Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import java.io.IOException;
- import java.sql.Connection;
- import java.sql.PreparedStatement;
- import java.sql.ResultSet;
- import java.sql.SQLException;
- import javax.servlet.RequestDispatcher;
- import javax.servlet.ServletContext;
- import javax.servlet.ServletException;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- /**
- *
- *
- * @author Punkid
- * @author Patrick
- */
- public class LoginServlet extends javax.servlet.http.HttpServlet {
- /**
- *
- */
- private static final long serialVersionUID = -657338316901350363L;
- protected void doPost(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- HttpSession session = request.getSession();
- String target = "/Denied.jsp";
- // Username auslesen
- String username = request.getParameter("username");
- // Angegebenes Login speichern
- request.setAttribute("login", username);
- // Kennwort auslesen
- String password = request.getParameter("password");
- // SQL-Statement definieren
- String statement =
- String.format("SELECT benutzername, passwort, " +
- "name, vorname, rolle, bestelllimit from Benutzer " +
- "NATURAL JOIN Benutzervorname WHERE benutzername = ? " +
- "and passwort = ? LIMIT 1");
- // Connection-Instanz abrufen
- Connection conn = db.DBVerbindung.getConnection();
- try {
- // Statement erzeugen
- PreparedStatement stmt = conn.prepareStatement(statement);
- // Parameter setzen: Login-Name
- stmt.setString(1, username);
- // Parameter setzen: Password
- stmt.setString(2, password);
- // ResultSet abrufen
- ResultSet rs = stmt.executeQuery();
- // ResultSet durchlaufen
- while(rs.next()) {
- String name = rs.getString("vorname") + " " + rs.getString("name");
- request.setAttribute("username", name);
- session.setAttribute("username", name);
- request.setAttribute("limit", rs.getDouble("bestelllimit"));
- session.setAttribute("limit", rs.getDouble("bestelllimit"));
- request.setAttribute("rolle", rs.getString("rolle"));
- session.setAttribute("rolle", rs.getString("rolle"));
- target = "/index.jsp";
- }
- } catch (SQLException e) {
- e.printStackTrace();
- }
- // Weiterleiten auf ermitteltes Ziel
- ServletContext ctx = getServletContext();
- RequestDispatcher rd = ctx.getRequestDispatcher(target);
- rd.include(request, response);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement