js脚本中执行java后台代码

使用场景:关闭页面弹窗时执行sql语句。

其实js里执行sql语句有多种方式。

方式一:直接在js代码里调用sql语句,原则上不能使用,因为这将sql直接暴露在客户端,安全性极差。

方式二:在js里运用ajax技术,调用后台方法执行sql语句。

方式三:运用dwr框架,其实是对ajax技术进行了封装。

一、首先编写一个dwr.xml文件

 1 <?xml version="1.0" encoding="utf-8"?>
 2 <!DOCTYPE dwr PUBLIC "-//GetAhead Limited//DTD Direct Web Remoting 2.0//EN" "http://www.getahead.ltd.uk/dwr//dwr20.dtd">
 3 <dwr>
 4     <allow>
 5         <!-- 对呼叫类型的操作 -->
 6         <create javascript="CallTypeOpDwr" creator="new">
 7             <param name="class"
 8                 value="cn.etcom.jfgl.tel.fee.callType.CallTypeOpDwr" />
 9             <include method="addCallType" />
10             <include method="modifyCallType" />
11             <include method="deleteCallType" />
12             <include method="updateSp" />
13         </create>
14 
15     </allow>
16     <!-- 用户信息管理操作中用到的map配置 -->
17     <signatures>
18         <![CDATA[ 
19             import java.util.List; 
20             import cn.etcom.jfgl.customer.tel.userInfo.UserInfoManageOpDwr;
21             UserInfoManageOpDwr.addUsersInfo(String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,Map<String,String>); 
22             UserInfoManageOpDwr.addUserInfo(String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,String,Map<String,String>); 
23             ]]>
24     </signatures>
25 </dwr>

 

二、在web.xml文件里配置servlet

 1 <!-- DWR相关配置 -->
 2     <servlet>
 3         <servlet-name>dwr-invoker</servlet-name>
 4         <servlet-class>uk.ltd.getahead.dwr.DWRServlet</servlet-class>
 5         <init-param>
 6             <param-name>debug</param-name>
 7             <param-value>false</param-value>
 8         </init-param>
 9         <init-param>
10             <param-name>
11                 allowGetForSafariButMakeForgeryEasier
12             </param-name>
13             <param-value>true</param-value>
14         </init-param>
15         <init-param>   
16             <param-name>crossDomainSessionSecurity</param-name>   
17             <param-value>false</param-value>   
18         </init-param>
19         <load-on-startup>1</load-on-startup>
20     </servlet>
21     <servlet-mapping>
22         <servlet-name>dwr-invoker</servlet-name>
23         <url-pattern>/dwr/*</url-pattern>
24     </servlet-mapping>

三、写一个普通的JAVA类

 1 package cn.etcom.jfgl.tel.fee.callType;
 2 
 3 import java.sql.Connection;
 4 import java.sql.PreparedStatement;
 5 import java.sql.ResultSet;
 6 import java.sql.SQLException;
 7 import java.util.ArrayList;
 8 import java.util.List;
 9 
10 import javax.servlet.http.HttpServletRequest;
11 
12 import org.json.JSONException;
13 import org.json.JSONObject;
14 
15 import cn.etcom.common.utility.DBUtil;
16 import cn.etcom.common.utility.RsHandler;
17 import cn.etcom.common.utility.SqlActuator;
18 import cn.etcom.common.utility.StringUtil;
19 
20 /*******************************************************************************
21  * 
22  * @author 刘彦宁 2011-08-12
23  * 
24  */
25 // 处理呼叫类型的dwr
26 public class CallTypeOpDwr {
27     
28     /***************************************************************************
29      * DWR 方法,执行存储过程。
30      * 
31      */
32     public String updateSp() {
33         String sql = "exec Pub_Sp_UpdateFieldMemo ?";
34         Connection conn = DBUtil.getConnection();
35         PreparedStatement psmt = null;
36         try {
37             psmt = conn.prepareStatement(sql);
38             psmt.setString(1, "CALL");
39             boolean a = psmt.execute();
40             DBUtil.close(null, psmt, conn);
41             conn = DBUtil.getConnection();
42             psmt = conn.prepareStatement(sql);
43             psmt.setString(1, "USER");
44             boolean b = psmt.execute();
45             System.out.println(a);
46             System.out.println(b);
47             System.out.println("关闭弹窗执行存储过程 >> "+sql);
48         } catch (SQLException e) {
49             e.printStackTrace();
50         }finally {
51             DBUtil.close(null, psmt, conn);
52         }
53         return null;
54     }
55 }

四、写一个JSP页面,主要导入engine.js和相应的java类映射的js文件,然后编写js即可调用。

1 //以下为jsp的引入js文件部分
2 <script type="text/javascript">
3     //设置根路径,放在 tab.js 前
4     var glbRootPath = "<%=basePath%>";
5 </script>
6 <script src="<%=basePath%>js/lhgdialog/lhgcore.min.js" type="text/javascript"></script>
7 <script src="<%=basePath%>js/lhgdialog/lhgdialog.js" type="text/javascript"></script>

五、js文件里调用后台代码

 1 var basePath = "";
 2     if(typeof(glbRootPath) != "undefined"){ 
 3         basePath = glbRootPath;
 4         document.write("<script type='text/javascript' src='"+basePath+"\/dwr\/engine.js'><\/script><script type='text/javascript' src='"+basePath+"\/dwr\/interface\/CallTypeOpDwr.js'><\/script>");
 5     }
 6 /*
 7 中间省略若干代码
 8 */
 9 .
10 .
11 .
12 if(typeof(glbRootPath) != "undefined"&&$(this).parent().children().eq(0).text()=="呼叫类型设置"){
13                 console.log("进来了");
14                 DWREngine.setAsync(false);
15                 CallTypeOpDwr.updateSp();
16             }

 

posted on 2017-09-18 18:17  德邦总管  阅读(5831)  评论(0编辑  收藏  举报

导航