JSP_6_JSP状态管理(cookie)
---6-1 HTTP协议的无状态性--------------------------------------------------------------------------
依靠Cookie和Session保存状态
---6-2 Cookie概述--------------------------------------------------------------------------
保存状态用户状态的两大机制:
1 Session(JSP内置对象)
2 Cookie
Cookie:"小甜饼",是Web服务器保存在客户端的一系列文本信息。
典型应用一:判断注册用户的是否已经登录网站。
典型应用二:"购物车"的处理
Cookie的作用
对特定对象的追踪
保存用户信息
风险:容易泄露用户信息
---6-3 JSP页面中创建与使用Cookie --------------------------------------------------------------------------
创建Cookie对象
Cookie newCookie = new Cookie(String key,Object value);
写入Cookie对象
response.addCookie(newCookie);
读取Cookie对象
Cookie[] cookies=request.getCookies();
2.常用方法
void setMaxAge(int expriy) 设置cookie有效期,秒单位
void setValue(String value) 在cookie创建后,对cookie赋值
String getName() 获取cookie名称
String getValue() 获取cookie值
int getMaxAge() 获取cookie有效期,秒单位
---6-4 Cookie在登录中的应用--------------------------------------------------------------------------
login.jsp:
使用URLEncoder解决无法在Cookie当中保存中文字符串问题:
编码:URLEncoder.decode(String value,String encoding);
1)request.setCharacterEncoding("utf-8");
2)URLEncoder.encode(request.getParameter("username"),"utf-8");
解码:URLDecoder.decode(String value,String encoding);
1)request.setCharacterEncoding("utf-8");
2) URLDecoder.decode(c.getValue(),"utf-8");
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'index.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <h1>用户登录</h1> <hr> <% request.setCharacterEncoding("utf-8"); String username=""; String password = ""; Cookie[] cookies = request.getCookies(); if(cookies!=null&&cookies.length>0) { for(Cookie c:cookies) { if(c.getName().equals("username")) { username = URLDecoder.decode(c.getValue(),"utf-8"); } if(c.getName().equals("password")) { password = URLDecoder.decode(c.getValue(),"utf-8"); } } } %> <form name="loginForm" action="dologin.jsp" method="post"> <table> <tr> <td>用户名:</td> <td><input type="text" name="username" value="<%=username %>"/></td> </tr> <tr> <td>密码:</td> <td><input type="password" name="password" value="<%=password %>" /></td> </tr> <tr> <td colspan="2"><input type="checkbox" name="isUseCookie" checked="checked"/>十天内记住我的登录状态</td> </tr> <tr> <td colspan="2" align="center"><input type="submit" value="登录"/><input type="reset" value="取消"/></td> </tr> </table> </form> </body> </html>
dologin.jsp
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'dologin.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <h1>登录成功</h1> <hr> <br> <br> <br> <% request.setCharacterEncoding("utf-8"); //首先判断用户是否选择了记住登录状态 String[] isUseCookies = request.getParameterValues("isUseCookie"); if(isUseCookies!=null&&isUseCookies.length>0) { //把用户名和密码保存在Cookie对象里面 String username = URLEncoder.encode(request.getParameter("username"),"utf-8"); //使用URLEncoder解决无法在Cookie当中保存中文字符串问题 String password = URLEncoder.encode(request.getParameter("password"),"utf-8"); Cookie usernameCookie = new Cookie("username",username); Cookie passwordCookie = new Cookie("password",password); usernameCookie.setMaxAge(864000); passwordCookie.setMaxAge(864000);//设置最大生存期限为10天 response.addCookie(usernameCookie); response.addCookie(passwordCookie); } else { Cookie[] cookies = request.getCookies(); if(cookies!=null&&cookies.length>0) { for(Cookie c:cookies) { if(c.getName().equals("username")||c.getName().equals("password")) { c.setMaxAge(0); //设置Cookie失效 response.addCookie(c); //重新保存。 } } } } %> <a href="users.jsp" target="_blank">查看用户信息</a> </body> </html>
users.jsp:
<%@ page language="java" import="java.util.*,java.net.*" contentType="text/html; charset=utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'users.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <h1>用户信息</h1> <hr> <% request.setCharacterEncoding("utf-8"); String username=""; String password = ""; Cookie[] cookies = request.getCookies(); if(cookies!=null&&cookies.length>0) { for(Cookie c:cookies) { if(c.getName().equals("username")) { username = URLDecoder.decode(c.getValue(),"utf-8"); } if(c.getName().equals("password")) { password = URLDecoder.decode(c.getValue(),"utf-8"); } } } %> <BR> <BR> <BR> 用户名:<%=username %><br> 密码:<%=password %><br> </body> </html>
---6-5 Session与Cookie的对比--------------------------------------------------------------------------
共同点:
1.Session与Cookie都用来保存用户信息
2.Session与Cookie都会过期
区别:
Session:
1)在服务器端保存用户信息(memory of server)
2)session保存的是Object类型
3)随会话结束而将其存储的数据销毁
4)保存重要信息
Cookie:
1)在客户端保存用户信息
2)Cookie保存的是String类型
3)Cookie可以长期保存在客户端
4)保存不重要的用户信息