先创建一个User类
package top.xinsir.bean; public class User { private Integer id; private String userName; private String pwd; private Integer age; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getUserName() { return userName; } public void setUserName(String userName) { this.userName = userName; } public String getPwd() { return pwd; } public void setPwd(String pwd) { this.pwd = pwd; } public Integer getAge() { return age; } public void setAge(Integer age) { this.age = age; } public User() { super(); // TODO Auto-generated constructor stub } public User(Integer id, String userName, String pwd, Integer age) { super(); this.id = id; this.userName = userName; this.pwd = pwd; this.age = age; } public User(String userName, String pwd, Integer age) { super(); this.userName = userName; this.pwd = pwd; this.age = age; } @Override public String toString() { return "User [age=" + age + ", id=" + id + ", pwd=" + pwd + ", userName=" + userName + "]"; } }创建一个UserManager类,然后查询代码都写在这个类中
代码:
/** * 根据账户名和密码查询所有用户信息 * @param userName * @param pwd * @return */ public static User login(String userName, String pwd) { Connection conn = DBUtil.getConn(); PreparedStatement ps = null; ResultSet rs = null; User user = null; String sql = "select * from users where user_name=? and pwd=?"; try { ps = conn.prepareStatement(sql); ps.setString(1, userName); ps.setString(2, pwd); rs = ps.executeQuery(); if (rs.next()) { user = new User(rs.getInt("id"), rs.getString("user_name"), rs.getString("pwd"), rs.getInt("age")); } } catch (SQLException e) { // TODO Auto-generated catch block e.printStackTrace(); } return user; }代码:
/** * 根据id获取用户信息 * * @return */ public static User getUserByID(Integer id) { Connection conn = DBUtil.getConn(); PreparedStatement ps = null; ResultSet rs = null; User user = null; String sql = "select * from users where id=?"; try { ps = conn.prepareStatement(sql); ps.setInt(1, id); rs = ps.executeQuery(); if (rs.next()) { user = new User(rs.getInt("id"), rs.getString("user_name"), rs.getString("pwd"), rs.getInt("age")); } } catch (SQLException e) { e.printStackTrace(); } return user; }新建一个Test测试类,来测试上面的代码 写入main方法里: 通过用户名和密码查询用户信息:
// 登录功能 通过用户名和密码查询用户信息 String userName = "zhangsan"; String pwd = "123456"; // 调用方法 并存储到User对象中 User user = UserManager.login(userName, pwd); if(user!=null){ // 输出用户所有信息 System.out.println("id:"+user.getId()+" userName:"+user.getUserName()+" pwd:"+user.getPwd()+" age:"+user.getAge()); }else{ // 输出错误信息 System.out.println("账户名或密码错误"); }控制台输出: 通过id查询用户所有信息
// 通过id查询用户所有信息 int id = 1; // 调用方法 并存储到User对象中 User user = UserManager.getUserByID(id); if(user!=null){ // 输出用户所有信息 System.out.println("id:"+user.getId()+" userName:"+user.getUserName()+" pwd:"+user.getPwd()+" age:"+user.getAge()); }else{ // 输出错误信息 System.out.println("没有存在此id"); }控制台输出: 查询所有用户信息
// 查询所有数据 ArrayList<User> userList = new ArrayList<User>(); // new一个ArrayList数组 // 调用方法 userList = UserManager.getUserList(); // 遍历输出 for (User users : userList) { System.out.println(users.toString()); }控制台输出:
新建一个login.jsp页面:
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>登录页面</title> </head> <body> <form action="login" method="post"> 用户名:<input type="text" name="userName" /><br/> 密码:<input type="text" name="pwd" /><br/> <input type="submit" value="登录" /> </form> </body> </html>新建一个servlet名字为LoginServlet.java:
package top.xinsir.action; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import top.xinsir.bean.User; import top.xinsir.test.UserManager; public class LoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 设置编码 request.setCharacterEncoding("utf-8"); // 获取参数 String userName = request.getParameter("userName"); String pwd = request.getParameter("pwd"); // 响应 User user = UserManager.login(userName, pwd); if(user!=null){ // 如果user里面有值得话说明登录成功 // 用session会话传递user值 HttpSession session = request.getSession(); session.setAttribute("user", user); // 跳转到main.jsp页面 response.sendRedirect("main.jsp"); }else{ // 如果为空的话说明账户名或密码错误 // 跳转到main.jsp页面 response.sendRedirect("main.jsp"); } } }新建一个main.jsp页面,来查看session会话里面的内容是否为空,如果是空的话,那说明账户名或密码错误,就是登陆失败了,如果不是空那说明登录成功了 代码:
<%@page import="top.xinsir.bean.User"%> <%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'main.jsp' starting page</title> </head> <body> <% // 接收传递过来的session值 User user = (User)session.getAttribute("user"); if(user != null){ // 如果user不是空的话说明登录过 }else{ // 如果user是空的话说明没有登录过 // 没有登录过跳转到登录页面 response.sendRedirect("login.jsp"); } %> 这个页面只允许登录过得用户才能看到,其他人没有权利查看!!! </body> </html>部署之后打开浏览器输入main.jsp 会直接跳转到login.jsp页面,登录后才能显示main.jsp的内容 输入正确的账户名密码点击登录之后 这就是session的效果,判断接收过来的值是否为空,从而达到权限管理的效果
当然这段代码可能每个页面都要验证是否登录了,这样每个页面都写上的话就太麻烦了,所以可以新建一个jsp来让其他页面用到的时候调用就可以了
新建一个IsLoginServlet.java的servlet类
package top.xinsir.action; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import top.xinsir.bean.User; public class IsLoginServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request, response); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // 编码问题 request.setCharacterEncoding("utf-8"); HttpSession session = request.getSession(); User user = (User) session.getAttribute("user"); if (user != null) { // 如果user不为空,那么说明登录成功,执行页面的代码 } else { // 如果user为空,那么说明登录失败,重新跳转到登录页面 response.sendRedirect("login.jsp"); } } }然后使用默认的index.jsp页面测试一下验证是否登录的代码是不是有效的
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@page import="top.xinsir.action.IsLoginServlet"%> <% String path = request.getContextPath(); String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + path + "/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'index.jsp' starting page</title> </head> <body> <% // 实例化IsLoginServlet对象 IsLoginServlet login = new IsLoginServlet(); // 调用是否登录的方法 login.doPost(request, response); %> 测试调用权限管理方法是否有效! </body> </html>然后重新部署打开浏览器输入index.jsp 输入之后会跳转到login.jsp登录页面 输入账号密码,点击登录 这个时候跳转到main.jsp页面了说明登录成功了,跳转到main.jsp页面是因为LoginServlet里面写的就是登录成功后跳转到main.jsp页面 可以不用管它,然后继续访问index.jsp页面 这个时候打开看到已经可以了,因为是已经登录过的,session会话在保持着。直到浏览器关闭之后才会关闭session会话。
