java写一个servlet实现登录功能,servlet简单登录实例代码

KLQ 2020-06-19 10:18:58 java常见问答 7803

下面给大家带来的java实例是登陆servlet的例子,你知道登陆servlet如何用java实现吗?下面就一起来看看下面的例子吧。

Login.java代码

package com.bai;
import javax.servlet.http.*;
import java.io.*;
public class Login extends HttpServlet
{
    public void doGet(HttpServletRequest req, HttpServletResponse res)
    {
        try
        {
            req.setCharacterEncoding("gb2312");
            res.setContentType("text/html;charset=gb2312");
            PrintWriter pw = res.getWriter();
            pw.println("<html>");
            pw.println("<body>");
            pw.println("<h1>登陆界面</h1>");
            pw.println("<form action=logincl method=post>");
            pw.println("用户名:<input type=text name=username><br>");
            pw.println("密码:<input type=password name=passwd><br>");
            pw.println("<input type=submit value=login><br>");
            pw.println("</form>");
            pw.println("</body>");
            pw.println("</html>");
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
    }
    public void doPost(HttpServletRequest req, HttpServletResponse res)
    {
        this.doGet(req, res);
    }
}

LoginCl.java代码

package com.bai;
import javax.servlet.http.*;
import java.io.*;
import java.sql.*;
public class LoginCl extends HttpServlet
{
    public void doGet(HttpServletRequest req, HttpServletResponse res)
    {
        Connection conn = null;
        Statement stmt = null;
        ResultSet rs = null;
        String sql = "select username,passwd from users where username = ? and passwd = ?";
        try
        { //req.setCharacterEncoding("gb2312");
            String user = req.getParameter("username");
            String password = req.getParameter("passwd");
            Class.forName("com.mysql.jdbc.Driver");
            conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/sqdb", "root", "root");
            //            stmt=conn.createStatement();
            PreparedStatement pstmt = conn.prepareStatement(sql);
            pstmt.setString(1, user);
            pstmt.setString(2, password);
            rs = pstmt.executeQuery();
            //            rs=stmt.executeQuery("select top 1 * from users where username='"+user
            //                +"' and passwd='"+password+"'");
            if (rs.next())
            {
                HttpSession hs = req.getSession(true);
                hs.setMaxInactiveInterval(60);
                hs.setAttribute("name", user);
                res.sendRedirect("welcome?&uname=" + user + "&upass=" + password);
            }
            else
            {
                res.sendRedirect("login"); //url
            }
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
        finally
        {
            try
            {
                if (rs != null)
                {
                    rs.close();
                }
                if (stmt != null)
                {
                    stmt.close();
                }
                if (conn != null)
                {
                    conn.close();
                }
            }
            catch (Exception e)
            {
                e.printStackTrace();
            }
        }
    }
    public void doPost(HttpServletRequest req, HttpServletResponse res)
    {
        this.doGet(req, res);
    }
}

不知道你有没有发现,上面的这个处理用户名密码带有明显注入漏洞,能够依据用户名从数据库取密码,用取出的密码和用户输入的密码比较。

代码

sql = select passwd from users where username = ? limit 1
if (rs.next())
{
    String passwd = rs.getString(1);
    if (passwd.equals(password))
        //密码正确
    else //密码错误
}

Welcome.java代码

package com.bai;
import javax.servlet.http.*;
import java.io.*;
public class Welcome extends HttpServlet
{
    public void doGet(HttpServletRequest req, HttpServletResponse res)
    {
        HttpSession hs = req.getSession();
        String val = (String) hs.getAttribute("pass");
        if (val == null)
        {
            try
            {
                System.out.print(1);
                res.sendRedirect("login");
            }
            catch (Exception e)
            {
                e.printStackTrace();
            }
        }
        String u = req.getParameter("uname");
        String p = req.getParameter("upass");
        try
        { //req.setCharacterEncoding("gb2312");
            PrintWriter pw = res.getWriter();
            pw.println("welcome! " + u + "&pass=" + p);
        }
        catch (Exception e)
        {
            e.printStackTrace();
        }
    }
    public void doPost(HttpServletRequest req, HttpServletResponse res)
    {
        this.doGet(req, res);
    }
}

关于java写一个servlet实现登录的例子就给你介绍到这里了,希望上面的内容可以对你有所帮助哦,更多java实例,请继续关注奇Q工具网来进行了解吧。

推荐阅读:

java session时长问题,java设置session超时时间实例

java多线程实例,java线程之间如何通信?

java接口的实例,java接口应用举例