我写了这么一个函数用来核对用户名密码是否匹配
public static boolean login(String account,String pass) throws SQLException {
String sql = "SELECT * FROM USER WHERE USER_NAME='"+account+"' OR EMAIL = '"+account+"'";//user表中有username和email两个值可以充当用户名,两者只要有一个满足即可。
Connection conn = Conn.getConnection();
conn.setAutoCommit(false);
PreparedStatement statement = conn.prepareStatement(sql);
ResultSet result = statement.executeQuery();
while(result.next()) {
String password = result.getString("password");
if(pass.equals(password))return true;
}
return false;
}
在login.jsp中读取输入的账号密码:
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Insert title here</title>
</head>
<body>
<form action="logincheck.jsp" method="post">
<table>
<tr><td>用户名</td><td><input name="username" type="text"></td></tr>
<tr><td>密 码</td><td><input name="pass" type="password"></td></tr>
<tr><td><input type="submit" value="登录"></td></tr>
</table>
</form>
</body>
</html>
在logincheck.jsp中调用login函数进行核对:
<%@page import="com.ahtcm.zcy.controller.dao.UserDao"%>
<%@page import="java.awt.Window"%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Insert title here</title>
</head>
<body>
<%
request.setCharacterEncoding("utf-8");
String user = request.getParameter("username");
String pass = request.getParameter("pass");
boolean isloged = UserDao.login(user, pass);
//out.print(user);out.print(pass);
if(isloged)out.print("ok");
%>
</body>
</html>
但是在运行中却报出一下错误信息:
HTTP Status 500 – Internal Server Error
Type Exception Report
Message An exception occurred processing [/logincheck.jsp] at line [15]
Description The server encountered an unexpected condition that prevented it from fulfilling the request.
Exception
org.apache.jasper.JasperException: An exception occurred processing [/logincheck.jsp] at line [15]
12: request.setCharacterEncoding("utf-8");
13: String user = request.getParameter("username");
14: String pass = request.getParameter("pass");
15: boolean isloged = UserDao.login(user, pass);
16: out.print(user);out.print(pass);
17: if(isloged)out.print("ok");
18: %>
Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:626)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:515)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:386)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:330)
javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
Root Cause
java.lang.NullPointerException
com.ahtcm.zcy.controller.dao.UserDao.login(UserDao.java:18)
org.apache.jsp.logincheck_jsp._jspService(logincheck_jsp.java:135)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:386)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:330)
javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
Note The full stack trace of the root cause is available in the server logs.
请教一下大佬到底是哪里出现了问题?
补充:
在发现问题后我也尝试过在java中调用该函数:
package com.ahtcm.zcy;
import java.sql.SQLException;
import com.ahtcm.zcy.controller.dao.UserDao;
import com.ahtcm.zcy.model.User;
public class Test {
public static void login(User user) throws SQLException {
if(UserDao.login(user.getUserName(), user.getPass())) {
System.out.println("ok!");
}
else System.out.println("N/A");
if(UserDao.login(user.getEmail(), user.getPass())) {
System.out.println("ok!");
}
else System.out.println("N/A");
}
public static void main(String[] args) throws SQLException {
User user = new User();
user.setUserName("testaccount1");
user.setPass("123456");
user.setEmail("testaccount1@test.com");
user.setMob("***********");
Test.login(user);
}
}
实际上此时函数可以被正常调用。
我也曾猜测是否是因为在logincheck.jsp中没有正常读取username和pass的值,但是经过测试发现这两个参数值被正常读取:
<body>
<%
request.setCharacterEncoding("utf-8");
String user = request.getParameter("username");
String pass = request.getParameter("pass");
//boolean isloged = UserDao.login(user, pass);
out.print(user);out.print(pass);
//if(isloged)out.print("ok");
%>
</body>
看下是不是UserDao这个对象为null
java.lang.NullPointerException
com.ahtcm.zcy.controller.dao.UserDao.login(UserDao.java:18)空指针异常了
还有
<%@page import="com.ahtcm.zcy.controller.dao.UserDao"%>
<%@page import="java.awt.Window"%>这是什么,java.awt.Window这是开发awt/Swing的,是开发cs架构程序的,为什么
会出现在jsp页面中
这里报的是空指针错误,应该是在logincheck.jsp中没有获取到用户名和密码
那应该是你请求 /logincheck.jsp 这个页面的用法有问题,请求页面的时候可能没有参数
/logincheck.jsp?username=zhangsan&pass=zhangsan
加固代码:后台用账号密码的地方加上判空语句。