public class StaffDao {
//验证登录
public String CheckLogin(String username, String password){
String id = null;
String sql="select * from staff where staff_name='"+username+"' and staff_password='"+password+"'";
Statement stat = null;
ResultSet rs = null;
Connection conn = new DBHelper().getConn();
try{
stat = conn.createStatement();//请问这行问题出在哪?
rs = stat.executeQuery(sql);
while (rs.next()) {
id = rs.getString("staff_no");
}
}
catch(SQLException ex){}
return id;
}
//验证密码
public boolean CheckPassword(String id, String password){
boolean ps = false;
String sql="select *from staff where staff_no='"+id+"' and staff_password='"+password+"'";
Statement stat = null;
ResultSet rs = null;
Connection conn = new DBHelper().getConn();
try{
stat = conn.createStatement();
rs = stat.executeQuery(sql);
while (rs.next()) {
ps=true;
}
}
catch(SQLException ex){}
return ps;
}