------------------------------------------------------------------------

login.jsp:

使用URLEncoder解决无法在Cookie当中保存中文字符串问题:

  编码:URLEncoder.decode(String value,String encoding);    

    1)request.setCharacterEncoding("utf-8");   

    2)URLEncoder.encode(request.getParameter("username"),"utf-8");

  解码:URLDecoder.decode(String value,String encoding);    

    1)request.setCharacterEncoding("utf-8");          

    2) URLDecoder.decode(c.getValue(),"utf-8");              

 
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'index.jsp' starting page</title>
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!--
    <link rel="stylesheet" type="text/css" href="styles.css">
    -->
  </head>
  
  <body>
    <h1>用户登录</h1>
    <hr>
    <% 
      request.setCharacterEncoding("utf-8");
      String username="";
      String password = "";
      Cookie[] cookies = request.getCookies();
      if(cookies!=null&&cookies.length>0)
      {
           for(Cookie c:cookies)
           {
              if(c.getName().equals("username"))
              {
                   username =  URLDecoder.decode(c.getValue(),"utf-8");
              }
              if(c.getName().equals("password"))
              {
                   password =  URLDecoder.decode(c.getValue(),"utf-8");
              }
           }
      }
    %>
    <form name="loginForm" action="dologin.jsp" method="post">
       <table>
         <tr>
           <td>用户名:</td>
           <td><input type="text" name="username" value="<%=username %>"/></td>
         </tr>
         <tr>
           <td>密码:</td>
           <td><input type="password" name="password" value="<%=password %>" /></td>
         </tr>
         <tr>
           <td colspan="2"><input type="checkbox" name="isUseCookie" checked="checked"/>十天内记住我的登录状态</td>
         </tr>
         <tr>
           <td colspan="2" align="center"><input type="submit" value="登录"/><input type="reset" value="取消"/></td>
         </tr>
       </table>
    </form>
  </body>
</html>

 

 

dologin.jsp

 

 
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'dologin.jsp' starting page</title>
    
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!--
    <link rel="stylesheet" type="text/css" href="styles.css">
    -->

  </head>
  
  <body>
    <h1>登录成功</h1>
    <hr>
    <br>
    <br>
    <br>
    <% 
       request.setCharacterEncoding("utf-8");
       //首先判断用户是否选择了记住登录状态
       String[] isUseCookies = request.getParameterValues("isUseCookie");
       if(isUseCookies!=null&&isUseCookies.length>0)
       {
          //把用户名和密码保存在Cookie对象里面
          String username = URLEncoder.encode(request.getParameter("username"),"utf-8");
          //使用URLEncoder解决无法在Cookie当中保存中文字符串问题
          String password = URLEncoder.encode(request.getParameter("password"),"utf-8");
          
          Cookie usernameCookie = new Cookie("username",username);
          Cookie passwordCookie = new Cookie("password",password);
          usernameCookie.setMaxAge(864000);
          passwordCookie.setMaxAge(864000);//设置最大生存期限为10天
          response.addCookie(usernameCookie);
          response.addCookie(passwordCookie);
       }
       else
       {
          Cookie[] cookies = request.getCookies();
          if(cookies!=null&&cookies.length>0)
          {
             for(Cookie c:cookies)
             {
                if(c.getName().equals("username")||c.getName().equals("password"))
                {
                    c.setMaxAge(0); //设置Cookie失效
                    response.addCookie(c); //重新保存。
                }
             }
          }
       }
    %>
    <a href="users.jsp" target="_blank">查看用户信息</a>
    
  </body>
</html>

 

users.jsp:

 
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'users.jsp' starting page</title>
    
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!--
    <link rel="stylesheet" type="text/css" href="styles.css">
    -->

  </head>
  
  <body>
    <h1>用户信息</h1>
    <hr>
    <% 
      request.setCharacterEncoding("utf-8");
      String username="";
      String password = "";
      Cookie[] cookies = request.getCookies();
      if(cookies!=null&&cookies.length>0)
      {
           for(Cookie c:cookies)
           {
              if(c.getName().equals("username"))
              {
                   username = URLDecoder.decode(c.getValue(),"utf-8");
              }
              if(c.getName().equals("password"))
              {
                   password = URLDecoder.decode(c.getValue(),"utf-8");
              }
           }
      }
    %>
    <BR>
    <BR>
    <BR>
         用户名:<%=username %><br>
         密码:<%=password %><br>
  </body>
</html>

 

 

 

---6-5 Session与Cookie的对比--------------------------------------------------------------------------

共同点:

  1.Session与Cookie都用来保存用户信息 

  2.Session与Cookie都会过期

区别:

 Session:

  1)在服务器端保存用户信息(memory of server)

  2)session保存的是Object类型

  3)随会话结束而将其存储的数据销毁

  4)保存重要信息

 Cookie:

  1)在客户端保存用户信息

  2)Cookie保存的是String类型

  3)Cookie可以长期保存在客户端

  4)保存不重要的用户信息

posted @ 2017-04-13 15:09  charles999  阅读(230)  评论(0编辑  收藏  举报