注册 登录
编程论坛 J2EE论坛

请教jsp问题高手留步

shandu 发布于 2008-04-19 18:29, 918 次点击
我做一个jsp登录页,但不知什么原因出错,高手给条明路
代码如下:
<%
           String user=new String(request.getParameter("user").getBytes("ISO-8859-1"));
           String pass=new String(request.getParameter("pass").getBytes("ISO-8859-1"));
          
           Connection conn;
           Statement sql;
           ResultSet rs;
           try
           {
              Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
           }
           catch(ClassNotFoundException e){}
           try
           {
              conn=DriverManager.getConnection("jdbc:odbc:aa","","");
              sql=conn.createStatement();
              rs=sql.executeQuery("SELECT * FORM username WHERE username="+user+"password="+pass);
              if(rs.next())
              {
                 if(user.equals("user")&&pass.equals("password"))
                 {
                    response.sendRedirect("index.jsp");
                 }
                else
                    {
                       out.print("您的密码或者用户名有误,请从新登录");
                    }      
              }
             conn.close();
             }
            catch(SQLException e1){}
      %>
5 回复
#2
Ethip2008-04-19 23:01
SELECT * FORM username WHERE username='"+user+"' password='"+pass+"'
#3
菜鸟也疯狂2008-04-20 22:16
rs=sql.executeQuery("SELECT * FORM username WHERE username="+user+"password="+pass);  ?? "FORM",应该是"FROM"吧!
#4
Ethip2008-04-20 22:55
回复 3# 的帖子
他的这个from差点把我气死!!!
#5
qsrock2008-04-21 20:22
呵呵,LZ那么不小心,像LZ的例子最好不要用Statement,用prapraedstate
#6
zplove2008-04-25 16:13
SELECT * FroM username WHERE username='"+user+"' and  password='"+pass+"'
1