JSP permission Control

By accident, I learned a piece of code when I first learned Java many years ago. Maybe I can't write it now. If the technology is so popular, it will move back if it is not in progress. It's still good to be young, with clear ideas and ample energy. [Java] <% @ page contentType = "text/html; charset = gb2312" %> <% @ page import = "qlsoft. PWebs. business. permitBean "%> <jsp: useBean id =" permitBean "scope =" session "class =" qlsoft. PWebs. business. permitBean "/> <% @ page import =" qlsoft. PWebs. business. memberBean "%> <jsp: useBean id =" memberBean "scope =" session "class =" qlsoft. PWebs. business. memberBean "/> <% String action = request. getParameter ("action"); %> <s Export language = "javascript"> // alert ("Permit request action:" + "<% = action %>"); </script> <% if ("login ". equalsIgnoreCase (action) {// member Logon: Authenticate the user identity, and set the Session variable and logon flag. // obtain the logon parameter String userName = request. getParameter ("username"); String userPwd = request. getParameter ("password"); System. out. println ("account:" + userName + "Password:" + userPwd ); if (userName = null | userName = "" | userPwd = null | userPwd = "") {// Invalid request parameter %> <script language = "javascript"> alert ("no required request parameter for member login! "); Window. history. go (-1); </script> <%} else {// The parameter is valid if (permitBean. memberLogin (userName, userPwd) {// logon successful // chengxiaoxu remark code in here to best session. setAttribute ("sessionPermit", permitBean); PermitBean ssnPermit = (PermitBean) session. getAttribute ("sessionPermit"); String strLogin = ssnPermit. getIsLogin ()? "Logon successful! ":" Logon Failed ??? "; String ackName = ssnPermit. getMgrAckName (); System. out. println ("member account:" + strLogin + "\ n" + ackName); if (memberBean. getBeanInfoByID (ssnPermit. getMemberID () {System. out. println ("member information extracted! "); Session. setAttribute ("sessionMember", memberBean) ;}%> <script language = "javascript"> // alert ("<%= strLogin %> "); // alert ("<% = permitBean. getMsg () %> "); // specify your tar get =" _ blank "; // the window on the homepage of the member management center. location = "membermain. jsp "; </script> <%} else {// Logon Failed %> <script language =" javascript "> alert (" <% = permitBean. getMsg () %> "); window. history. go (-1); </script> <%} // End of <Logon Failed >}// End of <parameter valid >%> <%} // End of <member logon> else if ("update ". equalsIgnoreCase (action) {// modify the member password // obtain the modified parameter String oldPwd = request. getParameter ("oldPassword"); String newPwd = request. getParameter ("newPassword1"); if (oldPwd = null | oldPwd = "" | newPwd = null | newPwd = "") {// The request parameter is invalid. %> <script language = "javascript"> alert ("no information to modify required Request Parameters! "); Window. history. go (-1); </script> <%} // End of <request parameter invalid> else {// parameter valid %> <% boolean isOK = permitBean. changePassword (String) session. getAttribute ("sessionUserAccount"), oldPwd, newPwd); www.2cto.com %> <script language = "javascript"> alert ("<% = permitBean. getMsg () %> "); </script> <% if (isOK) {// modification successful %> <script language =" javascript "> window. location = "membermain. jsp "; </script> <%} else {// modification failed %> <script Language = "javascript"> window. history. go (-1 ); </script> <% }}// End of <parameter valid >%><%}// End of <change Member password> else if ("logout ". revoke signorecase (action) {// member logout: Clear the Session variable and the logon flag // chengxiaoxu update code in here to best if (permitBean! = Null) permitBean. memberLogout (); session. setAttribute ("sessionPermit", null); session. setAttribute ("sessionMember", null); PermitBean ssnPermit = (PermitBean) session. getAttribute ("sessionPermit"); String strLogin = ssnPermit = null? "Logout successful! ":" Logout failed ??? "; %> <Script language =" javascript "> // alert (" <% = strLogin %> "); window. location = "main. jsp "; </script> <%} else {// incorrect page request %> <script language =" javascript "> alert (" invalid page request "); window. history. go (-1); </script> <%} // End of <incorrect page request >%>