读取本地 cookies 的 username 和 password 字段,和数据库中记录进行判断

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ page import="java.io.*,java.util.*" %>
<%@ page import="com.mysql.jdbc.Driver, java.sql.*" %>

<jsp:useBean id="usero" class="wxy.jsp.novel.UserO" scope="session" />
<jsp:useBean id="sqlM" class="wxy.jsp.mysql.sqlBean" scope="session" />

<%
	String username = request.getParameter("username");
	String password = null;
	Cookie cookie = null;
	Cookie[] cookies = null;
	String MSG = "";

	// 读取 cookie
	cookies = request.getCookies();
	if (cookies != null)
	{
		for (int i = 0; i < cookies.length; i++)
		{
			cookie = cookies[i];
			
			if (cookie.getName().equals("username"))
			{
				username = java.net.URLDecoder.decode(cookie.getValue(), "utf-8");
			}
			else if (cookie.getName().equals("password"))
			{
				password = java.net.URLDecoder.decode(cookie.getValue(), "utf-8");
			}
		}
	}
	if (username == null) username = "";
	if (password == null) password = "";

	if (username != null && password != null && !username.equals("") && !password.equals("")) // 带参数
	{
		if (sqlM.SafeCheck(username) == false || sqlM.SafeCheck(password) == false)
		{
			MSG = "alert('非法账号/密码输入');";
		}
		else
		{
			// 搜索数据库
			String sql = "SELECT * from users where username = '" + username + "' and password = '" + password + "'";
			ResultSet rs = sqlM.executeQuery(sql);
			if (rs != null && rs.next() == true)
			{
				usero.setUsername(username);
				usero.setPassword(password);

				String username_code = java.net.URLEncoder.encode(username, "UTF-8");
				String password_code = java.net.URLEncoder.encode(password, "UTF-8");
				Cookie username_cookie = new Cookie("username", username_code);
				Cookie password_cookie = new Cookie("password", password_code);
				username_cookie.setMaxAge(60*60*24*3);
				password_cookie.setMaxAge(60*60*24*3);
				response.addCookie(username_cookie);
				response.addCookie(password_cookie);

				response.setStatus(response.SC_MOVED_TEMPORARILY);
				response.setHeader("Location", "account.jsp");

				return ;
			}
		}

		
	}
%>