一、註冊系統
新增:使用者名稱、使用者帳號、使用者密碼
修改:使用者密碼
刪除:使用者
查詢:使用者
二、登入系統
輸入帳號、密碼進入首頁
三、以ImplictObect之session物件來保護網頁:request、out、reponse、session
session可以在同一應用中之不同網頁中傳遞個別使用者之資料(不同)
if(rs.next()){//系統驗證過了
session.setAttribute("Login(session變數)","OK(字串)");//設定,可設定多個Attribute,名稱須不同
response.sendRedierct("系統首頁.jsp");
}
login.jsp
String Login=(String)session.getAttribute("Login");//取出
if(Login!=null && Login.equal("OK")){
out.print("welcome");
}else{
out.print("請先登入");
reponse.setHeader("Refresh","5;URL=Login.jsp");
}
reponse.sendRedirect("網頁名稱");//轉至某一網頁
http屬於stateless:網頁間獨立,變數不共享
-----------------login.jsp-------------------
<%@ include file="predatabase_setup.jsp"%>
<html>
<head><title>login</title></head>
<body>
<form action="login.jsp" method="post">
ID:<input type="text" name="id" size="10">
Password:<input type="password" name="pw" size="10">
<br/>
<input type="submit" name="submit" >
</form>
<%
String sql="select * from table1 where col1=? and col3=?";
pstmt=conn.prepareStatement(sql);
String id=request.getParameter("id");
String pw=request.getParameter("pw");
pstmt.setString(1,id);
pstmt.setString(2,pw);
ResultSet rs=pstmt.executeQuery();
if(rs.next()){
session.setAttribute("Login","OK");
response.sendRedirect("index.jsp");
}
%>
</body>
</html>
--------------------index.jsp-------------------
<html>
<head><title>index</title></head>
<body>
<a href="preinsert.jsp">Insert</a><br/>
<a href="predelete.jsp">Delete</a><br/>
<a href="premodify.jsp">Modify</a><br/>
<a href="prequery.jsp">Query</a><br/>
</body>
</html>
-------------predatabase_setup.jsp--------
<%@ page import="java.sql.*" %>
<%
Connection conn = null;
PreparedStatement pstmt = null;
try{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");//載入連資料庫的驅動程式
conn=DriverManager.getConnection("jdbc:odbc:test");//抓資料來源
}catch(SQLException sqle){
out.println("SQL Exception"+sqle);
}
%>
--------------preinsert.jsp-------------
<%@ include file="predatabase_setup.jsp" %>
<%
if(request.getParameter("insert")!=null){
String sql="insert into table1(col1,col2,col3) values(?,?,?)";
pstmt=conn.prepareStatement(sql);
String id=request.getParameter("col1");
String name=request.getParameter("col2");
String pw=request.getParameter("col3");
pstmt.setString(1,id);
pstmt.setString(2,name);
pstmt.setString(3,pw);
pstmt.executeUpdate();
}
%>
<html>
<head><title>preinsert</title></head>
<body>
<form action="preinsert.jsp" method="post">
ID:<input type="text" name="col1" size="10">
<br/>
Name:<input type="text" name="col2" size="10">
<br/>
Password:<input type="password" name="col3" size="10">
<br/>
<input type="submit" name="insert" value="Insert">
<input type="reset" name="reset" value="Reset">
</form>
<a href="prequery.jsp">check</a>
</body>
</html>
------------predelete.jsp-------------
<%@ include file="predatabase_setup.jsp" %>
<%
if(request.getParameter("delete")!=null){
String sql="delete from table1 where index=?";
pstmt=conn.prepareStatement(sql);
int num=Integer.parseInt(request.getParameter("id"));
pstmt.setInt(1, num);
pstmt.executeUpdate();
}
%>
<html>
<head><title>predelete</title></head>
<body>
<form action="predelete.jsp" method="post">
ID:<input type="text" name="id" size="10" value="">
<br/>
<input type="submit" name="delete" value="Delete">
</form>
<a href="prequery.jsp">check</a>
</body>
</html>
--------------premodify.jsp--------------
<%@ include file="predatabase_setup.jsp" %>
<%
if(request.getParameter("modify")!=null){
String id=request.getParameter("id");
String name= request.getParameter("col2");
String pw=request.getParameter("col3");
String sql="update table1 set col2=?, col3=? where col1=?";
pstmt=conn.prepareStatement(sql);
pstmt.setString(3,id);
pstmt.setString(1, name);
pstmt.setString(2,pw);
pstmt.executeUpdate();
}
%>
<html>
<head><title>premodify</title></head>
<body>
<form action="premodify.jsp" method="post">
ID:<input type="text" name="id" size="10" value="">
<br/>
Name:<input type="text" name="col2" size="10" value="">
<br/>
Password:<input type="password" name="col3" size="10" value="">
<br/>
<input type="submit" name="modify" value="Modify">
</form>
<a href="prequery.jsp">check</a>
</body>
</html>
--------------prequery.jsp-------------
<%@ include file="predatabase_setup.jsp" %>
<html>
<head><title>prequery</title></head>
<body>
<%
String sql="select * from Table1";//取出Table1的所有欄位
pstmt=conn.prepareStatement(sql);
ResultSet rs=pstmt.executeQuery();//執行SQL語法
out.println("<table border='1'>");
out.println("<tr>");
out.println("<td>Index</td>");
out.println("<td>ID</td>");
out.println("<td>Name</td>");
out.println("<td>Password</td>");
out.println("</tr>");
while(rs.next()){
String index=rs.getString("index");
String id=rs.getString("col1");
String name=rs.getString("col2");
String pw=rs.getString("col3");
out.println("<tr>");
out.println("<td>"+index+"</td>");
out.println("<td>"+id+"</td>");
out.println("<td>"+name + "</td>");
out.println("<td>"+pw + "</td>");
out.println("</tr>");
}
out.println("</table>");
rs.close();
%>
</body>
</html>
沒有留言:
張貼留言