登录验证,不管账号密码对还是不对,都提示"帐号或密码输入错误,请重新输入!",请大家帮忙看看是不是
MemeberInfo userInfo = JdbcTemplateTool.checkMUserLogin(pDto);
if (CTUtils.isEmpty(userInfo))
这里验证不正确? CTUtils.isEmpty(userInfo)等于true
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
String errorMsg = "";
String returnMsg = "";
HttpSession session = req.getSession();
//处理注册逻辑
String username = req.getParameter("username");
String password = req.getParameter("password");
String captcha = req.getParameter("captcha");
if(CTUtils.isNotEmpty(captcha)&&captcha.contains("验证码")){
captcha = "";
}
String ismobile = req.getParameter("ismobile");
String exp_version = req.getParameter("ieversion");
String path = req.getContextPath();
try {
if(StringUtil.isNotEmpty(username)&&StringUtil.isNotBlank(password)){//处理登录操作
logger.info("开始验证用户登录信息..............");
// 组织登录参数
Dto pDto = new BaseDto();
pDto.put("login_name", username);
pDto.put("login_pword", CTUtils.encryptBasedDes(password));
if(StringUtil.isNotBlank(captcha)){
if (!captcha.equalsIgnoreCase((String)session.getAttribute(CTConstants.SESSION_CODE))) {
logger.error("帐户[" + username + "]登陆失败.(失败原因:验证码错误!)");
errorMsg = "验证码输入错误,请重新输入!";
returnMsg = "false#"+errorMsg;
return;
}
}
// 开始获取用户信息进行验证
MemeberInfo userInfo = JdbcTemplateTool.checkMUserLogin(pDto);
if (CTUtils.isEmpty(userInfo)) {
logger.error("帐户[" + username + "]登陆失败:帐号或密码输入错误,请重新输入");
errorMsg = "帐号或密码输入错误,请重新输入!";
returnMsg = "false#"+errorMsg;
return;
}
// 判断密码
if (!CTUtils.encryptBasedDes(password).equals(userInfo.getPassword())) {
logger.error("帐户[" + username + "]登陆失败.(失败原因:密码输入错误!)");
errorMsg = "密码输入错误,请重新输入!";
returnMsg = "false#"+errorMsg;
return;
}
// 加入用户未加密的密码
returnMsg = "true#登录成功";
userInfo.setEpassword(CTUtils.decryptBasedDes(userInfo.getPassword()));
session.setAttribute(CTConstants.SESSION_MUSER, userInfo);
//记录登录日志
Dto logDto = new BaseDto();
logDto.put("user_id", userInfo.getMemeber_id());
if(req.getRemoteAddr().equals("0:0:0:0:0:0:0:1")){
logDto.put("login_ip", "127.0.0.1");
}else{
logDto.put("login_ip", req.getRemoteAddr());
}
logDto.put("login_time", CTUtils.getCurrentTime());
if(ismobile.equals("2")||ismobile.equals("3")){
logDto.put("ismobile", "1");
}else{
logDto.put("ismobile", "0");
}
logDto.put("exp_version", exp_version);
JdbcTemplateTool.addLoginLog(logDto);
//加入全局参数
//req.setAttribute("siteTitle", CTUtils.getParamValue("SITE_TITLE",req));
//logger.error("登录成功,进入主页....");
//resp.sendRedirect(RequestUtil.getBasePath(req)+"/user/index");
}else{
//如果已经登录就跳到主页
if(CTUtils.isNotEmpty(req.getSession().getAttribute(CTConstants.SESSION_MUSER))){
logger.error("已登录,进入主页....");
CTUtils.getParamToReq(req);
resp.sendRedirect(RequestUtil.getBasePath(req)+"/user/index");
}else{
logger.error("返回登录....");
CTUtils.getParamToReq(req);
req.getRequestDispatcher("/web/login.jsp").forward(req, resp);
}
}
} catch (Exception e) {
e.printStackTrace();
returnMsg = "false#用户账户或密码错误";
}finally{
RequestUtil.renderText(returnMsg);
}
}
/**
* 验证会员登录
* @param paramDto
* @return
*/
public static MemeberInfo checkMUserLogin(Dto paramDto){
MemeberInfo memberInfo = null;
DBManager dbManager = new DBManager();
try {
String sqlString = "select * from wxb_memeber t where t.account='"+paramDto.getAsString("login_name")
+"' and t.password='"+paramDto.getAsString("login_pword")+"'";
List<Dto> mList = dbManager.queryForList(sqlString);
if(CTUtils.isNotEmpty(mList)){
Dto userDto = mList.get(0);
memberInfo = new MemeberInfo();
memberInfo.setMemeber_id(userDto.getAsString("memeber_id"));
memberInfo.setAccount(userDto.getAsString("account"));
memberInfo.setName(userDto.getAsString("name"));
memberInfo.setPassword(userDto.getAsString("password"));
memberInfo.setEmail(userDto.getAsString("email"));
memberInfo.setPay_account(userDto.getAsString("pay_account"));
memberInfo.setQq_num(userDto.getAsString("qq_num"));
memberInfo.setPhone(userDto.getAsString("phone"));
memberInfo.setRecom_user(userDto.getAsString("recom_user"));
memberInfo.setRegister_time(userDto.getAsString("register_time"));
memberInfo.setVisit_code(userDto.getAsString("visit_code"));
memberInfo.setEpassword(CTUtils.decryptBasedDes(userDto.getAsString("password")));
}
} catch (Exception e) {
e.printStackTrace();
}
return memberInfo;
}