/*
* Generated by MyEclipse Struts
* Template path: templates/java/JavaClass.vtl
*/
package com.school.struts.action;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import com.school.struts.form.MloginForm;
public class MloginAction extends Action {
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
MloginForm mloginForm = (MloginForm) form; // TODO Auto-generated method stub
String username = mloginForm.getUsername();
String password = mloginForm.getPassword();
if(username.length()==0||password.length()==0){
return mapping.getInputForward();
}
System.out.println("managername=" + username + " password=" + password);
Statement stmt =null;
ResultSet rs = null;
String sql = "select * from managersdata where managername = '"
+ username + "' and password = '" + password + "'";
try{
Class.forName("com.mysql.jdbc.Driver");
Connection conn = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/logistics", "root", "123456");
stmt = conn.createStatement();
rs = stmt.executeQuery(sql);
if (username.equals(mloginForm.getUsername()) && password.equals(mloginForm.getPassword())){
return mapping.findForward("success");
}else{
request.setAttribute("errorinfo", "用户名或者密码不正确!");
return mapping.findForward("failure");
}
// else return mapping.getInputForward();
} catch (Exception ex) {
System.out.println(ex.getMessage());
} finally {
try {
rs.close();
stmt.close();
} catch (SQLException e) {
e.printStackTrace();
}
}
return mapping.getInputForward();
}
}
代码如上,登陆的时候无论数据库中是否有管理员的数据都登陆成功 怎么解决。。