Advertisement
Guest User

Untitled

a guest
May 22nd, 2017
71
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.76 KB | None | 0 0
  1. import java.io.IOException;
  2. import java.sql.Connection;
  3. import java.sql.PreparedStatement;
  4. import java.sql.ResultSet;
  5. import java.sql.SQLException;
  6.  
  7. import javax.servlet.RequestDispatcher;
  8. import javax.servlet.ServletContext;
  9. import javax.servlet.ServletException;
  10. import javax.servlet.http.HttpServletRequest;
  11. import javax.servlet.http.HttpServletResponse;
  12. import javax.servlet.http.HttpSession;
  13.  
  14. /**
  15. *
  16. *
  17. * @author Punkid
  18. * @author Patrick
  19. */
  20. public class LoginServlet extends javax.servlet.http.HttpServlet {
  21. /**
  22. *
  23. */
  24. private static final long serialVersionUID = -657338316901350363L;
  25.  
  26. protected void doPost(HttpServletRequest request,
  27. HttpServletResponse response) throws ServletException, IOException {
  28. HttpSession session = request.getSession();
  29. String target = "/Denied.jsp";
  30. // Username auslesen
  31. String username = request.getParameter("username");
  32. // Angegebenes Login speichern
  33. request.setAttribute("login", username);
  34. // Kennwort auslesen
  35. String password = request.getParameter("password");
  36. // SQL-Statement definieren
  37. String statement =
  38. String.format("SELECT benutzername, passwort, " +
  39. "name, vorname, rolle, bestelllimit from Benutzer " +
  40. "NATURAL JOIN Benutzervorname WHERE benutzername = ? " +
  41. "and passwort = ? LIMIT 1");
  42. // Connection-Instanz abrufen
  43. Connection conn = db.DBVerbindung.getConnection();
  44. try {
  45.  
  46. // Statement erzeugen
  47. PreparedStatement stmt = conn.prepareStatement(statement);
  48. // Parameter setzen: Login-Name
  49. stmt.setString(1, username);
  50. // Parameter setzen: Password
  51. stmt.setString(2, password);
  52. // ResultSet abrufen
  53. ResultSet rs = stmt.executeQuery();
  54.  
  55. // ResultSet durchlaufen
  56. while(rs.next()) {
  57. String name = rs.getString("vorname") + " " + rs.getString("name");
  58. request.setAttribute("username", name);
  59. session.setAttribute("username", name);
  60. request.setAttribute("limit", rs.getDouble("bestelllimit"));
  61. session.setAttribute("limit", rs.getDouble("bestelllimit"));
  62. request.setAttribute("rolle", rs.getString("rolle"));
  63. session.setAttribute("rolle", rs.getString("rolle"));
  64. target = "/index.jsp";
  65. }
  66. } catch (SQLException e) {
  67. e.printStackTrace();
  68. }
  69. // Weiterleiten auf ermitteltes Ziel
  70. ServletContext ctx = getServletContext();
  71. RequestDispatcher rd = ctx.getRequestDispatcher(target);
  72. rd.include(request, response);
  73. }
  74. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement