插入时比较值

时间:2016-06-08 10:23:07

标签: java sql servlets

我已经从用户那里获取了名称和密码并将其与我的数据库进行了比较,如果它们匹配状态是真的,如果不是它的错误。还有一列角色,输入的名称可以是用户或管理员,如果它的管理员我想要一些其他页面打开,如果它是用户我想要一些其他页面。我该怎么做。 以下代码检查管理员,因为我在插入查询中键入了admin我应该写什么更改或其他代码? 我的数据库中有3列(用户,密码,角色)。如果输入的用户名与admin在同一行(一些不同的page1.jsp应该打开),如果它与用户在同一行(一些不同的page2.jsp应该打开)。

 String name=request.getParameter("name");
            String password=request.getParameter("password");
            boolean status=false;
    try{
        Connection con=ConnectionProvider.getCon();
        String sql="select * from roles where name='" + name + "' and pass='" + password + "' and role='admin'";
        Statement stmt =con.createStatement();

        ResultSet rs=stmt.executeQuery(sql);
        if(rs.next())
        {
            status=true;
        }
    }catch(Exception e){}

if(status){
                out.print("Welcome, "+name);
                HttpSession session=request.getSession();
                session.setAttribute("name",name);
                request.getRequestDispatcher("create.html").forward(request, response);
                 //request.getRequestDispatcher("department.html").forward(request, response);
            }
            else{
                out.print("Sorry, username or password error!");
                request.getRequestDispatcher("login.html").include(request, response);
            }

1 个答案:

答案 0 :(得分:0)

String name=request.getParameter("name");
        String password=request.getParameter("password");
        boolean status=false;
String role = "";
try{
    Connection con=ConnectionProvider.getCon();
    String sql="select * from roles where name='" + name + "' and pass='" + password";
    Statement stmt =con.createStatement();
    role ="admin";
    ResultSet rs=stmt.executeQuery(sql);
    if(rs.next())
    {
        status=true;
        role=rs.getString("role");
    }
}catch(Exception e){}

if(status){
            out.print("Welcome, "+name);
            HttpSession session=request.getSession();
            session.setAttribute("name",name);
            if(role!=null && role.equals("admin") ){            
            request.getRequestDispatcher("create.html").forward(request, response);
             //request.getRequestDispatcher("department.html").forward(request, response);
            }else{
             request.getRequestDispatcher("   <SomeOther>.html").forward(request, response);
             //request.getRequestDispatcher("department.html").forward(request, response);
          }

        }
        else{
            out.print("Sorry, username or password error!");
            request.getRequestDispatcher("login.html").include(request, response);
        }
相关问题
最新问题