day11-功能实现10

家居网购项目实现010

以下皆为部分代码,详见 https://github.com/liyuelian/furniture_mall.git

24.bugFix-添加购物车按钮动态处理

24.1需求分析/图解

  1. 如某个家居的库存量为0,前台的“add to cart”按钮显示为“暂时缺货”
  2. 后台也要求添加校验,只有在库存>0时,才能添加到购物车

24.2代码实现

  1. 修改customer/index.jsp

    image-20221229180412921
  2. CartServlet添加判断,如果在添加购物车时,该家居库存为0,就停止业务

    image-20221229180321357

24.3完成测试

image-20221229180523809

25.功能23-附加功能-订单管理

25.1需求分析/图解

点击订单管理,前往order.jsp页面进行订单管理

image-20221229181533011

点击详情的眼睛图标,可以显示该订单详情,即显示某个订单的所有订单项

image-20221227201044836 image-20221227201115765

25.2思路分析

点击订单管理按钮,跳转到订单管理页面order.jsp。根据用户id,在订单管理页面中显示用户对应的订单。点击订单详情,跳转到order_detail.jsp中,根据订单号显示订单所有项。

25.3代码实现

25.3.1dao层

OrderDAO

/**
 * 根据用户id,查询该用户的所有订单Order
 *
 * @param id 用户id
 * @return 返回订单
 */
public List<Order> queryOrderByMemberId(int id);

OrderDAOImpl

@Override
public List<Order> queryOrderByMemberId(int id) {
    String sql = "SELECT `id`,`create_time` AS createTime,`price`,`status`,`member_id` AS memberId " +
            "FROM `order` " +
            "WHERE `member_id`=?";
    return queryMulti(sql, Order.class, id);
}

test包-OrderDAOImplTest

@Test
public void queryOrderByMemberId() {
    List<Order> orders = orderDAO.queryOrderByMemberId(2);
    for (Order order : orders) {
        System.out.println(order);
    }
}
image-20221229190005583

OrderItemDAO

/**
 * 根据订单id-orderId查询对应的表单项orderItem
 *
 * @param orderId 订单id
 * @return 返回表单项orderItem
 */
public List<OrderItem> queryOrderItemByOrderId(String orderId);

OrderItemDAOImpl

@Override
public List<OrderItem> queryOrderItemByOrderId(String orderId) {
    String sql =
            "SELECT `id`,`name`,`price`,`count`,`total_price` AS totalPrice,`order_id` AS orderId " +
                    "FROM `order_item` " +
                    "WHERE `order_id`=?";
    return queryMulti(sql, OrderItem.class, orderId);
}

OrderItemDAOImplTest

@Test
public void queryOrderItemByOrderId() {
    List<OrderItem> orderItems = orderItemDAO.queryOrderItemByOrderId("16722358644142");
    for (OrderItem orderItem : orderItems) {
        System.out.println(orderItem);
    }
}

image-20221229191847363

25.3.2service层

OrderService

/**
 * 根据用户id返回订单order
 * @param id 用户id
 * @return 订单
 */
public List<Order> queryOrderByMemberId(int id);

/**
* 根据订单id返回对应的订单项orderItem
* @param orderId 订单id
* @return 返回订单项
*/
public List<OrderItem> queryOrderItemByOrderId(String orderId);

OrderServiceImpl

@Override
public List<Order> queryOrderByMemberId(int id) {
    return orderDAO.queryOrderByMemberId(id);
}

@Override
public List<OrderItem> queryOrderItemByOrderId(String orderId) {
    return orderItemDAO.queryOrderItemByOrderId(orderId);
}

test包-OrderServiceImpl

@Test
public void queryOrderByMemberId() {
    List<Order> orders = orderService.queryOrderByMemberId(3);
    for (Order order : orders) {
        System.out.println(order);
    }
}

@Test
public void queryOrderItemByOrderId() {
    List<OrderItem> orderItems = orderService.queryOrderItemByOrderId("16722370522643");
    for (OrderItem orderItem : orderItems) {
        System.out.println(orderItem);
    }
}
image-20221229190434546 image-20221229192741882

25.3.3web层

OrderServlet,增加两个方法

/**
 * 显示订单order
 *
 * @param req
 * @param resp
 * @throws ServletException
 * @throws IOException
 */
protected void showOrder(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    //获取当前用户id
    Member member = (Member) req.getSession().getAttribute("member");
    if (member == null) {
        //重定向到登录页面
        resp.sendRedirect(req.getContextPath() + "/views/member/login.jsp");
        return;
    }
    int id = DataUtils.parseInt(member.getId().toString(), 0);
    //根据用户id查询对应的订单
    List<Order> orders = orderService.queryOrderByMemberId(id);
    //将订单数据返回显示
    req.setAttribute("orders", orders);
    //请求转发到order.jsp显示
    req.getRequestDispatcher("/views/order/order.jsp").forward(req, resp);
}


/**
 * 显示订单项orderItem
 *
 * @param req
 * @param resp
 * @throws ServletException
 * @throws IOException
 */
protected void showOrderItem(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    //获取当前orderid
    String orderId = req.getParameter("orderId");
    //根据orderId返回对应的订单项orderItem
    List<OrderItem> orderItems = orderService.queryOrderItemByOrderId(orderId);
    //计算该order中所有orderItem的总商品数量和总价格
    Integer totalCount = 0;
    BigDecimal totalPrice = BigDecimal.valueOf(0);
    for (OrderItem orderItem : orderItems) {
        totalCount += orderItem.getCount();
        totalPrice = totalPrice.add(orderItem.getTotalPrice());
    }
    System.out.println("totalCount=>" + totalCount);
    System.out.println("totalPrice=>" + totalPrice);
    //将订单项数据返回显示
    //订单id
    req.setAttribute("orderId", orderId);
    //订单商品总数
    req.setAttribute("totalCount", totalCount);
    //订单商品总额
    req.setAttribute("totalPrice", totalPrice);
    //订单项
    req.setAttribute("orderItems", orderItems);
    //请求转发到order_detail.jsp
    req.getRequestDispatcher("/views/order/order_detail.jsp").forward(req, resp);
}

25.3.4前端页面修改

25.4完成测试

用户只有在登录情况下但能进入订单管理

image-20221229204717352

点击详情的眼睛图案,即可查看该订单详情

image-20221229204819992

26.功能24-过滤器权限验证

26.1需求分析/图解

  1. 加入过滤器权限验证,如果没有登录,查看购物车和添加到购物车时,页面将自动转到登录页面
  2. 除了购物车,网页还有很多这样的操作,都需要先登录才能使用。
  3. 比如,查看购物车页面,访问管理员manage目录下的jsp,还有Servlet等都需要先登录后才能访问。

26.2思路分析

image-20221230201957851

26.3代码实现

web.xml中配置过滤器

<filter>
    <filter-name>AuthFilter</filter-name>
    <filter-class>com.li.furns.filter.AuthFilter</filter-class>
    <init-param>
        <!--这里配置之后,还需要在过滤器中编写规则放行-->
        <param-name>excludedUrls</param-name>
        <param-value>/views/manage/manage_login.jsp,/views/member/login.jsp</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>AuthFilter</filter-name>
    <!--配置过滤器匹配url
    1.在url-pattern中配置要拦截的url
    2.需要拦截的url中也要分情况考虑,
    比如/views/manage/下除了manage_login.jsp外都要拦截
    对于这种在被拦截目录下但又需要放行的资源,我们可以在init-param中配置指定
    -->
    <url-pattern>/views/cart/*</url-pattern>
    <url-pattern>/views/manage/*</url-pattern>
    <url-pattern>/views/member/*</url-pattern>
    <url-pattern>/views/order/*</url-pattern>
    <url-pattern>/cartServlet</url-pattern>
    <url-pattern>/manage/furnServlet</url-pattern>
    <url-pattern>/orderServlet</url-pattern>
</filter-mapping>

AuthFilter

package com.li.furns.filter;

import com.li.furns.entity.Member;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;

/**
 * 这是用于权限验证的过滤器,对指定的url进行验证
 * 如果登录过,就放行;如果没有登录,就返回登录页面
 *
 * @author 李
 * @version 1.0
 */
public class AuthFilter implements Filter {
    //后面我们把要排除的url放入到excludedUrls中
    private List<String> excludedUrls;

    public void init(FilterConfig config) throws ServletException {
        //获取到配置的excludedUrls
        String strExcludedUrls = config.getInitParameter("excludedUrls");
        //进行分割
        String[] splitUrl = strExcludedUrls.split(",");
        //将splitUrl转成List,赋给excludedUrls
        excludedUrls = Arrays.asList(splitUrl);
        System.out.println("excludedUrls=>" + excludedUrls);

    }

    public void destroy() {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
        //权限验证
        HttpServletRequest req = (HttpServletRequest) request;
        //得到请求的url
        String url = req.getServletPath();

        //判断是否要验证
        if (!excludedUrls.contains(url)) {//如果url不在配置的规则中,就进行校验
            //得到session中的member对象
            Member member = (Member) req.getSession().getAttribute("member");
            if (member == null) {//说明用户没有登录过
                //转发到登录页面
                //不要使用重定向,因为重定向的url符合过滤器规则时也会被拦截,
                //如果设置不合理就会出现 请求无线循环重定向的 情况
                req.getRequestDispatcher("/views/member/login.jsp").forward(request, response);
                return;//返回
            }
        }
        //否则就放行
        chain.doFilter(request, response);
    }
}

我们在用户登录时给用户的session中放了一个member对像,方便显示用户信息,同时也方便过滤器处理。因为之前我们是将管理员和用户分开的,因此管理员登录的处理在AdminServlet中。为了方便过滤,这里将admin的登录和member的登录都放到MemberServlet中进行,即不再将管理员和用户视为两张表。

MemberServlet.login()

/**
 * 处理会员和管理员的登录业务
 *
 * @param request
 * @param response
 * @throws ServletException
 * @throws IOException
 */
public void login(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    //1.接收用户名和密码
    //如果前端输入的是null,后台接收的数据为空串""
    String username = request.getParameter("username");
    String password = request.getParameter("password");

    //2.调用MemberServiceImpl的login方法
    Member member = memberService.login(new Member(null, username, password, null));
    if (member == null) {//数据库中没有该用户,返回登录页面
        //登录失败,将错误信息和登录会员名放入request域中
        request.setAttribute("errInfo", "登录失败,用户名或者密码错误");
        request.setAttribute("username", username);
        //注意路径
        request.getRequestDispatcher("/views/member/login.jsp")
                .forward(request, response);
    } else {//登录成功
        //创建session,将jsessionid作为cookie返回给浏览器
        HttpSession session = request.getSession();
        session.setMaxInactiveInterval(1800);//设置生命周期为30分钟
        //将得到的member对象放入session域对象中
        session.setAttribute("member", member);
        if ("admin".equals(member.getUsername())) {
            //跳转到登录成功页面
            request.getRequestDispatcher("/views/manage/manage_menu.jsp")
                    .forward(request, response);
        } else {
            //跳转到登录成功页面
            request.getRequestDispatcher("/views/member/login_ok.jsp")
                    .forward(request, response);
        }
    }
}

26.4完成测试

  1. 在首页点击add to cart

    image-20221230221912180

因为该按钮实际上向cartServlet发出请求,因此被拦截,根据filter编写的逻辑请求转发到用户登录页面

image-20221230221955342

2.在url地址栏直接访问管理员登录页面manage_login.jsp

该页面也处于被拦截的url中,但是当filter拦截后,发现该url在配置的excludedUrls中,根据编写的逻辑,会直接放行,因此可以访问到

image-20221230222308990

管理员登录后,可以正常访问manage目录下的资源

image-20221230232748581 image-20221230232839954
posted @ 2022-12-29 21:03  一刀一个小西瓜  阅读(103)  评论(0编辑  收藏  举报