新建表:
admin:id,name ,password <pk>id
直接在表admin中添加一个管理员:1,hongten,132
新建web 项目:
在WebRoot目录先新建一个文件夹:admin
login.jsp
代码; <%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@ include file="/header.jsp"%> <style> * { font-family: "宋体"; font-size: 14px } </style> <script type="text/javascript" src="${ctx}/js/validation-framework.js"></script> <p align="center"> 请您输入用户名与密码 </p> <form id="form2" name="form2" method="post" action="${ctx}/admin/user" onsubmit="return doValidate(this)"> <input type="hidden" name="q" value="login"> <table width="500" border="0" align="center"> <tr><td width="100">用户名:</td> <td width="400"> <input name="username" type="text" id="username" size="20" ></td> </tr> <tr><td>密码:</td> <td> <input name="password" type="password" id="password" size="20"></td> </tr> <tr> <td></td><td> <input type="submit" name="Submit" value="提交" > <input type="reset" name="Reset" value="重置" > </td></tr> </table> </form> <%@ include file="/footer.htm"%>
-------------------------------------Hongten------------------------------------------------
loginFail.jsp
代码;
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@ include file="/header.jsp"%> <html> <head> <title>login fail</title> </head> <body> 对不起,输入的用户名与密码不正确。<br> <a href="${ctx}/admin/login.jsp">重新登录</a> </body> </html>
-------------------------------------Hongten------------------------------------------------
AdminUserServlet.java
代码;
package webbook.guestbook; import java.io.IOException; import java.util.List; import javax.servlet.*; import javax.servlet.http.*; import webbook.util.*; import org.apache.commons.dbutils.handlers.MapListHandler;
public class AdminUserServlet extends HttpServlet { private static final long serialVersionUID = 5801558969966197290L;
public void login(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String message = ""; String username = request.getParameter("username"); String password = request.getParameter("password");
if (StringUtil.validateNull(username)) { message = "对不起,姓名不能为空,请您重新输入!<br>"; } else if (StringUtil.validateNull(password)) { message = "对不起,密码不能为空,请您重新输入!<br>"; } else { String param[] = { username, password }; OracleUtil db = new OracleUtil("java:/comp/env/jdbc/oracleds"); db.init(); List result = (List) db.query("select id from admin where username=? and password=?", param, new MapListHandler()); if (result.size() == 0) { message = "对不起,用户名或者密码错误"; request.setAttribute("guesbook.admin.login.message", message); request.getRequestDispatcher("/admin/loginFail.jsp").forward(request, response); } else { HttpSession session = request.getSession(); session.setAttribute("guesbook.admin.username", username); response.sendRedirect(request.getContextPath()+"/admin/secure/manage?q=list"); } } }
public void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); session.removeAttribute("guesbook.admin.username"); response.sendRedirect(request.getContextPath()+"/admin/login.jsp"); }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String method = request.getParameter("q"); if (method != null && method.equals("login")) { login(request, response); } else { logout(request, response); } }
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
-------------------------------------Hongten------------------------------------------------
AuthenticationFilter.java
代码:
package webbook.guestbook; import java.io.IOException; import javax.servlet.*; import javax.servlet.http.*;
public class AuthenticationFilter implements Filter { String url = "/";
public void destroy() { }
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; HttpSession session = req.getSession(); if (session.getAttribute("guesbook.admin.username") == null) { res.sendRedirect(req.getContextPath() + url); } else { chain.doFilter(request, response); } }
public void init(FilterConfig config) throws ServletException { url = config.getInitParameter("url"); } }
-------------------------------------Hongten------------------------------------------------
web.xml
代码:
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <filter> <filter-name>EncodingFilter</filter-name> <filter-class>webbook.chapter15.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> </filter> <filter> <filter-name>AuthenticationFilter</filter-name> <filter-class>webbook.guestbook.AuthenticationFilter</filter-class> <init-param> <param-name>url</param-name> <param-value>/admin/login.jsp</param-value> </init-param> </filter> <filter-mapping> <filter-name>EncodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>AuthenticationFilter</filter-name> <url-pattern>/admin/secure/*</url-pattern> </filter-mapping> <servlet> <servlet-name>AddMessageServlet</servlet-name> <servlet-class>webbook.guestbook.AddMessageServlet</servlet-class> </servlet> <servlet> <servlet-name>GetMessagesServlet</servlet-name> <servlet-class>webbook.guestbook.GetMessagesServlet</servlet-class> </servlet> <servlet> <servlet-name>ManageServlet</servlet-name> <servlet-class>webbook.guestbook.ManageServlet</servlet-class> </servlet> <servlet> <servlet-name>AdminUserServlet</servlet-name> <servlet-class>webbook.guestbook.AdminUserServlet</servlet-class> </servlet>
<servlet-mapping> <servlet-name>AddMessageServlet</servlet-name> <url-pattern>/servlet/addMessage</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>GetMessagesServlet</servlet-name> <url-pattern>/servlet/getMessages</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>AdminUserServlet</servlet-name> <url-pattern>/admin/user</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>ManageServlet</servlet-name> <url-pattern>/admin/secure/manage</url-pattern> </servlet-mapping> </web-app>
-------------------------------------Hongten------------------------------------------------
ManagerServlet.java
代码:
package webbook.guestbook; import java.io.IOException; import java.util.List; import javax.servlet.ServletException; import javax.servlet.http.*; import org.apache.commons.dbutils.handlers.BeanListHandler; import webbook.util.OracleUtil;
public class ManageServlet extends HttpServlet { OracleUtil db = null; private static final long serialVersionUID = 204655027689309554L;
public void edit(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String params[] = { request.getParameter("id") }; String sql = "select * from guestbook where id=?"; List list = (List) db.query(sql, params, new BeanListHandler(Guestbook.class)); request.setAttribute("guestbook.admin.edit", list.get(0)); request.getRequestDispatcher("/admin/secure/edit.jsp").forward(request, response); }
public void update(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String params[] = { request.getParameter("name"), request.getParameter("email"), request.getParameter("phone"), request.getParameter("title"), request.getParameter("content"), request.getParameter("id") }; int i = db.update("update guestbook set name=?,email=?,phone=?,title=? ,content=? where id=?", params); if (i == 1) { request.setAttribute("guestbook.admin.update.message", "更新成功!"); Guestbook gb = new Guestbook(); gb.setId(Integer.parseInt(request.getParameter("id"))); gb.setName(request.getParameter("name")); gb.setEmail(request.getParameter("email")); gb.setPhone(request.getParameter("phone")); gb.setTitle(request.getParameter("title")); gb.setContent(request.getParameter("content")); request.setAttribute("guestbook.admin.edit", gb); } else { request.setAttribute("guestbook.admin.update.message", "更新失败!"); } request.getRequestDispatcher("/admin/secure/updateResult.jsp").forward(request, response); }
public void delete(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String params[] = { request.getParameter("id") }; int i = db.update("delete from guestbook where id=?", params); if (i == 1) { request.setAttribute("guestbook.admin.delete.message", "删除成功"); } else { request.setAttribute("guestbook.admin.delete.message", "删除失败"); } request.getRequestDispatcher("/admin/secure/deleteResult.jsp").forward(request, response); }
public void list(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { List list = (List) db.query("select id,name,title from guestbook order by id desc", null, new BeanListHandler( Guestbook.class)); request.setAttribute("guestbook.admin.list", list); request.getRequestDispatcher("/admin/secure/list.jsp").forward(request, response); }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { db = new OracleUtil("java:/comp/env/jdbc/oracleds"); db.init(); String method = request.getParameter("q"); if(method==null){ method="list"; } if (method.equals("edit")) { edit(request, response); } else if (method.equals("delete")) { delete(request, response); } else if (method.equals("update")) { update(request, response); } else { list(request, response); } }
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } }
-------------------------------------Hongten------------------------------------------------
updateResult.jsp
代码:
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> <%@ include file="/header.jsp" %> <style>* { font-family: "宋体";font-size: 14px}</style> <center> <c:out value="${requestScope['guestbook.admin.update.message']}"/><br> <c:set var="gb" value="${requestScope['guestbook.admin.edit']}" /> <table width="600" border="1" bordercolor="000000" style="table-layout: fixed; word-break: break-all"> <tr><td width="100" bordercolor="ffffff">编号:</td> <td width="500" bordercolor="ffffff"><c:out value="${gb.id}"/></td> </tr> <tr><td bordercolor="ffffff">姓名:</td> <td bordercolor="ffffff"><c:out value="${gb.name}"/></td> </tr> <tr><td bordercolor="ffffff">电话:</td> <td bordercolor="ffffff"><c:out value="${gb.phone}" default="没填" /></td> </tr> <tr><td bordercolor="ffffff">email: </td> <td bordercolor="ffffff"><c:out value="${gb.email}" default="没填" /></td> </tr> <tr><td bordercolor="ffffff">主题: </td><td bordercolor="ffffff"><c:out value="${gb.title}" default="没填" /></td> </tr> <tr><td valign="top" bordercolor="ffffff">内容: </td> <td valign="top" bordercolor="ffffff"><c:out value="${gb.content}" default="没填" escapeXml="false"/></td> </tr> <tr><td bordercolor="ffffff">时间:</td> <td bordercolor="ffffff"><c:out value="${gb.time}"/></td> </tr> </table> </center> <br><a href="${ctx}/admin/secure/manage?q=list">返回管理首页</a><br> <%@ include file="/footer.htm"%>
-------------------------------------Hongten------------------------------------------------
deleteResult.jsp
代码:
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> <%@ include file="/header.jsp" %> <style>* { font-family: "宋体";font-size: 14px}</style> <center> <c:out value="${requestScope['guestbook.admin.delete.message']}"/><br> <a href="${ctx}/admin/secure/manage?q=list">返回管理首页</a><br> </center> <%@ include file="/footer.htm"%>
list.jsp
代码;
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> <%@ include file="/header.jsp"%> <style> * {font-family: "宋体";font-size: 14px} </style> <center> <a href="${ctx}/admin/user?q=logout">退出登录</a><br><br> 所有留言内容<br><br> <c:forEach items="${requestScope['guestbook.admin.list']}" var="gb"> <table width="600" border="1" bordercolor="000000" style="table-layout: fixed; word-break: break-all"> <tr><td width="100" bordercolor="ffffff">留言编号: </td><td width="500" bordercolor="ffffff">${gb.id}</td> </tr> <tr><td bordercolor="ffffff">作者:</td> <td bordercolor="ffffff"><c:out value="${gb.name}" default="没填" /></td> </tr> <tr><td bordercolor="ffffff">主题: </td><td bordercolor="ffffff"><c:out value="${gb.title}" default="没填" /></td> </tr> <tr><td width="100" bordercolor="ffffff">操作选项:</td> <td width="500" bordercolor="ffffff"> <a href="${ctx}/admin/secure/manage?q=edit&id=${gb.id}">编辑</a> <a href="${ctx}/admin/secure/manage?q=delete&id=${gb.id}">删除</a></td> </tr> </table> <br> </c:forEach> </center> <%@ include file="/footer.htm"%>
-------------------------------------Hongten------------------------------------------------
edit.jsp
代码:
<%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%> <%@ include file="/header.jsp"%> <style>* { font-family: "宋体"; font-size: 14px }</style> <script type="text/javascript" src="${ctx}/fckeditor/fckeditor.js"></script> <p align="center">修改留言</p> <p align="center"> <br><a href="${ctx}/admin/secure/manage?q=list">返回管理首页</a>|<a href="${ctx}/admin/user?q=logout">退出登录</a><br></p> <c:set var="gb" value="${requestScope['guestbook.admin.edit']}" /> <form id="form1" name="form1" method="post" action="${ctx}/admin/secure/manage"> <input type="hidden" name="id" value="${gb.id}"> <input type="hidden" name="q" value="update"> <table width="650" height="400" border="0" align="center"> <tr><td width="150">姓名:</td> <td width="500"> <input name="name" type="text" id="name" size="40" value="${gb.name}" > </td></tr> <tr><td>E-Mail:</td><td> <input name="email" type="text" id="email" size="40" value="${gb.email}" ></td></tr> <tr><td>电话:</td><td> <input name="phone" type="text" id="phone" size="40" value="${gb.phone}" > </td></tr> <tr><td>主题:</td><td> <input name="title" type="text" id="title" size="80" value="${gb.title}" > </td></tr> <script type="text/javascript"> window.onload = function(){ var oFCKeditor = new FCKeditor( 'content' ) ; oFCKeditor.BasePath = '${ctx}/fckeditor/' ; oFCKeditor.ToolbarSet = 'Basic'; oFCKeditor.Height = 300 ; oFCKeditor.ReplaceTextarea() ; } </script> <tr><td valign="top">内容:</td><td> <textarea name="content" rows="10" cols="80">${gb.content}</textarea> </td></tr> <tr><td></td><td> <input type="submit" name="Submit" value="提交" /> <input type="reset" name="Reset" value="重置" /> </td></tr> </table> </form> <%@ include file="/footer.htm"%>