1. 首页
  2. 问答
  3. 如何使用jsp连接mysql-connector-driver

如何使用jsp连接mysql-connector-driver

2016-03-08 42 views
0

我需要使用JSP创建登录,所以我需要使用mysql-connector-java如何使用jsp连接mysql-connector-driver

我插入的文件的jar:mysql-connector-java-5.1.38-bin.jarWEB-INF/lib目录

,我使用此代码到JSP文件:

<%@ 
     page import="java.sql.*" 
    %> 

<% 
    String DRIVER = "com.mysql.jdbc.Driver"; 
    String URL_mioDB = "jdbc:mysql://localhost:3306/ditta"; 

    try 
    { 
     Class.forName(DRIVER); 
    } 
    catch (ClassNotFoundException e) 
    { 
     System.err.println("Driver not found" + e); 
    } 

    Connection connessione = null; 
    try 
    { 
     // apro la connesione verso il database. 
     connessione = DriverManager.getConnection(URL_mioDB,"root",""); 
    } 
    catch (Exception e) 
    { 
     System.err.println("Error during connection with db : " + e); 
    } 

    String mail="",pass="",send="",query=""; 

    try 
    { 
     mail=request.getParameter("email"); 
     pass=request.getParameter("password"); 
     send=request.getParameter("send"); 

     out.println("<FORM name='F1' method='post' action='login.jsp'>"); 
      out.println("Email: <INPUT type='text' name='email' value='' placeholder='[email protected]'><BR><BR>"); 
      out.println("Password: <INPUT type='password' name='password' value=''><BR><BR>"); 
      out.println("<INPUT type='submit' name='send' value='Invia'>&nbsp;&nbsp;&nbsp;&nbsp;<INPUT type='reset' name='reset' value='Reset'>"); 
     out.println("</FORM>"); 
    } 
    catch (Exception e) 
    { 
     System.err.println(e); 
    } 

    if(send!=null && mail!="" && pass!="") 
    { 
     query="SELECT * FROM dipendenti WHERE email="+ mail + " AND password=" + pass + ""; 

     Statement statement = connessione.createStatement(); 
     ResultSet resultSet = statement.executeQuery(query); 
     ResultSetMetaData rsmd = resultSet.getMetaData(); 

     for(int i=0;i<=rsmd.getColumnCount();i++) 
     { 
      out.println(resultSet.getString(i)); 
      } 
    } 

%>

之后,当我点击发送按钮页面给我这个错误:

errors image

来源

2016-03-08 Silvia B

+0

不管怎样,你必须粘贴错误(“...发生处理JSP页面的异常...”)不应该是您得到的唯一错误消息。尝试搜索日志以获取更具体的消息。 –

回答

0

这里猜测有点...

我想这可能是关于如何将参数值传递给查询。因此,如果邮件是“[email protected]”,密码为“是”,那么你的查询结束是:

SELECT * FROM dipendenti WHERE [email protected] AND password=a

这不是一个正确的SQL。你错过了引号/撇号。我想尝试达到这样的查询:

SELECT * FROM dipendenti WHERE email='[email protected]' AND password='a'

这就需要你如何定义

query=...

与此同时一个简单的变化,我知道这是不是你问这里,但我强烈建议你应该阅读约SQL Injection on Wikipedia。你在这里做的不是接受用户输入到你的后端程序并最终进入数据库的正确方式。

对于这种非常具体的用例JDBC(和数据库)编制报表的概念: http://docs.oracle.com/javase/tutorial/jdbc/basics/prepared.html

所以,你会用类似的东西开始:

// not tested 
    query="SELECT * FROM dipendenti WHERE email=? AND password=?"; 
    PreparedStatement statement = connessione.prepareStatement(query); 

    statement.setString(1, mail); 
    statement.setString(2, pass); 

    ResultSet resultSet = statement.executeQuery();

来源

2016-03-08 22:24:02

相关问题

 相关问题