投稿
  1. 首页
  2. sql

java链接mysql数据库实现登陆如何验证?

法语小助手 2023-5-3 sql 阅读 5

java链接mysql数据库实现登陆如何验证?,第1张

//这是我以前写的核对数据库实现登陆的方法,你只看jdbc部分就好,我还特地给你加了点注释\x0d\x0aString sql = "select username,password from account"\x0d\x0aString user = request.getParameter("user")\x0d\x0aString pass = request.getParameter("password")\x0d\x0aint j = 0\x0d\x0aConnection conn = null\x0d\x0aPreparedStatement ps = null\x0d\x0aResultSet rs = null\x0d\x0atry {\x0d\x0aconn = JDBCTools1.getConnection()\x0d\x0aps = conn.prepareStatement(sql)\x0d\x0ars = ps.executeQuery()\x0d\x0a//从表中查询获取所有账户的用户名&密码的ResultSet 对象\x0d\x0awhile(rs.next()){\x0d\x0aint i = 0\x0d\x0a\x0d\x0aString username[] = new String[10]//用户名数组\x0d\x0aString password[] = new String[10]//密码数组\x0d\x0ausername[i] = rs.getString(1)\x0d\x0apassword[i] = rs.getString(2)\x0d\x0aif(user.equals(username[i])&&pass.equals(password[i])){//比对\x0d\x0aresponse.getWriter().print("you are welcome!")\x0d\x0aj++\x0d\x0a}else if(user.equals(username[i])&&!pass.equals(password[i])){\x0d\x0aresponse.getWriter().println("the realy password is :"+ username[i] +","+password[i]+"\r\n")\x0d\x0aresponse.getWriter().println("and you password is :"+user +","+pass+" :so the username or password may not right")\x0d\x0aj++\x0d\x0a}else{\x0d\x0acontinue\x0d\x0a}\x0d\x0ai++\x0d\x0a}\x0d\x0aif(j == 0){\x0d\x0aresponse.getWriter().println("Your username may not be properly")\x0d\x0a}\x0d\x0a} catch (Exception e) {\x0d\x0ae.printStackTrace()\x0d\x0a}finally{\x0d\x0aJDBCTools1.release(rs, ps, conn)\x0d\x0a}\x0d\x0a//这是我JDBCTools的getConnection方法\x0d\x0agetConnection{\x0d\x0aString driverClass = oracle.jdbc.driver.OracleDriver\x0d\x0aString jdbcUrl = jdbc:oracle:thin:@localhost:1521:orcl\x0d\x0a//你的数据库的用户名密码\x0d\x0aString user = null\x0d\x0aString password = null\x0d\x0a// 通过反射创建Driver对象\x0d\x0aClass.forName(driverClass)\x0d\x0areturn DriverManager.getConnection(jdbcUrl, user, password)}\x0d\x0a//这是我JDBCTools的release方法\x0d\x0apublic static void release(ResultSet rs, Statement statement,\x0d\x0aConnection conn) {\x0d\x0aif (rs != null) {\x0d\x0atry {\x0d\x0ars.close()\x0d\x0a} catch (SQLException e) {\x0d\x0ae.printStackTrace()\x0d\x0a}\x0d\x0a}\x0d\x0a\x0d\x0aif (statement != null) {\x0d\x0atry {\x0d\x0astatement.close()\x0d\x0a} catch (Exception e2) {\x0d\x0ae2.printStackTrace()\x0d\x0a}\x0d\x0a}\x0d\x0a\x0d\x0aif (conn != null) {\x0d\x0atry {\x0d\x0aconn.close()\x0d\x0a} catch (Exception e2) {\x0d\x0ae2.printStackTrace()\x0d\x0a}\x0d\x0a}\x0d\x0a}

刚好上次讲三层架构.有现成的例子

以一个验证登陆为例子

这里是界面层一般叫UIL

protected void Button1_Click(object sender, EventArgs e)

{

List<User>Users = BAL.GetUserInfo(txtUserName.Text,txtPassword.Text)

if(Users.Length >0)

{

Response.Write("登陆成功")

}

else

{

Response.Write("登陆失败")

}

}

以下是逻辑层代码,业务逻辑层一般叫BLL

public static List<User>GetUserInfo(string user,string password)

{

string newPassword = GetMD5Hash(password)//这里对密码进行加密处理,数据库中存放的是经过MD5加密后的密,业务逻辑层一般都是处理复杂的逻辑.例如加密逻辑

List<User>Users = DAL.GetUserInfo(user,newPassword)

return Users

}

以下是数据访问层代码,数据访问层一般叫DAL

public static List<User>GetUserInfo(string user,string password)

{

List<User>Users = new List<User>()

string sql = "select * from User where Password = '"+password+"' and User = '"+user+"'"//写where子句的时候把Password放前面.因为Password经过加密,所以可以防止SQL注入攻击

SqlDataAdapter da = new SqlDataAdapter(sql,"这里是数据库连接字符串")

DataSet ds = new DataSet()

da.Fill(ds)

for(int i=0i<ds.Tables[0].Rows.Counti++)

{

User user = new User(ds.Tables[0].Rows[i]["ID"].ToString(),ds.Tables[0].Rows[i]["User"].ToString(),ds.Tables[0].Rows[i]["Password"].ToString())

Users.Add(user)

}

return Users

}

还会有一个Model层.叫做模板层.是数据表结构的印射.Model层是共用层,其他三层都要用到.

比如数据库中有张表User,里面有3个字段ID,User,Password

那么在模板层中应该有一个类,数据库中User表的一行对应一个User对象,一张表对应User对象的集合.

public class User

{

string ID

string User

string Password

//重载构造函数

User(string id,string user,string password)

{

this.ID=id

this.User=user

this.Password=password

}

}

//这是我以前写的核对数据库实现登陆的方法,你只看jdbc部分就好,我还特地给你加了点注释

String sql = "select username,password from account"

String user = request.getParameter("user")

String pass = request.getParameter("password")

int j = 0

Connection conn = null

PreparedStatement ps = null

ResultSet rs = null

try {

conn = JDBCTools1.getConnection()

ps = conn.prepareStatement(sql)

rs = ps.executeQuery()

//从表中查询获取所有账户的用户名&密码的ResultSet 对象

while(rs.next()){

int i = 0

String username[] = new String[10]//用户名数组

String password[] = new String[10]//密码数组

username[i] = rs.getString(1)

password[i] = rs.getString(2)

if(user.equals(username[i])&&pass.equals(password[i])){//比对

response.getWriter().print("you are welcome!")

j++

}else if(user.equals(username[i])&&!pass.equals(password[i])){

response.getWriter().println("the realy password is :"+ username[i] +","+password[i]+"\r\n")

response.getWriter().println("and you password is :"+user +","+pass+" :so the username or password may not right")

j++

}else{

continue

}

i++

}

if(j == 0){

response.getWriter().println("Your username may not be properly")

}

} catch (Exception e) {

e.printStackTrace()

}finally{

JDBCTools1.release(rs, ps, conn)

}

//这是我JDBCTools的getConnection方法

getConnection{

String driverClass = oracle.jdbc.driver.OracleDriver

String jdbcUrl = jdbc:oracle:thin:@localhost:1521:orcl

//你的数据库的用户名密码

String user = null

String password = null

// 通过反射创建Driver对象

Class.forName(driverClass)

return DriverManager.getConnection(jdbcUrl, user, password)}

//这是我JDBCTools的release方法

public static void release(ResultSet rs, Statement statement,

Connection conn) {

if (rs != null) {

try {

rs.close()

} catch (SQLException e) {

e.printStackTrace()

}

}

if (statement != null) {

try {

statement.close()

} catch (Exception e2) {

e2.printStackTrace()

}

}

if (conn != null) {

try {

conn.close()

} catch (Exception e2) {

e2.printStackTrace()

}

}

}

欢迎分享,转载请注明来源:内存溢出

原文地址: http://outofmemory.cn/sjk/9940458.html

(0)
打赏 微信扫一扫 微信扫一扫 支付宝扫一扫 支付宝扫一扫
法语小助手 法语小助手 一级用户组
0 0
上一篇 2023-05-03
下一篇 2023-05-03

发表评论

登录后才能评论

评论列表(0条)

保存