如何在管理员中检查数据库中的 true/false 值,并相应地重定向? (Web应用程序)

How can I check in the database for true/false value in admin, and redirect accordingly? (web application)

我在 Java Eclipse IDE 上有一个基本的登录系统,带有 tomcat 服务器和 mysql 数据库。我下面的代码显示了登录验证。该程序在 mysql 数据库中搜索 employee_id 和密码,如果在数据库中找到,它将重定向到页面 "Options.html"。如果找不到 employee_id 和密码,它将打印 "Employee ID or Password incorrect, please try again"。基本上,我想要的是以下内容:

我的 table 中有一列名为 Admin,其数据类型为 TINYINT。这基本上是一个布尔值,所以 1 表示管理员,0 表示不是管理员。我希望验证过程检查用户是否是管理员。如果用户是管理员,我希望它转到 Options.html(这是当前的默认值)。如果用户不是管理员,我希望它转到另一个 html 页面。提前致谢,以下是我的文件。

Login.java(servlet)

import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.sql.*;

public class Login extends HttpServlet {

    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();

        String employee_id = request.getParameter("employee_id");
        String password = request.getParameter("password");
        if(Validate.checkUser(employee_id, password)) { 
            RequestDispatcher rs = request.getRequestDispatcher("Options.html");
            rs.forward(request, response);
        }
        else
        {
           out.println("Employee ID or Password is incorrect. Please try again.");
           RequestDispatcher rs = request.getRequestDispatcher("index.html");
           rs.include(request, response);
        }
    }  


        }

Validate.java (class)

import java.sql.*;
public class Validate
{
    public static boolean checkUser(String employee_id, String password)
    {
        boolean st = false;
        try { 
            Class.forName("com.mysql.jdbc.Driver").newInstance();
            Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/payroll_system", "root", ""); 
            PreparedStatement ps = con.prepareStatement("select * from employee_login where employeeID = ? and pwd = ?");
            ps.setString(1, employee_id);
            ps.setString(2, password);
            ResultSet rs =ps.executeQuery();
             st = rs.next();

         }catch(Exception e)
          {
              e.printStackTrace();
          }
             return st;                 
      }   
    }

您可以使用两个单独的函数来验证 class。

import java.sql.*;
public class Validate
{
   public static boolean userIsAdmin(String employee_id, String password)
   {
    boolean st = false;
    try { 
        Class.forName("com.mysql.jdbc.Driver").newInstance();
        Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/payroll_system", "root", ""); 
        PreparedStatement ps = con.prepareStatement("select * from employee_login where employeeID = ? and pwd = ? AND admin=1");
        ps.setString(1, employee_id);
        ps.setString(2, password);
        ResultSet rs =ps.executeQuery();
         st = rs.next();

     }catch(Exception e)
      {
          e.printStackTrace();
      }
         return st;                 
  }   

  public static boolean userIsNotAdmin(String employee_id, String password)
   {
    boolean st = false;
    try { 
        Class.forName("com.mysql.jdbc.Driver").newInstance();
        Connection con = DriverManager.getConnection("jdbc:mysql://localhost:3306/payroll_system", "root", ""); 
        PreparedStatement ps = con.prepareStatement("select * from employee_login where employeeID = ? and pwd = ? AND admin=0");
        ps.setString(1, employee_id);
        ps.setString(2, password);
        ResultSet rs =ps.executeQuery();
         st = rs.next();

     }catch(Exception e)
      {
          e.printStackTrace();
      }
         return st;                 
  }  
}

然后在您的主程序中添加:

if(Validate.userIsAdmin(employee_id, password)) { 
        RequestDispatcher rs = request.getRequestDispatcher("Options.html");
        rs.forward(request, response);
    }
 else if(Validate.userIsNotAdmin(employee_id, password))
    {
       RequestDispatcher rs = request.getRequestDispatcher("other.url");
       rs.include(request, response);
    }
 else
    {
       out.println("Employee ID or Password is incorrect. Please try again.");
       RequestDispatcher rs = request.getRequestDispatcher("index.html");
       rs.include(request, response);
    }

希望对您有所帮助。