连接数据库是成功的,但是输入用户名和密码后跳转到错误页面
有几段代码不太确定对不对,请帮忙看一看
//login.jsp
<form name="form1" method="post" action="manager.do?action=login">
//struts-config.xml
<action name="managerForm" path="/manager" scope="request" type="com.action.Manager" validate="true">
<forward name="managerLoginok" path="/main.jsp" />
<forward name="error" path="/error.jsp" />
</action>
//Manager.java
package com.action;
import org.apache.struts.action.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.actionForm.ManagerForm;
import com.dao.ManagerDAO;
import javax.servlet.http.HttpSession;
public class Manager extends Action {
private ManagerDAO managerDAO = null;
public Manager() {
this.managerDAO = new ManagerDAO();
}
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
String action = request.getParameter("action");
if (action == null || "".equals(action)) {
return mapping.findForward("error");
} else if ("login".equals(action)) {
return managerLogin(mapping, form, request, response);
}
request.setAttribute("error", "操作失败!");
return mapping.findForward("error");
}
// 管理员身份验证
public ActionForward managerLogin(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
ManagerForm managerForm = (ManagerForm) form; //将接收到的表单信息强制转换成ActionForm类型
managerForm.setAd_name(managerForm.getAd_name());
managerForm.setAd_pwd(managerForm.getAd_pwd());
int ret = managerDAO.checkManager(managerForm);
System.out.print("验证结果ret的值:" + ret);
if (ret == 1) {
//将登录到系统的管理员名称保存到session
HttpSession session = request.getSession();
session.setAttribute("manager", managerForm.getAd_name());
return mapping.findForward("managerLoginok");
} else {
request.setAttribute("error", "您输入的管理员名称或密码错误!");
return mapping.findForward("error");
}
}
}
//ConnDB.java
//执行查询语句
public ResultSet executeQuery(String sql) {
try {
conn=getConnection();
stmt=conn.createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE,ResultSet.CONCUR_READ_ONLY);
rs=stmt.executeQuery(sql);
}
catch(SQLException ex){
System.err.println(ex.getMessage());
}
return rs;
}
//ManagerDAO.java
//管理员身份验证
public int checkManager(ManagerForm managerForm) {
int flag = 0;
ChStr chStr=new ChStr();
String sql = "SELECT * FROM Ad_info where ad_name='" +
chStr.filterStr(managerForm.getAd_name()) + "'";
ResultSet rs = conn.executeQuery(sql);
try {
if (rs.next()) {
String pwd = chStr.filterStr(managerForm.getAd_pwd()); //获取输入的密码并过滤输入字符串中的危险字符
if (pwd.equals(rs.getString(3))) {
flag = 1;
} else {
flag = 0;
}
}else{
flag = 0;
}
} catch (SQLException ex) {
flag = 0;
}finally{
conn.close();
}
return flag;
}
大概应该是这几段代码的原因,但是不清楚应该怎么修改,请帮忙看一下