兩畝三分地

BlogJava :: 首頁(yè) :: 新隨筆 :: 聯(lián)系 :: 聚合

:: 管理 ::

17 隨筆 :: 20 文章 :: 2 評(píng)論 :: 0 Trackbacks

<

2009年9月

>

日

一

二

三

四

五

六

30

31

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

1

2

3

4

5

6

7

8

9

10

常用鏈接

留言簿(2)

隨筆分類

隨筆檔案

文章分類

文章檔案

搜索

閱讀排行榜

評(píng)論排行榜

Blog系統(tǒng)開(kāi)發(fā) 10. UserServlet

UserServlet主要用于用戶登錄，退出以及密碼修改方面的事務(wù)。鑒于對(duì)網(wǎng)絡(luò)應(yīng)用的安全性考慮，
所以u(píng)ser將被寫(xiě)在session里面，用以在某些管理頁(yè)面達(dá)到認(rèn)證作用。

1 private void login(HttpServletRequest request, HttpServletResponse response)
2             throws ServletException, IOException {
3         String userName = request.getParameter("username");
4         String password = request.getParameter("password");
5         String sql = "select id,username,password from users where username = ? and password = ?";
6         String params[] = {userName, password};
7         List users = null;
8
9         QueryRunner qr = DbHelper.getQueryRunner();
10         try {
11             users = (List) qr.query(sql, new BeanListHandler(User.class), params);
12         } catch (SQLException ex) {
13             Logger.getLogger(UserServlet.class.getName()).log(Level.SEVERE, null, ex);
14         }
15         if (users.size()!=0) {
16             User user = (User) users.get(0);
17             HttpSession session = request.getSession();
18             session.setAttribute("user", user);
19             response.sendRedirect(request.getContextPath()+"/BlogServlet?method=list");
20         } else {
21             request.setAttribute("message", "錯(cuò)誤的用戶名或密碼");
22             request.getRequestDispatcher("/admin/login.jsp").forward(request, response);
23         }
24     }

logout相對(duì)很簡(jiǎn)單，使session失效即可

1 private void logout(HttpServletRequest request, HttpServletResponse response)
2             throws ServletException, IOException {
3         HttpSession session = request.getSession();
4         session.invalidate();
5         response.sendRedirect(request.getContextPath());
6     }

modifyPassword

1  private void modify(HttpServletRequest request, HttpServletResponse response)
2             throws ServletException, IOException {
3         String oldPassword = request.getParameter("oldPassword");
4         String newPassword = request.getParameter("newPassword");
5         String confirmPassword = request.getParameter("confirmPassword");
6
7         HttpSession session = request.getSession();
8         User user = (User) session.getAttribute("user");
9         if (!user.getPassword().equals(oldPassword)) {
10             request.setAttribute("message", "與原密碼不匹配");
11         } else {
12             if (!newPassword.equals(confirmPassword)) {
13                 request.setAttribute("message", "新密碼與確認(rèn)密碼不匹配");
14             } else {
15                 String sql = "update users set password =? where id = "+ user.getId();
16                 QueryRunner qr = DbHelper.getQueryRunner();
17                 try {
18                     qr.update(sql, newPassword);
19                 } catch (SQLException ex) {
20                     Logger.getLogger(UserServlet.class.getName()).log(Level.SEVERE, null, ex);
21                 }
22                  request.setAttribute("message", "密碼修改成功");
23             }
24         }
25         request.getRequestDispatcher("/admin/modifyPassword.jsp").forward(request, response);
26     }

posted on 2009-09-30 14:22 Chucky 閱讀(204) 評(píng)論(0) 編輯收藏

新用戶注冊(cè) 刷新評(píng)論列表


只有注冊(cè)用戶登錄后才能發(fā)表評(píng)論。




網(wǎng)站導(dǎo)航: 博客園 IT新聞 Chat2DB C++博客博問(wèn) 管理