Package Info;
Import java. Io .*;
Import java. util. properties;
Public class init {
Private string supername = NULL;
Private string superpassword = NULL;
Private string drivername = NULL;
Private string dburl = NULL;
Private string dbuser = NULL;
Private string dbpassword = NULL;
Private int pageview;
Public Init (string webpath ){
Properties prop = new properties ();
If (! Webpath. endswith (system. getproperty ("file. separator "))){
Webpath + = system. getproperty ("file. separator ");
}
Try {
File file = new file (webpath + "WEB-INF" + system. getproperty ("file. separator") + "guestbook. properties ");
If (file. exists ()){
Fileinputstream filein = new fileinputstream (File );
Prop. Load (filein );
Supername = prop. getproperty ("supername ");
Superpassword = prop. getproperty ("superpassword ");
Drivername = prop. getproperty ("drivername ");
Dburl = prop. getproperty ("dburl ");
Dbuser = prop. getproperty ("dbuser ");
Dbpassword = prop. getproperty ("dbpassword ");
Pageview = integer. parseint (prop. getproperty ("pageview "));
}
Else {
Throw new filenotfoundexception ("attribute file not found ");
}
}
Catch (ioexception e ){
Throw new runtimeexception (E );
}
Catch (numberformatexception e ){
Throw new runtimeexception (E );
}
}
Public String getsupername (){
Return supername;
}
Public String getsuperpassword (){
Return superpassword;
}
Public String getdrivername (){
Return drivername;
}
Public String getdburl (){
Return dburl;
}
Public String getdbuser (){
Return dbuser;
}
Public String getdbpassword (){
Return dbpassword;
}
Public int getpageview (){
Return pageview;
}
}
The configuration file format is as follows:
# Administrator Account
Supername = langzi
# Administrator password
Superpassword = Wubin
# Database-drivenProgram
Drivername = com. Microsoft. JDBC. sqlserver. sqlserverdriver
# URL ("WB" indicates the database name)
Dburl = JDBC: Microsoft: sqlserver: // localhost: 1433; databasename = WB
# Database connection username dbuser = sa
# Database connection password
Dbpassword = wb5520105
# Number of records per page
Pageview = 20
TIPS:
Package Info;
Import javax. servlet .*;
Import javax. servlet. http .*;
Import java. Io .*;
Import sun. Misc. base64decoder;
Import javax. SQL. datasource;
Import java. SQL .*;
Public class admin extends httpservlet {
Private Static final string content_type = "text/html; charset = gb2312 ";
Private datasource = NULL;
// Initialize global variables
Public void Init () throws servletexception {
Init init = new Init (getservletcontext (). getrealpath ("/"));
Datasource = linkdb. getdb ();
If (datasource = NULL ){
Linkdb. setdb (init. getdrivername (), init. getdburl (), init. getdbuser (), init. getdbpassword ());
Datasource = linkdb. getdb ();
}
}
// Process the http get request
Public void doget (httpservletrequest request,
Httpservletresponse response) throws servletexception,
Ioexception
{
Init init = new Init (getservletcontext (). getrealpath ("/"));
Response. setcontenttype (content_type );
// Get Authorization Header
String authorization = request. getheader ("Authorization ");
If (authorization = NULL)
{
Challenge (response); // no authorization so challenge
}
Else
{
// Determine if client is using basic authentication
If (! Authorization. tolowercase (). startswith ("basic "))
{
Challenge (response); // not basic so challenge
}
// Obtain the base64-encoded account and password, starting from the sixth digit of the string
String namepass = Authorization. substring (6). Trim ();
// Instantiate base64 Decoder
Base64decoder decode = new base64decoder ();
// Decode username and password
Namepass = new string (decode. decodebuffer (namepass ));
]
// Get username and password from decoded authorization text
String username = namepass. substring (0, colon );
String Password = namepass. substring (colon + 1 );
// Validate username and password (case sensitive)
If (! Username. Equals (init. getsupername () |! Password. Equals (init. getsuperpassword ()))
{
Challenge (response); // invalid credentials so challenge
}
Else
{
// Write the data to the session after the verification is passed.
Httpsession mysession = request. getsession (true );
Mysession. setattribute ("supername", username );
Response. sendredirect ("Admin. jsp ");
}
}
}
Public void dopost (httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {
Request. setcharacterencoding ("gb2312 ");
Response. setcontenttype (content_type );
Printwriter out = response. getwriter ();
Readdb = new readdb ();
Connection conn = NULL;
Statement stmt = NULL;
Try {
Conn = datasource. getconnection ();
Stmt = conn. createstatement (resultset. type_scroll_sensitive, resultset. concur_updatable );
If (request. getparameter ("ADDC ")! = NULL ){
String SQL = "ALTER TABLE info_table2 add class" + (readdb. getnum ()-1) + "float ";
Stmt.exe cuteupdate (SQL );
Out. println ("<SCRIPT> alert ('complete'); document. Location = 'admin. jsp '; </SCRIPT> ");
Return;
}
If (request. getparameter ("DELC ")! = NULL ){
If (request. getparameter ("classname"). Equals (""))
Out. println ("<SCRIPT> alert ('select the course to delete '); document. Location = 'admin. jsp'; </SCRIPT> ");
Else {
String SQL = "ALTER TABLE info_table2 drop column" + request. getparameter ("classname ");
Stmt.exe cuteupdate (SQL );
Out. println ("<SCRIPT> alert ('complete'); document. Location = 'admin. jsp '; </SCRIPT> ");
}
Return;
}
String id = request. getparameter ("ID"). replaceall ("'","''");
String s_name = request. getparameter ("s_name"). replaceall ("'","''");
String s_sex = request. getparameter ("s_sex"). replaceall ("'","''");
String s_birth = request. getparameter ("s_birth"). replaceall ("'","''");
String s_grade = request. getparameter ("s_grade"). replaceall ("'","''");
Float [] classname = new float [readdb. getnum ()-2];
For (INT I = 1; I <= readdb. getnum ()-2; I ++)
Classname [I-1] = float. parsefloat (request. getparameter ("class" + I ));
If (Id. Equals ("") | s_name.equals ("") | s_sex.equals ("") | s_birth.equals ("") | s_grade.equals ("")){
Out. println ("<SCRIPT> alert ('fill in all the information'); document. location = 'javascript: history. go (-1); '</SCRIPT> ");
Return;
}
If (ID. getbytes (). length> 20 | s_name.getbytes (). length> 50 | s_sex.getbytes (). length> 10 | s_birth.getbytes (). length> 50 | s_grade.getbytes (). length> 50 ){
Out. println ("<SCRIPT> alert ('the entered information is too long, please enter it again '); document. location = 'javascript: history. go (-1); '</SCRIPT> ");
Return;
}
Try {
Stmt.exe cuteupdate ("insert into info_table1 values ('" + ID + "', '" +
S_name + "','" + s_sex + "','" + s_birth + "','" +
S_grade + "','" + head. gettime () + "')");
String SQL = "insert into info_table2 values ('" + ID + "', '" + s_name +
"'";
For (INT I = 0; I <classname. length; I ++ ){
SQL = SQL + "," + classname [I];
}
SQL + = ")";
Stmt.exe cuteupdate (SQL );
}
Catch (sqlexception e ){
Out. println ("<SCRIPT> alert ('database writing error, student ID may be repeated '); document. Location = 'admin. jsp'; </SCRIPT> ");
Return;
}
Out. println ("<SCRIPT> alert ('complete'); document. Location = 'admin. jsp '; </SCRIPT> ");
}
Catch (sqlexception e ){
Out. println (E );
}
Catch (numberformatexception e ){
Out. println ("<SCRIPT> alert ('score must be a real'); document. location = 'javascript: history. go (-1); '</SCRIPT> ");
}
Finally {
Try {
Stmt. Close ();
Conn. Close ();
Linkdb. shutdowndatasource (datasource );
}
Catch (sqlexception e ){
Out. println (E );
}
}
}
// Response Header 401 to the browser
Private void Challenge (httpservletresponse response)
{
Response. setstatus (response. SC _unauthorized );
Response. setheader ("www-authenticate", "Basic realm = \" Login \"");
}
}