代码:
package myservlet.control;
import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import mybean.data.Login;
import mybean.data.Password;
public class HandlePassword extends HttpServlet {
private static final long serialVersionUID = 1L;
/**
* The doGet method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to get.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
/**
* The doPost method of the servlet. <br>
*
* This method is called when a form has its tag value method equals to post.
*
* @param request the request send by the client to the server
* @param response the response send by the server to the client
* @throws ServletException if an error occurred
* @throws IOException if an error occurred
*/
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
HttpSession session=request.getSession(true);
Login login=(Login)session.getAttribute("Login");
boolean ok=true;
if(login==null){
ok=false;
response.sendRedirect("Login.jsp");
}
if(ok==true){
continueWork(request, response,login);
}
}
public void continueWork(HttpServletRequest request, HttpServletResponse response,Login login)
throws ServletException, IOException {
//HttpSession session=request.getSession(true);
//Login login=(Login)session.getAttribute("Login");
Connection con=null;
String logname=login.getLogname();
Password passwordBean=new Password();
request.setAttribute("password", passwordBean);
String oldPassword=request.getParameter("oldPassword");
String newPassword=request.getParameter("newPassword");
String uril="jdbc:sqlserver://127.0.0.1:1433;DatabaseName=Friend";
try{
con=(Connection) DriverManager.getConnection(uril,"sa","123456");
Statement sql= con.createStatement();
ResultSet rs=sql.executeQuery("select* from member where logname='"+logname+"' and password='"+oldPassword+"'");
if(rs.next()){
String updateString="update member set password='"+newPassword+"'where logname='"+logname+"'";
int m=sql.executeUpdate(updateString);//数据能更新成功
if(m==1){