Servlet学习小结

  最近有点小累啊,上课平均一天6小时,再去修一修代码就没什么多的时间了。现在写我最近学习的成果:
想想最近软件工程老师留的题目,我还有一些重要的地方没有想清楚。题目是这样的:生成四则运算的题目,算术题目包括随机生成生成计算数字,随机的运算符,题目可以避免重复,可以定制打印方式、数量,但是要考虑是否带括号。最后一个要求让我有点纠结啊,我的方法是:
考虑到随机生成n个数,可以最多有n-1个左括号的情况,再依次考虑右括号的具体位置,但是还有右括号的位置有些问题:若每次左括号都未生成,默认最后一次有左括号,这样的情况排除。其他情况并不好找到括号。所以我考虑分情况讨论:分为随机的参数不大于5和不大于10两种情况。分开讨论,但是这样到了输入输出还是很麻烦,所以写的我有点疲倦了,但是还是要写完应该在明后天。
前两天把老师布置的JavaEE的作业搞得差不多了,自己主要使用的Servlet写的,同时把重要的知识点罗列了一下,大致如下:
          1.servlet的开发方式有三种:同过servlet接口来开发;继承GenericServlet接口;主要是继承HttpServlet的方式。
          2.开发HttpServlet的时候只需要重写doPost()和doGet()方法实现。get和post方法存在一定的区别。其中通常在doPost()中写this.doGet(res,req);
          3.最后在web.xml中进行部署。注意一一对应和一些细节的地方。(我会在接下来的代码中去体现)。

我按照老师的要求编写一个小的登录系统的实例来加深和巩固学习这个知识。
三个servelet之间的数据传输和数据显示。
  Login.java(登录)->Logincl.java(验证登陆)->wel.java(欢迎界面)最后连接mysql数据库进行验证。
在开始的时候我选用sendRedirect()提交,但是发现在跳转到另一个界面的时候会在跳转的地址后面加上相应的跳转的信息,
用户的信息容易泄漏。后来选用session进行数据的交互。以下:是我学习的笔记。

通过sendRedirect(url?uname=..)传递数据

      1.url 代表要跳转的servlet的url

    2.servelet url名和变量之间有?符号
    3.要传两个以上的值要用“&”分开

    4.传送过程时的中文要改编码方式

而通过使用session来共享数据:
    1.得到session

        Httpsession hs=resquest.getSession(true);
    2.向session添加属性
      hs.setAttibute(String name,Object val);
    3.从session得到某一个属性
      String name=hs.getAttibute
    4.session中删除某个属性
      hs.removeAttibute(String name);
注意:session中的属性存在时间是30min(是间隔时间)
session可以看成一个数据表格 session中的各个属性都要占用服务器内存。

Login.java

  1 package com.ly;
  2 
  3 import java.io.IOException;
  4 import java.io.PrintWriter;
  5 
  6 import javax.servlet.ServletException;
  7 import javax.servlet.http.HttpServlet;
  8 import javax.servlet.http.HttpServletRequest;
  9 import javax.servlet.http.HttpServletResponse;
 10 
 11 public class Login extends HttpServlet {
 12 
 13     /**
 14      * 
 15      */
 16     private static final long serialVersionUID = 1L;
 17 
 18     /**
 19      * Constructor of the object.
 20      */
 21     public Login() {
 22         super();
 23     }
 24 
 25     /**
 26      * Destruction of the servlet. <br>
 27      */
 28     public void destroy() {
 29         super.destroy(); // Just puts "destroy" string in log
 30         // Put your code here
 31     }
 32 
 33     /**
 34      * The doGet method of the servlet. <br>
 35      *
 36      * This method is called when a form has its tag value method equals to get.
 37      * 
 38      * @param request the request send by the client to the server
 39      * @param response the response send by the server to the client
 40      * @throws ServletException if an error occurred
 41      * @throws IOException if an error occurred
 42      */
 43     public void doGet(HttpServletRequest request, HttpServletResponse response)
 44             throws ServletException, IOException {
 45 
 46         //业务逻辑
 47         try{
 48             
 49             //中文乱码
 50             response.setContentType("text/html;charset=gbk");
 51             
 52             PrintWriter pw=response.getWriter();   //字符流用来向jsp界面输出字符串
 53             
 54             //返回登录界面
 55             pw.println("<html>");
 56             pw.println("<body>");
 57             pw.println("<h1>登录界面</h1>");
 58             
 59             //判断用户名是否为空
 60             String info=request.getParameter("info");
 61             if(info!=null)
 62             {
 63                 pw.println("<h1>你的用户名为空!</h1><br>");
 64             }
 65             pw.println("<form action=logincl method=post>");
 66             pw.println("用户名:<input type=text name=usrename><br>");
 67             pw.println("密码: <input type=password name=passwd><br>");
 68             pw.println("<input type=hidden name=sex value=男><br>");
 69             pw.println("<input type=submit value=loging><br>");
 70             pw.println("</form>");
 71             pw.println("</body>");
 72             pw.println("</html>");
 73             
 74         }catch(Exception ex)
 75         {
 76             ex.printStackTrace();
 77         }
 78     }
 79 
 80     /**
 81      * The doPost method of the servlet. <br>
 82      *
 83      * This method is called when a form has its tag value method equals to post.
 84      * 
 85      * @param request the request send by the client to the server
 86      * @param response the response send by the server to the client
 87      * @throws ServletException if an error occurred
 88      * @throws IOException if an error occurred
 89      */
 90     public void doPost(HttpServletRequest request, HttpServletResponse response)
 91             throws ServletException, IOException {
 92 
 93      this.doGet(request, response);
 94     }
 95 
 96     /**
 97      * Initialization of the servlet. <br>
 98      *
 99      * @throws ServletException if an error occurs
100      */
101     public void init() throws ServletException {
102         // Put your code here
103     }
104 
105 }

Logincl.java

  1 package com.ly;
  2 
  3 import java.io.IOException;
  4 
  5 import javax.servlet.ServletException;
  6 import javax.servlet.http.HttpServlet;
  7 import javax.servlet.http.HttpServletRequest;
  8 import javax.servlet.http.HttpServletResponse;
  9 import javax.servlet.http.HttpSession;
 10 import java.sql.*;
 11 
 12 public class Logincl extends HttpServlet {
 13 
 14     /**
 15      * 
 16      */
 17     private static final long serialVersionUID = 1L;
 18 
 19     /**
 20      * Constructor of the object.
 21      */
 22     public Logincl() {
 23         super();
 24     }
 25 
 26     /**
 27      * Destruction of the servlet. <br>
 28      */
 29     public void destroy() {
 30         super.destroy(); // Just puts "destroy" string in log
 31         // Put your code here
 32     }
 33 
 34     /**
 35      * The doGet method of the servlet. <br>
 36      *
 37      * This method is called when a form has its tag value method equals to get.
 38      * 
 39      * @param request the request send by the client to the server
 40      * @param response the response send by the server to the client
 41      * @throws ServletException if an error occurred
 42      * @throws IOException if an error occurred
 43      */
 44     public void doGet(HttpServletRequest request, HttpServletResponse response)
 45             throws ServletException, IOException {
 46 
 47         response.setContentType("text/html;charset=gbk");
 48         
 49         //驱动名
 50         String driver="com.mysql.jdbc.Driver";
 51         //数据库的URL
 52         String url="jdbc:mysql://127.0.0.1:3306/lydb";
 53         //mysql的用户名和密码
 54         String user="root";
 55         String password="123";
 56         
 57         Connection conn=null;
 58         Statement statement=null;
 59         ResultSet rs=null;
 60         //PrintWriter pw=response.getWriter();   //字符流用来向jsp界面输出字符串
 61         try{    
 62             
 63             //接受用户名和密码
 64             String u=request.getParameter("usrename");
 65             String p=request.getParameter("passwd");
 66             String e=request.getParameter("sex");
 67             
 68             //加载驱动
 69             Class.forName(driver);
 70             
 71             //连接数据库
 72              conn=DriverManager.getConnection(url, user, password);
 73             
 74             if(!conn.isClosed())
 75             System.out.println("Successed connection to the Database!");
 76             
 77             //创建statement 来执行SQL语句
 78              statement=conn.createStatement();
 79             //结果集(解决sql漏洞)
 80             String sql="select passwd from users where username='"+u+"'";
 81             rs=statement.executeQuery(sql);
 82             
 83             
 84             
 85             if(rs.next())
 86             {
 87                 //用户存在
 88                 String dbPasswd=rs.getString(1);
 89                 
 90                 if(dbPasswd.equals(p))
 91                 {
 92                     //合法用户 跳转
 93                     
 94                     //将用户名和密码的信息写入session
 95                     //得到session
 96             
 97                     HttpSession hs=request.getSession(true);
 98                     //修改session的存在时间(s为单位)
 99                     hs.setMaxInactiveInterval(20);
100                 hs.setAttribute("uname",u);
101                 hs.setAttribute("uPass", p);
102                 hs.setAttribute("uSex", e);
103                 response.sendRedirect("wel");  //serverlet的URL    
104                 
105                 }
106             }
107             else
108             {
109                 //说明用户名不存在
110                 response.sendRedirect("Login");
111             }
112             
113         }catch(Exception ex)
114         {
115             
116             ex.printStackTrace();
117         }finally
118         {
119             try {
120                 if(rs!=null)
121                 rs.close();
122                 if(statement!=null)
123                 statement.close();
124                 if(conn!=null)
125                 conn.close();
126             } catch (Exception e) {
127                 // TODO Auto-generated catch block
128                 e.printStackTrace();
129             }
130         }
131         String username=null;
132         String passwd=null;
133         String mail=null;
134         String grade=null;
135         String u=request.getParameter("usrename");
136         String    sql="select * from users where username='"+u+"'";
137         try {
138             username=rs.getString("username");
139             System.out.println(username);
140         } catch (SQLException e) {
141             // TODO Auto-generated catch block
142             e.printStackTrace();
143             
144         }
145     }
146 
147     /**
148      * The doPost method of the servlet. <br>
149      *
150      * This method is called when a form has its tag value method equals to post.
151      * 
152      * @param request the request send by the client to the server
153      * @param response the response send by the server to the client
154      * @throws ServletException if an error occurred
155      * @throws IOException if an error occurred
156      */
157     public void doPost(HttpServletRequest request, HttpServletResponse response)
158             throws ServletException, IOException {
159 
160          this.doGet(request, response);
161     }
162 
163     /**
164      * Initialization of the servlet. <br>
165      *
166      * @throws ServletException if an error occurs
167      */
168     public void init() throws ServletException {
169         // Put your code here
170     }
171 
172 }

wel.java

  1 package com.ly;
  2 
  3 import java.io.IOException;
  4 import java.io.PrintWriter;
  5 
  6 import javax.servlet.ServletException;
  7 import javax.servlet.http.HttpServlet;
  8 import javax.servlet.http.HttpServletRequest;
  9 import javax.servlet.http.HttpServletResponse;
 10 import javax.servlet.http.HttpSession;
 11 
 12 public class Wel extends HttpServlet {
 13 
 14     /**
 15      * 
 16      */
 17     private static final long serialVersionUID = 1L;
 18 
 19     /**
 20      * Constructor of the object.
 21      */
 22     public Wel() {
 23         super();
 24     }
 25 
 26     /**
 27      * Destruction of the servlet. <br>
 28      */
 29     public void destroy() {
 30         super.destroy(); // Just puts "destroy" string in log
 31         // Put your code here
 32     }
 33 
 34     /**
 35      * The doGet method of the servlet. <br>
 36      *
 37      * This method is called when a form has its tag value method equals to get.
 38      * 
 39      * @param request the request send by the client to the server
 40      * @param response the response send by the server to the client
 41      * @throws ServletException if an error occurred
 42      * @throws IOException if an error occurred
 43      */
 44     public void doGet(HttpServletRequest request, HttpServletResponse response)
 45             throws ServletException, IOException {
 46   
 47         
 48         //得到session
 49         HttpSession hs=request.getSession(true);
 50         String u=(String) hs.getAttribute("uname");
 51         String p=(String) hs.getAttribute("uPass");
 52         String e=(String) hs.getAttribute("uSex");
 53         if(u==null)
 54         {
 55             
 56             try {
 57                 //PrintWriter pw=response.getWriter(); 
 58                 //非法登陆
 59                 //pw.write("<script>alert('你的用户名为空');</script>");    
 60                 response.sendRedirect("Login?info=error");    
 61                 return ;
 62             } catch (Exception ex) {
 63                 // TODO: handle exception
 64                 ex.printStackTrace();
 65             }
 66           
 67         }
 68         //得到logincl传递的用户名
 69         //String u=request.getParameter("uname");
 70         
 71         //得到密码
 72         //String p=request.getParameter("uPass");
 73         
 74         //得到性别
 75         //String e=request.getParameter("uSex");
 76     try{
 77     //    response.setContentType("text/html;charset=gbk");    
 78       PrintWriter out = response.getWriter();
 79       out.println("Hello!!!"+u+" password="+p+"Sex="+e);
 80       }
 81   catch(Exception ex)
 82   {
 83       ex.printStackTrace();
 84   }
 85     }
 86 
 87     /**
 88      * The doPost method of the servlet. <br>
 89      *
 90      * This method is called when a form has its tag value method equals to post.
 91      * 
 92      * @param request the request send by the client to the server
 93      * @param response the response send by the server to the client
 94      * @throws ServletException if an error occurred
 95      * @throws IOException if an error occurred
 96      */
 97     public void doPost(HttpServletRequest request, HttpServletResponse response)
 98             throws ServletException, IOException {
 99 
100          this.doGet(request, response);
101     }
102 
103     /**
104      * Initialization of the servlet. <br>
105      *
106      * @throws ServletException if an error occurs
107      */
108     public void init() throws ServletException {
109         // Put your code here
110     }
111 
112 }

web.xml

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <web-app version="2.4" 
 3     xmlns="http://java.sun.com/xml/ns/j2ee" 
 4     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
 5     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
 6     http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
 7   <servlet>
 8     <description>This is the description of my J2EE component</description>
 9     <display-name>This is the display name of my J2EE component</display-name>
10     <servlet-name>Login</servlet-name>
11     <servlet-class>com.ly.Login</servlet-class>
12   </servlet>
13   
14     <servlet-mapping>
15     <servlet-name>Login</servlet-name>
16     <url-pattern>/Login</url-pattern>
17   </servlet-mapping>
18   
19   <servlet>
20     <description>This is the description of my J2EE component</description>
21     <display-name>This is the display name of my J2EE component</display-name>
22     <servlet-name>Logincl</servlet-name>
23     <servlet-class>com.ly.Logincl</servlet-class>
24   </servlet>
25   
26     <servlet-mapping>
27     <servlet-name>Logincl</servlet-name>
28     <url-pattern>/logincl</url-pattern>
29   </servlet-mapping>
30   
31   <servlet>
32     <description>This is the description of my J2EE component</description>
33     <display-name>This is the display name of my J2EE component</display-name>
34     <servlet-name>Wel</servlet-name>
35     <servlet-class>com.ly.Wel</servlet-class>
36   </servlet>
37 
38   <servlet-mapping>
39     <servlet-name>Wel</servlet-name>
40     <url-pattern>/wel</url-pattern>
41   </servlet-mapping>
42   
43   <welcome-file-list>
44     <welcome-file>index.jsp</welcome-file>
45   </welcome-file-list>
46 </web-app>

还有其中设计了数据登录是的注入漏洞的知识(明天补上)

posted @ 2016-03-10 23:07  代码小逸  阅读(190)  评论(0编辑  收藏  举报