购物商城系统1,简单的登录页"/>
购物商城系统1,简单的登录页
//2020.8.3
距离项目结束还有4天,近期在整合代码,做了简单的注册页和登录页,但是在朋友的提醒下我发现这个登录页的安全性不够好,原因是在于我在登录页面做了登录验证,没有后续的二次验证,导致可以直接访问到财务页面.我没有使用servlet,而是直接在jsp页面內进行串接数据,也是一大失误,说到这里突然有点羡慕隔壁班学的spring,真的比servlet部署快太多。
下面是登录页代码
测试类:用于测试是否接收到数据库的信息
package com.etc.test;import com.etc.dao.GoodsDao;
import com.etc.entity.Goods;import java.util.List;public class test {public static void main(String args[]){GoodsDao goodsDao = new GoodsDao();List<Goods> list = goodsDao.quertAllGoods();for(Goods goods : list) {System.out.print(goods.getGoods_cost());}}
}
一个简单的工具类,用于链接数据库
package com.etc.util;import com.sun.rowset.CachedRowSetImpl;
import javax.sql.rowset.CachedRowSet;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.sql.rowset.CachedRowSet;
import com.sun.rowset.CachedRowSetImpl;/** JDBC访问数据库* (1)注册驱动。
(2)建立连接(Connection)。
(3)创建数据库操作对象用于执行SQL的语句。
(4)执行语句。
(5)处理执行结果(ResultSet)。
(6)释放资源。*/
public class DButil {//1.加载并注册驱动程序public static final String DRIVER = "com.mysql.jdbc.Driver";//URL USER PASSWORDpublic static final String URL="jdbc:mysql://localhost:3306/shopping?characterEncoding=UTF-8";public static final String USER="root";public static final String PASSWORD="lovezxp1314..";/*DriverManager类提供了getConnection方法,用来建立与数据库的连接。调用getConnection()方法可返回一个数据库连接对象。*///2.创建一个Connection getCon()方法public Connection getCon() {//创建Connection对象Connection con = null;try {Class.forName(DRIVER);//DriverManager类即可用来建立数据库连接。con = DriverManager.getConnection(URL, USER, PASSWORD);System.out.println("数据库连接成功");} catch (Exception e) {// TODO: handle exceptione.printStackTrace();} return con; }//查询功能/** sql语句* Object ...param 可变参数*///创建一个更新操作的方法 修改 删除 插入/** int executeUpdate(String sql):执行update、insert、delete,返回一个整数,表示执行SQL语句影响的数据行数。*/public int update(String sql,Object ...param ) {//连接数据库//创建Connection对象Connection con = getCon();//创建PreparedStatementPreparedStatement ps = null;//定义一个更新结果result变量int result = 0;try {ps = con.prepareStatement(sql);//for循环遍历sql的参数for (int i = 0; i < param.length; i++) {//补充sql的参数ps.setObject(i + 1, param[i]);}//执行更新操作result = ps.executeUpdate();} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}return result;}public CachedRowSet Query(String sql, Object...param) {Connection con = getCon();PreparedStatement ps = null;ResultSet rs = null;CachedRowSet crs = null;try {ps = con.prepareStatement(sql);for(int i = 0 ; i<param.length ; i++ ) {ps.setObject(i+1, param[i]);}rs = ps.executeQuery();crs = new CachedRowSetImpl();crs.populate(rs);} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}return crs;}}
user类
package com.etc.entity;
//用户import com.etc.util.DButil;import javax.sql.rowset.CachedRowSet;
import java.sql.SQLException;public class User {private Integer user_id;private String user_name;private String uer_password;private String user_email;private String user_address;public String getUser_email() {return user_email;}public void setUser_email(String user_email) {this.user_email = user_email;}public String getUser_address() {return user_address;}public User(Integer user_id, String user_name, String uer_password) {this.user_id = user_id;this.user_name = user_name;this.uer_password = uer_password;}public void setUser_address(String user_address) {this.user_address = user_address;}public Integer getUser_id() {return user_id;}public void setUser_id(Integer user_id) {this.user_id = user_id;}public String getUser_name() {return user_name;}public void setUser_name(String user_name) {this.user_name = user_name;}public String getUer_password() {return uer_password;}public void setUer_password(String uer_password) {this.uer_password = uer_password;}public User(Integer user_id, String user_name, String uer_password,String user_email,String user_address) {this.user_id = user_id;this.user_name = user_name;this.uer_password = uer_password;this.user_email = user_email;this.user_address = user_address;}}
商家类:我也不知道为什么组长要写成shopper hhh
package com.etc.entity;public class Shopper {private int shop_id;private String shop_name;private String shop_password;private String shop_email;private String shop_address;private String shop_idcardnum;private String shop_telnum;public Shopper(int shop_id, String shop_name, String shop_password, String shop_email, String shop_address, String shop_idcardnum, String shop_telnum) {this.shop_id = shop_id;this.shop_name = shop_name;this.shop_password = shop_password;this.shop_email = shop_email;this.shop_address = shop_address;this.shop_idcardnum = shop_idcardnum;this.shop_telnum = shop_telnum;}public int getShop_id() {return shop_id;}public void setShop_id(int shop_id) {this.shop_id = shop_id;}public String getShop_name() {return shop_name;}public void setShop_name(String shop_name) {this.shop_name = shop_name;}public String getShop_password() {return shop_password;}public void setShop_password(String shop_password) {this.shop_password = shop_password;}public String getShop_email() {return shop_email;}public void setShop_email(String shop_email) {this.shop_email = shop_email;}public String getShop_address() {return shop_address;}public void setShop_address(String shop_address) {this.shop_address = shop_address;}public String getShop_idcardnum() {return shop_idcardnum;}public void setShop_idcardnum(String shop_idcardnum) {this.shop_idcardnum = shop_idcardnum;}public String getShop_telnum() {return shop_telnum;}public void setShop_telnum(String shop_telnum) {this.shop_telnum = shop_telnum;}
}
Goods类
package com.etc.entity;
import java.sql.Blob;
import java.util.Arrays;
import java.util.Comparator;public class Goods {private int goods_id;private int shop_id;private String shop_name;private String goods_name;private String goods_describe;private double goods_star;private Blob goods_photo;private int goods_cost;private int goods_sell_quantity;private int goods_exist_quantity;public Goods(int goods_id, String goods_name, String goods_describe, double goods_star, int goods_cost, int goods_sell_quantity, int goods_exist_quantity) {this.goods_id = goods_id;this.goods_name = goods_name;this.goods_describe = goods_describe;this.goods_star = goods_star;this.goods_cost = goods_cost;this.goods_sell_quantity = goods_sell_quantity;this.goods_exist_quantity = goods_exist_quantity;}public Goods(int goods_id, String goods_name, int goods_cost, int goods_sell_quantity, int goods_exist_quantity) {this.goods_id = goods_id;this.goods_name = goods_name;this.goods_cost = goods_cost;this.goods_sell_quantity = goods_sell_quantity;this.goods_exist_quantity = goods_exist_quantity;}public int getGoods_id() {return goods_id;}public void setGoods_id(int goods_id) {this.goods_id = goods_id;}public String getGoods_name() {return goods_name;}public void setGoods_name(String goods_name) {this.goods_name = goods_name;}public int getShop_id() {return shop_id;}public void setShop_id(int shop_id) {this.shop_id = shop_id;}public String getShop_name() {return shop_name;}public void setShop_name(String shop_name) {this.shop_name = shop_name;}public String getGoods_describe() {return goods_describe;}public void setGoods_describe(String goods_describe) {this.goods_describe = goods_describe;}public double getGoods_star() {return goods_star;}public void setGoods_star(double goods_star) {this.goods_star = goods_star;}public double getGoods_cost() {return goods_cost;}public void setGoods_cost(int goods_cost) {this.goods_cost = goods_cost;}public int getGoods_sell_quantity() {return goods_sell_quantity;}public void setGoods_sell_quantity(int goods_sell_quantity) {this.goods_sell_quantity = goods_sell_quantity;}public int getGoods_exist_quantity() {return goods_exist_quantity;}public void setGoods_exist_quantity(int goods_exist_quantity) {this.goods_exist_quantity = goods_exist_quantity;}public Blob getGoods_photo() {return goods_photo;}public void setGoods_photo(Blob goods_photo) {this.goods_photo = goods_photo;}public Goods() {super();}public Goods(int goods_id, String goods_name, int shop_id, String shop_name, int goods_cost,int goods_sell_quantity, int goods_exist_quantity) {super();this.goods_id = goods_id;this.goods_name = goods_name;this.shop_id = shop_id;this.shop_name = shop_name;this.goods_cost = goods_cost;this.goods_sell_quantity = goods_sell_quantity;this.goods_exist_quantity = goods_exist_quantity;}public Goods(int goods_id, String goods_name, int shop_id, String shop_name, String goods_describe,double goods_star, int goods_cost, int goods_sell_quantity, int goods_exist_quantity, Blob goods_photo) {super();this.goods_id = goods_id;this.goods_name = goods_name;this.shop_id = shop_id;this.shop_name = shop_name;this.goods_describe = goods_describe;this.goods_star = goods_star;this.goods_cost = goods_cost;this.goods_sell_quantity = goods_sell_quantity;this.goods_exist_quantity = goods_exist_quantity;this.goods_photo = goods_photo;}public Goods(int goods_id) {super();this.goods_id = goods_id;}public Goods(int goods_id, String goods_name, int shop_id, String shop_name, String goods_describe,double goods_star,int goods_cost, int goods_sell_quantity, int goods_exist_quantity) {super();this.goods_id = goods_id;this.goods_name = goods_name;this.shop_id = shop_id;this.shop_name = shop_name;this.goods_describe = goods_describe;this.goods_star = goods_star;this.goods_cost = goods_cost;this.goods_sell_quantity = goods_sell_quantity;this.goods_exist_quantity = goods_exist_quantity;}@Overridepublic String toString() {return "Goods [goods_id=" + goods_id + ", goods_name=" + goods_name + ", shop_id=" + shop_id + ", shop_name="+ shop_name + ", goods_describe=" + goods_describe + ", goods_star=" + goods_star + ", goods_cost="+ goods_cost + ", goods_sell_quantity=" + goods_sell_quantity + ", goods_exist_quantity="+ goods_exist_quantity + ", goods_photo=" + goods_photo + "]";}public int compareTo(Goods o) {// TODO Auto-generated method stubreturn 0;}/*Comparator for sorting the list by Student Name*/public static Comparator<Goods> goodsName = new Comparator<Goods>() {public int compare(Goods s1, Goods s2) {String Name1 = s1.getGoods_name().toUpperCase();String Name2 = s2.getGoods_name().toUpperCase();//ascending orderreturn Name1pareTo(Name2);//descending order//return StudentName2pareTo(StudentName1);}};/*Comparator for sorting the list by roll no*/public static Comparator<Goods> GoodsIdAscending = new Comparator<Goods>() {public int compare(Goods s1, Goods s2) {int n1 = (int)s1.getGoods_cost();int n2 = (int)s2.getGoods_cost();/*For ascending order*/return n1-n2;/*For descending order*///rollno2-rollno1;}};/*Comparator for sorting the list by roll no*/public static Comparator<Goods> GoodsIdDescending = new Comparator<Goods>() {public int compare(Goods s1, Goods s2) {int n1 = (int)s1.getGoods_cost();int n2 = (int)s2.getGoods_cost();/*For ascending order*/return n2-n1;/*For descending order*///rollno2-rollno1;}};
}
UserDao
package com.etc.dao;import com.etc.entity.Goods;
import com.etc.entity.Shopper;
import com.etc.entity.User;
import com.etc.util.DButil;import javax.sql.rowset.CachedRowSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;public class UserDao{//创建用户信息校验 根据用户名和密码查询用户信息//创建一个DButl 对象DButil dbutil= new DButil();//创建用户信息校验方法public Boolean checklogin(String username,String pwd) {//编写jsp语句//select * from tbl_user where userName="admin" and userPass="123456";String sql = "select * from user where user_name= ? and user_password=?";//创建结果缓冲集对象CachedRowSet crs = null;crs = dbutil.Query(sql, username,pwd);//设计一个结果resultint result = 0;try {if(crs.next()) {result = crs.getInt("user_id"); //查询用户的userId}} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}return result>0; }public List<User> getUserinfo(){List<User> list = new ArrayList<User>();String sql = "SELECT user.user_name,user.user_password,user.user_id FROM user";CachedRowSet crs = dbutil.Query(sql);System.out.println("crs的长度"+crs.size());try {while(crs.next()) {int userId = crs.getInt("user_id");String userName = crs.getString("user_name");String userPass = crs.getString("user_password");User user = new User(userId,userName,userPass);list.add(user);}} catch (Exception e) {// TODO: handle exception}return list;}public Boolean shopchecklogin(String shopname,String pwd) {//编写jsp语句//select * from tbl_user where userName="admin" and userPass="123456";String sql = "select * from shop where shop_name= ? and shop_password=?";//创建结果缓冲集对象CachedRowSet crs = null;crs = dbutil.Query(sql, shopname,pwd);//设计一个结果resultint result = 0;try {if(crs.next()) {result = crs.getInt("shop_id"); //查询用户的userId}} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}return result>0;}public Boolean shopDoubleCheck(String username){String sql = "select * from shop where shop_name= ?";CachedRowSet crs = null;crs = dbutil.Query(sql, username);//设计一个结果resultint result = 0;try {if(crs.next()) {result = crs.getInt("shop_id");//查询用户的userIdif(crs.getString("shop_id")==username){return false;}else return true;}} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}return result>0;}public int shopgetUserNumber() throws SQLException {int UserNumber=0;String sql = "SELECT COUNT(*) FROM shopping.`shop`";CachedRowSet crs = null;crs = dbutil.Query(sql);if(crs.next()) {UserNumber = crs.getInt(1);}return UserNumber;}public Boolean DoubleCheck(String username){String sql = "select * from user where user_name= ?";CachedRowSet crs = null;crs = dbutil.Query(sql, username);//设计一个结果resultint result = 0;try {if(crs.next()) {result = crs.getInt("user_id");//查询用户的userIdif(crs.getString("user_id")==username){return false;}else return true;}} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}return result>0;}public boolean addUser(User user) {String sql = "insert into user values(?,?,?,?,?)";//初始化一个result变量int result = 0;result = dbutil.update(sql, user.getUser_id(),user.getUser_name(),user.getUer_password(),user.getUser_email(),user.getUser_address());return result>0;}public boolean addShoper(Shopper shopper) {String sql = "insert into shop values(?,?,?,?,?,?,?)";//初始化一个result变量int result = 0;result = dbutil.update(sql, shopper.getShop_id(),shopper.getShop_name(),shopper.getShop_password(),shopper.getShop_email(),shopper.getShop_address(),shopper.getShop_idcardnum(),shopper.getShop_telnum());return result>0;}public int getUserNumber() throws SQLException {int UserNumber=0;String sql = "SELECT COUNT(*) FROM shopping.`user`";CachedRowSet crs = null;crs = dbutil.Query(sql);if(crs.next()) {UserNumber = crs.getInt(1);}return UserNumber;}}
GoodsDao
package com.etc.dao;import java.util.ArrayList;
import java.util.List;
import java.sql.Connection;
import javax.sql.rowset.CachedRowSet;
import com.etc.entity.Goods;
import com.etc.util.DButil;
import org.omg.Messaging.SYNC_WITH_TRANSPORT;public class GoodsDao {byte[] bs= null;DButil dbutil = new DButil();Connection con = dbutil.getCon();public List<Goods> queryAllGoodsLikeName(String like_name) {List<Goods> list = new ArrayList<Goods>();String sql ="select goods_name ,goods_photo ,goods_describe, "+ " shop_name, goods_cost ,goods_star ,goods_sell_quantity "+ " ,goods_exist_quantity ,goods_id ,shop_id from goods where"+ " goods_name like N? ";CachedRowSet crs = dbutil.Query(sql,"%"+like_name+"%");System.out.println("crs的长度:"+crs.size());try {while(crs.next()) {int goods_id = crs.getInt("goods_id");String goods_name = crs.getString("goods_name");String goods_describe = crs.getString("goods_describe");int shop_id = crs.getInt("shop_id");String shop_name = crs.getString("shop_name");double goods_star = crs.getDouble("goods_star");int goods_cost = crs.getInt("goods_cost");int goods_sell_quantity = crs.getInt("goods_sell_quantity");int goods_exist_quantity = crs.getInt("goods_exist_quantity");Goods Goods = new Goods( goods_id, goods_name, shop_id, shop_name, goods_describe,goods_star, goods_cost, goods_sell_quantity, goods_exist_quantity);list.add(Goods);System.out.println("listing serchered Goods ");//System.out.println(Goods);}} catch (Exception e) {// TODO: handle exceptione.printStackTrace();}//System.out.println("listed serchered Goods");return list;}public List<Goods> quertAllGoods(){//1.创建一个列表对象List<Goods> list = new ArrayList<Goods>();//sql语句String sql ="SELECT goods.goods_name,goods.goods_id,goods.goods_cost,goods.goods_exist_quantity,goods.goods_sell_quantity FROM goods";CachedRowSet crs = dbutil.Query(sql);System.out.println("crs的长度"+crs.size());//4.读取crs中的数据try {while(crs.next()) {int goodsid = crs.getInt("goods_id");String goodsname = crs.getString("goods_name");int goodscost = crs.getInt("goods_cost");int goodssellquantity = crs.getInt("goods_sell_quantity");int goodsexistquantity = crs.getInt("goods_exist_quantity");Goods goods = new Goods(goodsid,goodsname,goodscost,goodssellquantity,goodsexistquantity);list.add(goods);}} catch (Exception e) {// TODO: handle exception}return list;}
}
login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<!DOCTYPE html>
<html><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><title>我要成为商家</title><meta name="description" content=""><meta name="robots" content="all,follow"><link rel="stylesheet" href=".2.1/css/bootstrap.min.css"><link rel="stylesheet" href="css/style.default.css" id="theme-stylesheet"></head><body><div class="page login-page"><div class="container d-flex align-items-center"><div class="form-holder has-shadow"><div class="row"><!-- Logo & Information Panel--><div class="col-lg-6"><div class="info d-flex align-items-center"><div class="content"><div class="logo"><h1>欢迎登录</h1></div><p>华华</p></div></div></div><!-- Form Panel --><div class="col-lg-6 bg-white"><div class="form d-flex align-items-center"><div class="content"><form method="get" action="dologin.jsp" class="form-validate" id="loginFrom"><div class="form-group"><input id="login-username" type="text" name="userName" required data-msg="请输入用户名" placeholder="用户名" value="admin" class="input-material"></div><div class="form-group"><input id="login-password" type="password" name="passWord" required data-msg="请输入密码" placeholder="密码" class="input-material"></div><button id="login" type="submit" class="btn btn-primary">登录</button><div style="margin-top: -40px;"> <!-- <input type="checkbox" id="check1"/> <span>记住密码</span><input type="checkbox" id="check2"/> <span>自动登录</span> --><!--<div class="custom-control custom-checkbox " style="float: right;"><input type="checkbox" class="custom-control-input" id="check2" ><label class="custom-control-label" for="check2">自动登录</label></div>--><div class="custom-control custom-checkbox " style="float: right;"><input type="checkbox" class="custom-control-input" id="check1" ><label class="custom-control-label" for="check1">记住密码 </label></div> </div></form><br /><small>没有账号?</small><a href="register.jsp" class="signup"> 注册</a></br><small>管理员</small><a href="shoplogin.jsp" class="signup">登录</a></div></div></div></div></div></div></div><!-- JavaScript files--><script src="js/jquery.min.js"></script><script src="js/bootstrap.min.js"></script><script src="vendor/jquery-validation/jquery.validate.min.js"></script><!--表单验证--><!-- Main File--><script src="js/front.js"></script><script>$(function(){/*判断上次是否勾选记住密码和自动登录*/var check1s=localStorage.getItem("check1");var check2s=localStorage.getItem("check2");var oldName=localStorage.getItem("userName");var oldPass=localStorage.getItem("passWord");if(check1s=="true"){$("#login-username").val(oldName);$("#login-password").val(oldPass);$("#check1").prop('checked',true);}else{$("#login-username").val('');$("#login-password").val('');$("#check1").prop('checked',false);}if(check2s=="true"){$("#check2").prop('checked',true);$("#loginFrom").submit();//location="http://127.0.0.1:8020/1/Bootstrap_Material/login/login.html"+oldName+"&passWord="+oldPass;//添加退出当前账号功能}else{$("#check2").prop('checked',false);}/*拿到刚刚注册的账号*/if(localStorage.getItem("name")!=null){$("#login-username").val(localStorage.getItem("name"));}/*登录*/$("#login").click(function(){var userName=$("#login-username").val();var passWord=$("#login-password").val();/*获取当前输入的账号密码*/localStorage.setItem("userName",userName)localStorage.setItem("passWord",passWord)/*获取记住密码 自动登录的 checkbox的值*/var check1 = $("#check1").prop('checked');var check2 = $('#check2').prop('checked');localStorage.setItem("check1",check1);localStorage.setItem("check2",check2);})/*$("#check2").click(function(){var flag=$('#check2').prop('checked');if(flag){var userName=$("#login-username").val();var passWord=$("#login-password").val();$.ajax({type:"post",url:"http://localhost:8080/huahua_war_exploded/huahua/finacial/moban-181118239560/dashboard2.jsp",data:{"userName":userName,"passWord":passWord},async:true,success:function(res){alert(res);}});}})*/})</script></body>
</html>更多推荐
购物商城系统1,简单的登录页
发布评论