完善之前的登陆程序

之前的登陆小游戏好玩吧~，不过还存在一个大Bug喔，如果人家直接进我们的主页main.jsp呢？那登陆还有什么用呢？就如小偷都能直接进你家里面偷东西啦，们还有什么用呢？是啊，于是我们不妨研究下门该这样设计呢？

首先我们需要在用户访问我们主页面之前对其进行检查，如果他的身份符合我们就放他们进去，不然呢？不然就回到登陆页面啊~，毕竟人家都是这样搞的嘛~。要实现这样功能我们就需要了解下过滤器咯。哎不想写咯。列子中再说吧....

首先还是我们之前那的Mvc列子哈，

1.web.xml的配置，配置增加了对过滤器和监听器的配置，不慌我们又注解哈。还是上文档吧~

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>HeadFirstJspServletChap05</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>


<servlet>
<servlet-name>loginServlet</servlet-name>
<servlet-class>com.java.web.LoginServlet</servlet-class>
</servlet>

<servlet-mapping>
<servlet-name>loginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>

<servlet>
<servlet-name>logoutServlet</servlet-name>
<servlet-class>com.java.web.LogoutServlet</servlet-class>
</servlet>

<servlet-mapping>
<servlet-name>logoutServlet</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>

<filter>
<filter-name>loginFilter</filter-name>
<filter-class>com.java.filter.LoginFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>loginFilter</filter-name>

<url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
<listener-class>
com.java.listener.SessionAttributeListener
</listener-class>
</listener>
</web-app>

model：

package com.java.model;

public class User {

private int id;
private String userName;
private String password;

public User() {
super();
// TODO Auto-generated constructor stub
}

public User(String userName, String password) {
super();
this.userName = userName;
this.password = password;
}

public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}

dao包：

package com.java.dao;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

import com.java.model.User;

public class UserDao {

public User login(Connection con,User user)throws Exception{
User resultUser=null;
String sql="select * from t_user where userName=? and password=?";
PreparedStatement pstmt=con.prepareStatement(sql);
pstmt.setString(1, user.getUserName());
pstmt.setString(2, user.getPassword());
ResultSet rs=pstmt.executeQuery();
if(rs.next()){
resultUser=new User();
resultUser.setUserName(rs.getString("userName"));
resultUser.setPassword(rs.getString("password"));
}
return resultUser;
}
}

web包：

package com.java.web;

import java.io.IOException;
import java.sql.Connection;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.java.dao.UserDao;
import com.java.model.User;
import com.java.util.DbUtil;

//登陆servlet

public class LoginServlet extends HttpServlet{

/**
*
*/
private static final long serialVersionUID = 1L;

DbUtil dbUtil=new DbUtil();
UserDao userDao=new UserDao();

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}

@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String userName=request.getParameter("userName");
String password=request.getParameter("password");

Connection con=null;
try {
User user=new User(userName,password);
con=dbUtil.getCon();
User currentUser=userDao.login(con, user);
if(currentUser==null){
request.setAttribute("error", "用户名或密码错误");
request.setAttribute("userName", userName);
request.setAttribute("password", password);
request.getRequestDispatcher("login.jsp").forward(request, response);
}else{
HttpSession session=request.getSession();
session.setAttribute("currentUser", currentUser);
response.sendRedirect("main.jsp");
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}

//注销servlet

package com.java.web;

import java.io.IOException;
import java.sql.Connection;

import com.java.dao.UserDao;
import com.java.model.User;
import com.java.util.DbUtil;

public class LogoutServlet extends HttpServlet{

/**
*
*/
private static final long serialVersionUID = 1L;

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
this.doPost(request, response);
}

@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getSession().invalidate();
response.sendRedirect("login.jsp");
}
}

filter包：

package com.java.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

public class LoginFilter implements Filter{

public void destroy() {
// TODO Auto-generated method stub

}

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request=(HttpServletRequest)servletRequest;
HttpSession session=request.getSession();
Object o=session.getAttribute("currentUser");
String path=request.getServletPath();
if(o==null&&path.indexOf("login")<0){
request.getRequestDispatcher("login.jsp").forward(servletRequest, servletResponse);
}else{
filterChain.doFilter(servletRequest, servletResponse);
}
}

public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub

}

}

listener包：

package com.java.listener;

import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;

public class SessionAttributeListener implements HttpSessionAttributeListener{

public void attributeAdded(HttpSessionBindingEvent httpSessionBindingEvent) {

System.out.println("添加的属性名："+httpSessionBindingEvent.getName()+",属性值："+httpSessionBindingEvent.getValue());
}

public void attributeRemoved(HttpSessionBindingEvent httpSessionBindingEvent) {

System.out.println("删除的属性名："+httpSessionBindingEvent.getName()+",属性值："+httpSessionBindingEvent.getValue());
}

public void attributeReplaced(HttpSessionBindingEvent httpSessionBindingEvent) {

}

}

util工具包：

package com.java.util;

import java.sql.Connection;
import java.sql.DriverManager;

public class DbUtil {

private String dbUrl="jdbc:mysql://localhost:3306/db_jsp";
private String dbUserName="root";
private String dbPassword="56";
private String jdbcName="com.mysql.jdbc.Driver";

public Connection getCon()throws Exception{
Class.forName(jdbcName);
Connection con=DriverManager.getConnection(dbUrl, dbUserName, dbPassword);
return con;
}

public void closeCon(Connection con)throws Exception{
if(con!=null){
con.close();
}
}

public static void main(String[] args) {
DbUtil dbUtil=new DbUtil();
try {
dbUtil.getCon();
System.out.println("连接成功");
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}

登陆页面：

<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<form action="login" method="post">
<table>
<tr>
<th colspan="2">用户登录</th>
</tr>
<tr>
<td>用户名：</td>
<td><input type="text" id="userName" name="userName" value="${userName }"/></td>
</tr>
<tr>
<td>密码：</td>
<td><input type="password" id="password" name="password" value="${password }"/></td>
</tr>
<tr>
<td><input type="submit" value="登录"/></td>
<td><font color="red">${error }</font></td>
</tr>
</table>
</form>
</body>
</html>

登陆成功页面：

数据库文件：

/*
SQLyog 企业版 - MySQL GUI v8.14
MySQL - 5.1.49-community : Database - db_jsp
*********************************************************************
*/

/*!40101 SET NAMES utf8 */;

/*!40101 SET SQL_MODE=''*/;

/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
CREATE DATABASE /*!32312 IF NOT EXISTS*/`db_jsp` /*!40100 DEFAULT CHARACTER SET utf8 */;

USE `db_jsp`;

/*Table structure for table `t_user` */

DROP TABLE IF EXISTS `t_user`;

CREATE TABLE `t_user` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`userName` varchar(20) DEFAULT NULL,
`password` varchar(20) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;

/*Data for the table `t_user` */

insert into `t_user`(`id`,`userName`,`password`) values (1,'java1234','123456');

/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

说明：监听器listener在本列中使用有点牵强，在这里只是为了掩饰，监听器有一个非常重要的用途，就是文件上传时候做进度条，此部分会在后面慢慢的学习。

此部分代码可以复制到自己的开发工具中直接运行，mysql的驱动包自己网上下载，不嫌麻烦的可以找我要

posted @ 2017-02-22 23:01 小拽A 阅读(236) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

小拽A

完善之前的登陆程序

公告