我试图实现这段代码来处理用户登录,但不起作用。
它跳过代码中的if语句,这意味着用户验证或选择中出现了错误。它只是在按下提交按钮后进入错误页面
这是我在下面使用的代码
客户控制器:
HttpSession session = request.getSession();
String userName = request.getParameter("userName");
String password = request.getParameter("password");
String firstname = request.getParameter("firstname");
User.getTransaction().begin();
Query query = User.createQuery("select p from Customer where p.userName=:uName");
query.setParameter("uName", userName);
@SuppressWarnings("unchecked")
List<Customer> Result = query.getResultList();
User.close();
if(Result.size()>0)
if(Result.get(0).getPassword().equals(password))
{
Customer pass=Result.get(0);
session.setAttribute("Id", pass.getId());
String message="Welcome " + firstname;
return new ModelAndView("userpage","pass",pass);
}
return new ModelAndView("error","message","Wrong credentials");
}
登录jsp文件:
<form action="signin" method="post">
<table align="center">
<tr>
<td>
<label>User Name</label>
</td>
<td>
<input type="text" name="UserName" />
</td>
</tr>
<tr>
<td>
<label >Password</label>
</td>
<td>
<input type="text" name="password" />
</td>
</tr>
<tr>
<td></td>
<td>
<button id="login" type="submit" name="login" style="width:100%;border-
radius:10px;text-shadow:2px 2px 3px
rgba(150,150,150,0.75);font-family:time">Login</button>
</td>
</tr>
<tr>
<td><a href="register">Don't have an account? Sign Up?</a>
</td>
</tr>
</table>
</form>
- 首先,尊重
request.getParameter("UserName");
中与输入标记<input type="text" name="UserName" />
名称中相同的事例 String firstname = request.getParameter("firstname");
此行将尝试从您的POST
请求中提取参数firstname
,换句话说,它从您的登录表单中提取参数,该表单仅包含登录和密码两个字段。所以你只需要删除这行代码- 从数据库获取数据时无需使用此
User.getTransaction().begin();
- 你的查询是错误的
试试这个代码:
HttpSession session = request.getSession();
/*get username and password from the login form*/
String userName = request.getParameter("UserName");
String password = request.getParameter("password");
/*query to search customer having the username and password inserted in the login form*/
Query query = User.createQuery("select p from Customer p where p.userName = :uName and p.password = :uPassword");
query.setParameter("uName", userName);
query.setParameter("uPassword", password);
/*getting the result*/
Customer pass = (Customer) query.getSingleResult();
User.close();
/*if not null, means we have found the user (correct username and password), else login failed)*/
if(pass!=null){
session.setAttribute("Id", pass.getId());
String message="Welcome " + pass.getFirstname();
}
else{
String message="Authentication Error";
}
return new ModelAndView("userpage","pass",pass);