J2EE课的上机题，实现一个Model1模式的购物网站的功能。

编码问题

编码问题终于找到解决方法了，首先保证每个页面能编码的都编成UTF-8，然后所有用到内置对象的地方上来先.setCharacterEncoding("UTF-8");，然后重要的是在Servers工程(集成了Tomcat的Eclipse里一定有)里，将server.xml中第一个Connector双标签添加属性URIEncoding="UTF-8"。

如果添加在了Tomcat的config路径下的server.xml中，每次重启Tomcat都会被这个Servers工程下的文件覆盖，不能永久生效。

数据库部分

product表

shop_records表

user表

MSDBConn.java

package myJDBC;import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;public class MSDBConn {private Statement stmt = null;private java.sql.PreparedStatement ppstmt = null;private Connection conn = null;ResultSet rs = null;// 在构造器中连接public MSDBConn() {try {// 加载驱动Class.forName("com.mysql.jdbc.Driver");// 建立连接String url = "jdbc:mysql://localhost:3306/SHOPDB?useSSL=true&characterEncoding=utf8";conn = DriverManager.getConnection(url, "root", "3838438");} catch (ClassNotFoundException e) {e.printStackTrace();} catch (SQLException e) {e.printStackTrace();}}// 获取Connection对象的引用,方便后面的编程public Connection getConn() {return this.conn;}// 提供做查询的服务public ResultSet executeQuery(String sql) {try {stmt = conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE);rs = stmt.executeQuery(sql);} catch (SQLException e) {e.printStackTrace();}return rs;}// 提供修改表的服务public int executeUpdate(String sql) {int n = 0;try {ppstmt = conn.prepareStatement(sql);n = ppstmt.executeUpdate();} catch (SQLException e) {e.printStackTrace();}return n;}// 关闭SQL语句对象public void closeStmt() {try {if (stmt != null)stmt.close();if (ppstmt != null)ppstmt.close();} catch (SQLException e) {e.printStackTrace();}}// 关闭连接public void closeConn() {try {conn.close();} catch (SQLException e) {e.printStackTrace();}}
}

POJO

BuyTable.java

package myPOJO;import java.io.Serializable;
import java.sql.Date;//用户购物的表
public class BuyTable implements Serializable {private Integer id;private Integer userId;private Integer productId;private Integer number;private Date shopDate;public Integer getId() {return id;}public void setId(Integer id) {this.id = id;}public Integer getUserId() {return userId;}public void setUserId(Integer userId) {this.userId = userId;}public Integer getProductId() {return productId;}public void setProductId(Integer productId) {this.productId = productId;}public Integer getNumber() {return number;}public void setNumber(Integer number) {this.number = number;}public Date getShopDate() {return shopDate;}public void setShopDate(Date shopDate) {this.shopDate = shopDate;}}

ShopTable.java

package myPOJO;import java.io.Serializable;
import java.sql.Date;//购物记录表
public class ShopTable implements Serializable {private Integer id;private Integer userId;private Integer productId;private Integer number;private Date shopDate;public Integer getId() {return id;}public void setId(Integer id) {this.id = id;}public Integer getUserId() {return userId;}public void setUserId(Integer userId) {this.userId = userId;}public Integer getProductId() {return productId;}public void setProductId(Integer productId) {this.productId = productId;}public Integer getNumber() {return number;}public void setNumber(Integer number) {this.number = number;}public Date getShopDate() {return shopDate;}public void setShopDate(Date shopDate) {this.shopDate = shopDate;}
}

UserTable.java

package myPOJO;import java.io.Serializable;//user表
public class UserTable implements Serializable {private Integer id;private String username;private String password;public int getId() {return id;}public void setId(int id) {this.id = id;}public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}}

web.mxl

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0"><display-name>t3</display-name><welcome-file-list><welcome-file>first.jsp</welcome-file></welcome-file-list>
</web-app>

JSP页面

这回就能体会到Model1有多么混乱了。

first.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>登录购物车模拟系统</title>
</head>
<body style="text-align:center;" bgcolor="#CECEFF">
<h1>登录"购物车模拟系统"</h1>
<br/>
<h2>15121856刘知昊</h2>
<br/>
<form action="validate.jsp" method="post"><h3 style="display: inline;">用户名：</h3><input type="text" name="username" size="20"/><br/><br/><br/><br/><h3 style="display: inline;">密码：&nbsp;</h3><input type="password" name="password" size="20"/><br/><br/><input type="submit" value="登录"/><input type="reset" value="重置"/><br/><br/><a href="admin.jsp">转到管理员视角</a>
</form>
</body>
</html>

admin.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myJDBC.*,java.util.*,java.sql.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>管理员界面</title>
</head>
<body style="text-align:center;" bgcolor="#CECEFF">
<h1>管理员视角</h1>
*****************************************************************
*****************************************************************
<table align="center" bgcolor="#CEEEFF">
<tr><td><form action="delPeople.jsp" method="post"><table border="1"><caption>用户信息表</caption><tr><th>id</th><th>username</th><th>password</th><th>选定</th></tr><%//建立连接MSDBConn msdbc=new MSDBConn();try{String sql="SELECT * FROM user";ResultSet rs=msdbc.executeQuery(sql);while(rs.next()){%><tr><td><%=rs.getInt(1)%></td><td><%=rs.getString(2)%></td><td><%=rs.getString(3)%></td><td><input type="radio" value="<%=rs.getInt(1)%>" name="delPeo"></td></tr><%}rs.close();}catch(SQLException e){e.printStackTrace();}msdbc.closeStmt();%></table><input type="submit" value="删除"><input type="reset" value="重置"></form></td><td><form action="addPeople.jsp" method="post"><table><caption>添加用户信息</caption><tr><td>用户名:</td><td><input type="text" name="username" size="20"/></td></tr><tr><td>密码:</td><td><input type="password" name="password" size="20"/></td></tr></table><input type="submit" value="添加"><input type="reset" value="重置"></form></td>
</tr>
</table>
*****************************************************************
*****************************************************************
<table align="center" bgcolor="#CEEEFF">
<tr><td><form action="delProduct.jsp" method="post"><table border="1"><caption>商品信息表</caption><tr><th>id</th><th>productCode</th><th>productName</th><th>productSource</th><th>选定</th></tr><%try{String sql="SELECT * FROM product";ResultSet rs=msdbc.executeQuery(sql);while(rs.next()){%><tr><td><%=rs.getInt(1)%></td><td><%=rs.getInt(2)%></td><td><%=rs.getString(3)%></td><td><%=rs.getString(4)%></td><td><input type="radio" value="<%=rs.getInt(1)%>" name="delPro"></td></tr><%}rs.close();}catch(SQLException e){e.printStackTrace();}msdbc.closeStmt();msdbc.closeConn();%></table><input type="submit" value="删除"><input type="reset" value="重置"></form></td><td><form action="addProduct.jsp" method="post"><table><caption>添加商品信息</caption><tr><td>商品编号:</td><td><input type="text" name="productCode" size="20"/></td></tr><tr><td>商品名:</td><td><input type="text" name="productName" size="20"/></td></tr><tr><td>生产公司:</td><td><input type="text" name="productSource" size="20"/></td></tr></table><input type="submit" value="添加"><input type="reset" value="重置"></form></td>
</tr>
</table>
*****************************************************************
*****************************************************************
<br/><br/>
<a href="first.jsp">回到客户登陆视角</a>
</body>
</html>

addPeople.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myJDBC.*,java.util.*,java.sql.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在处理添加顾客...</title>
</head>
<body><%request.setCharacterEncoding("UTF-8");String username=request.getParameter("username");System.out.println(username);String password=request.getParameter("password");if(username!=null){//建立连接MSDBConn msdbc=new MSDBConn();//插入String sql="INSERT INTO user(username,password) VALUES('"+username+"','"+password+"')";int n=msdbc.executeUpdate(sql);}response.sendRedirect("admin.jsp"); %>
</body>
</html>

addProduct.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myJDBC.*,java.util.*,java.sql.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在处理添加商品...</title>
</head>
<body><%request.setCharacterEncoding("UTF-8");int productCode=Integer.parseInt(request.getParameter("productCode"));String productName=request.getParameter("productName");String productSource=request.getParameter("productSource");if(productName!=null){//建立连接MSDBConn msdbc=new MSDBConn();//插入String sql="INSERT INTO product(productCode,productName,productSource) VALUES("+productCode+",'"+productName+"','"+productSource+"')";int n=msdbc.executeUpdate(sql);}response.sendRedirect("admin.jsp"); %>
</body>
</html>

addToCar.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="java.util.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在添加到购物车...</title>
</head>
<body>
<%request.setCharacterEncoding("UTF-8");String id=request.getParameter("productName");//如果session中的哈希表还没建立,建立一下if(session.getAttribute("myShopCar")==null){session.setAttribute("myShopCar", new HashMap<String,Integer>());}//获取session中的哈希表HashMap<String,Integer> hs_sc=(HashMap<String,Integer>)session.getAttribute("myShopCar");if(hs_sc.containsKey(id)==false && id!=null)//实体完整性hs_sc.put(id, 1);else if(id!=null)hs_sc.put(id, hs_sc.get(id)+1);
%><jsp:forward page="main.jsp"/>
</body>
</html>

buyAll.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myJDBC.*,myPOJO.*,java.util.*,java.sql.*"%>
<jsp:useBean id="nowUser" scope="page" class="myPOJO.UserTable"/>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在执行购买...</title>
</head>
<body>
<%//建立连接MSDBConn msdbc=new MSDBConn();//获取购物车中的全部商品if(session.getAttribute("myShopCar")!=null){//获取session中的哈希表HashMap<String,Integer> hs_sc=(HashMap<String,Integer>)session.getAttribute("myShopCar");Iterator iter = hs_sc.entrySet().iterator();//获取表的内容while (iter.hasNext()) {Map.Entry entry = (Map.Entry) iter.next();String key = (String)entry.getKey();Integer val = (Integer)entry.getValue();//获取当前user的JavaBean对象nowUser=(UserTable)session.getAttribute("quote");String sql="INSERT INTO shop_records(userId,productId,number,shopDate) "+"VALUES("+nowUser.getId()+","+key+","+val+",CURDATE())";msdbc.executeUpdate(sql);}}msdbc.closeStmt();msdbc.closeConn();//购买完要清空购物车session.removeAttribute("myShopCar");
%>
<jsp:forward page="main.jsp"/>
</body>
</html>

delPeople.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myJDBC.*,java.util.*,java.sql.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在处理删除顾客...</title>
</head>
<body><%request.setCharacterEncoding("UTF-8");String id=request.getParameter("delPeo");if(id!=null){//建立连接MSDBConn msdbc=new MSDBConn();//删除String sql="DELETE FROM user WHERE id="+id;int n=msdbc.executeUpdate(sql);}response.sendRedirect("admin.jsp");   %>
</body>
</html>

delProduct.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myJDBC.*,java.util.*,java.sql.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在处理删除商品...</title>
</head>
<body><%request.setCharacterEncoding("UTF-8");String id=request.getParameter("delPro");if(id!=null){//建立连接MSDBConn msdbc=new MSDBConn();//删除String sql="DELETE FROM product WHERE id="+id;int n=msdbc.executeUpdate(sql);}response.sendRedirect("admin.jsp");   %>
</body>
</html>

delShop.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="java.util.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在从购物车删除...</title>
</head>
<body>
<%request.setCharacterEncoding("UTF-8");if(session.getAttribute("myShopCar")!=null){//获取session中的哈希表HashMap<String,Integer> hs_sc=(HashMap<String,Integer>)session.getAttribute("myShopCar");//System.out.println(request.getParameter("delShop"));hs_sc.remove(request.getParameter("delShop"));}
%><jsp:forward page="shopcar.jsp"/>
</body>
</html>

error.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body style="text-align:center;" bgcolor="#CECEFF"><br/><br/><br/><br/><br/><br/><br/><br/><h1>[!]用户名或密码错误,点击<a href="first.jsp">这里</a>重新登陆</h1>
</body>
</html>

main.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myPOJO.*,myJDBC.*,java.util.*,java.sql.*"%>
<jsp:useBean id="nowUser" scope="page" class="myPOJO.UserTable"/>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>购物页面</title>
</head>
<body style="text-align:center;" bgcolor="#CECEFF">
<%nowUser=(UserTable)session.getAttribute("quote");
%><h1><%=nowUser.getUsername()%>,欢迎来购物!你可以<a href="shopcar.jsp">查看购物车</a>或者<a href="first.jsp">注销</a></h1><%--用js实现的动态显示客户端时间--%><div id="time"><script>document.getElementById('time').innerHTML ="<h2>"+new Date().toLocaleString()+ ' 星期' + '日一二三四五六'.charAt(new Date().getDay())+"</h2>";setInterval("document.getElementById('time').innerHTML=\"<h2>\"+new Date().toLocaleString()+' 星期'+'日一二三四五六'.charAt(new Date().getDay())+\"</h2>\";",1000);</script></div>
*****************************************************************
*****************************************************************<h3>以下是你全部的购买记录,也可以<a href="stat.jsp">查看统计</a></h3><table border="1" align="center" bgcolor="#CEEEFF"><tr><th>订单号</th><th>商品编号</th><th>购买数目</th><th>购买日期</th></tr>   
<%//建立连接MSDBConn msdbc=new MSDBConn();try{String sql="SELECT id,productId,number,shopDate FROM shop_records WHERE userId="+nowUser.getId();ResultSet rs=msdbc.executeQuery(sql);while(rs.next()){%><tr><td><%=rs.getInt(1)%></td><td><%=rs.getInt(2)%></td><td><%=rs.getInt(3)%></td><td><%=rs.getDate(4)%></td></tr>
<%}rs.close();}catch(SQLException e){e.printStackTrace();}msdbc.closeStmt();
%></table>
*****************************************************************
*****************************************************************<h3>现在在售的商品：</h3>   <form action="addToCar.jsp" method="post"><table border="1" align="center" bgcolor="#CEEEFF"><tr><th>额外主键</th><th>商品号</th><th>商品名</th><th>商品制造商</th><th>选定</th></tr>   
<%try{String sql="SELECT * FROM product";ResultSet rs=msdbc.executeQuery(sql);while(rs.next()){
%><tr><td><%=rs.getInt(1)%></td><td><%=rs.getInt(2)%></td><td><%=rs.getString(3)%></td><td><%=rs.getString(4)%></td><td><input type="radio" value="<%=rs.getInt(2)%>" name="productName"></td></tr>
<%}rs.close();}catch(SQLException e){e.printStackTrace();}msdbc.closeStmt();msdbc.closeConn();
%></table><input type="submit" value="添加到购物车"></form>
</body>
</html>

shopcar.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="java.util.*"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>购物车</title>
</head>
<body style="text-align:center;" bgcolor="#CECEFF"><h1>你的购物车:</h1><form action="delShop.jsp" method="post"><table border="1" align="center" bgcolor="#CEEEFF"><tr><%--TODO --%><th>商品编号</th><th>购买数目</th><th>选定</th></tr>
<% if(session.getAttribute("myShopCar")!=null){//获取session中的哈希表HashMap<String,Integer> hs_sc=(HashMap<String,Integer>)session.getAttribute("myShopCar");Iterator iter = hs_sc.entrySet().iterator();//获取内容while (iter.hasNext()) {Map.Entry entry = (Map.Entry) iter.next();String key = (String)entry.getKey();Integer val = (Integer)entry.getValue();
%><tr><td><%=key%></td><td><%=val%></td><td><input type="radio" value="<%=key%>" name="delShop"></td></tr>
<%}}
%></table><input type="submit" value="从购物车删除"></form><br/><a href="buyAll.jsp"><button>购买购物车中的全部商品</button></a><h4>在这里回到<a href="main.jsp">购物页面</a></h4>
</body>
</html>

stat.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="myPOJO.*,myJDBC.*,java.util.*,java.sql.*"%>
<jsp:useBean id="nowUser" scope="page" class="myPOJO.UserTable"/>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>查看统计</title>
</head>
<body style="text-align:center;" bgcolor="#CECEFF"><h1>统计视图如下:</h1>
*****************************************************************
*****************************************************************<h3>你在这一周(604800000毫秒)内购买的商品:</h3><table border="1" align="center" bgcolor="#CEEEFF"><tr><th>订单号</th><th>商品编号</th><th>购买数目</th><th>购买日期</th></tr>
<%//当前用户信息nowUser=(UserTable)session.getAttribute("quote");//建立连接MSDBConn msdbc=new MSDBConn();try{String sql="SELECT id,productId,number,shopDate FROM shop_records WHERE userId="+nowUser.getId();ResultSet rs=msdbc.executeQuery(sql);while(rs.next()){java.sql.Date dt=rs.getDate(4);if(System.currentTimeMillis()-dt.getTime()<604800000){
%><tr><td><%=rs.getInt(1)%></td><td><%=rs.getInt(2)%></td><td><%=rs.getInt(3)%></td><td><%=dt%></td></tr>
<%}}rs.close();}catch(Exception e){e.printStackTrace();}finally{msdbc.closeStmt();}
%></table>*****************************************************************
*****************************************************************<h3>按照商品的productId分类展示你的全部购买记录:</h3><table border="1" align="center" bgcolor="#CEEEFF"><tr><th>订单号</th><th>商品编号</th><th>购买数目</th><th>购买日期</th></tr>
<%try{String sql="SELECT id,productId,number,shopDate FROM shop_records WHERE userId="+nowUser.getId()+" ORDER BY productId";ResultSet rs=msdbc.executeQuery(sql);while(rs.next()){
%><tr><td><%=rs.getInt(1)%></td><td><%=rs.getInt(2)%></td><td><%=rs.getInt(3)%></td><td><%=rs.getDate(4)%></td></tr>
<%}rs.close();}catch(Exception e){e.printStackTrace();}finally{msdbc.closeStmt();msdbc.closeConn();}
%></table><h4>在这里回到<a href="main.jsp">购物页面</a></h4>
</body>
</html>

validate.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"pageEncoding="UTF-8" import="java.sql.*,myPOJO.UserTable"%>
<%--懒得创建对象就使用JavaBean--%>
<jsp:useBean id="msdbc" scope="page" class="myJDBC.MSDBConn"/>
<jsp:useBean id="nowUser" scope="page" class="myPOJO.UserTable"/>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>正在验证登陆...</title>
</head>
<body>
<%boolean validated=false;request.setCharacterEncoding("UTF-8");String usr=request.getParameter("username");String pwd=request.getParameter("password");//当已经有了session,且没有输入用户名或输了相同的用户名时免验证if(session.getAttribute("quote")!=null && (usr.length()<=0 || usr.equals(((UserTable)session.getAttribute("quote")).getUsername()))){validated=true;//这个其实可以去掉
%><jsp:forward page="main.jsp"/>
<%}//通过数据库进行验证else{//在验证前清空session,考虑到换号登陆session.removeAttribute("quote");//调试输出System.out.println(usr);System.out.println(pwd);String sql="SELECT id,password FROM user WHERE username='"+usr+"'";ResultSet rs=msdbc.executeQuery(sql);Integer id=null;String realpwd=null;while(rs.next()){realpwd=rs.getString(2);if(realpwd.compareTo(pwd)==0){id=rs.getInt(1);validated=true;}}rs.close();msdbc.closeStmt();msdbc.closeConn();//如果验证成功if(validated){nowUser.setId(id);nowUser.setUsername(usr);nowUser.setPassword(realpwd);//保存在session里session.setAttribute("quote",nowUser);
%><jsp:forward page="main.jsp"/>
<%}else{
%><jsp:forward page="error.jsp"/>
<%}}
%>
</body>
</html>

测试运行