0

我的登录身份验证 login.jsp 有问题我有一个类 UsuarioLogin:

  package br.com.cad.dao;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import br.com.cad.basica.Contato;

public class UsuarioLogin {
private Contato usuario;

    public UsuarioLogin(Contato usr)
    {
        usuario=usr;
    }

        public boolean verificaLogin(){

        if(usuario.getEmail()!=null && usuario.getSenha()!=null)
        {
            try
            {
             ConnectDb con = new ConnectDb();
             String strsql="SELECT PF_EMAIL, PF_SENHA FROM DADOS_CADASTRO WHERE PF_EMAIL = ? and PF_SENHA = ?;";       
             PreparedStatement stmt = con.getConnection().prepareStatement(strsql);
             stmt.setString(1, usuario.getEmail());
             stmt.setString(2, usuario.getSenha());
             boolean logado = false;
             ResultSet rs=stmt.executeQuery();



             rs.close();
             stmt.close();
             return  logado;
            }
            catch (SQLException e) 

        {  
                e.printStackTrace(); 
                return false;
            }

        }
        return false;

}}

和我的 Servlet LoginAuthentication:

package br.com.cad.servlet;
import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import br.com.cad.basica.Contato;
import br.com.cad.dao.UsuarioLogin;


public class LoginAuthentication extends HttpServlet {

    /**
     * 
     */
    private static final long serialVersionUID = 1L;

    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        try {

        } finally {            
            out.close();
        }
    }

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        String email=request.getParameter("email");
        String senha=request.getParameter("password");
        RequestDispatcher rd = null;
        Contato user = new Contato();
        user.setEmail(email);
        user.setSenha(senha);
        UsuarioLogin ul = new UsuarioLogin(user);
        if(ul.verificaLogin())
        {
            HttpSession sessao = request.getSession();
            sessao.setAttribute("USER",email);
            rd=request.getRequestDispatcher("logado.jsp");
            rd.forward(request,response);
        }
        else
        {
            request.setAttribute("msg", "Usuário ou senha inválidos");
            rd=request.getRequestDispatcher("login.jsp");
            rd.forward(request,response);
        }
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doGet(request,response);
    }

    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}

但是我不知道如果我输入了有效的电子邮件并通过了,我是如何让用户或密码无效的!!!请问有人可以帮助我吗?

4

1 回答 1

0

我猜这loganto是指示用户是否登录的布尔标志。

您的代码中的问题是您执行了Select查询,但您从不检查是否找到了记录。你可以这样做:

ResultSet rs=stmt.executeQuery();
while(rs.next()){
  loganto=true; //a valid record was found so return true
}
rs.close();
return loganto;
于 2013-07-09T05:51:45.530 回答