当前位置: 首页 > 图文教程 > 网络编程 > JSP > 关于JSP的一点疑问小结

JSP
我认为JSP有问题(上)
我认为JSP有问题(下)
jsp“抓”网页代码的程序
关于在bean里面打印html的利弊看法
bean里面如何打印到html页面
jdbc3中的RowSet 接口规范
Apusic Application Server1.0中jsp源代码泄漏漏洞
Unify的eWave ServletExec拒绝服务漏洞
通过提交超长的GET请求导致IBM HTTP Server远程溢出
在HTTP请求中添加特殊字符导致暴露JSP源代码文件
Resin 1.2 重要源代码暴露漏洞
多中WEB服务器的通用JSp源代码暴露漏洞
Tomcat 暴露JSP文件内容
IBM WebSphere Application Server 暴露JSP文件内容
JRun 2.3.x 范例文件暴露站点安全信息
BEA WebLogic 暴露源代码漏洞
IBM WebSphere Application Server 3.0.2 存在暴露源代码漏洞
Tomcat 3.1 存在暴露网站路径问题
Sun Java Web Server 能让攻击者远程执行任意命令
Netscape 修复 JAVA 安全漏洞

关于JSP的一点疑问小结


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-09-13   浏览: 53 ::
收藏到网摘: n/a

我在做一个JSP小测试.写的一些代码如下 希望谁能帮我看一看问题出在哪?谢谢!
register.html部分:
复制代码 代码如下:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>register.html</title>
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="this is my page">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<!--<link rel="stylesheet" type="text/css" href="./styles.css">-->
</head>
<body>
<br>
<form action="register.jsp" method = "Post" name = "frm">
用户名:<input type = "text" name = "in_username"><br>
密码:<input type = "password" name = "in_password"><br>
<input type = "submit" name = "submit" value = "提交">
</form>
</body>
</html>

register.jsp部分:
复制代码 代码如下:

<%@ page language="java" import = java.util.* pageEncoding="ISO-8859-1"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'register.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<meta http-equiv = "content-type" content = "text/html;charset = gb2312">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<br>
<%! boolean isnotlogin = false;%>
<%
String username = request.getParameter("username");
String password = request.getParameter("password");
if(username == null || password == null)
{
response.sendRedirect("error.jsp");
return;
}
%>
<jsp:useBean id="person" scope = "page" class = "mypack.register">
<jsp:setProperty name = "person" property = "username" param = "username"/>
<jsp:setProperty name = "person" property = "pwd" param = "password"/>
</jsp:useBean>
<%
isnotlogin = person.judge();
if(!isnotlogin)
{
response.sendRedirect("error.jsp");
return;
}
else
{
session.setAttribute("username", request.getParameter("username"));
%>
<jsp:forward page = "sbmt">
<jsp:param name = "username" value = "<%=username%>"/>
</jsp:forward>
<%
}
%>
</body>
</html>

register.java(JavaBean)部分:
复制代码 代码如下:

package mypack;
public class register {
private String username = "";
private String pwd = "";
public void setUserName(String nm)
{
this.username = nm;
}
public String getUserName()
{
return this.username;
}
public void setPwd(String pd)
{
this.pwd = pd;
}
public String getPwd()
{
return this.pwd;
}
public boolean judge()
{
boolean temp = false;
if(username.equals("teacher") && pwd.equals("teacher"))
{
temp = true;
}
return temp;
}
}
sbmt.java(Servlet)部分:
package mypack;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class sbmt extends HttpServlet {
private static final long serialVersionUID = 1L;
public sbmt() {
super();
}
public void destroy() {
super.destroy();
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out
.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
out.println("<HTML>");
out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>");
out.println(" <BODY>");
out.print(" This is ");
out.print(this.getClass());
out.println(", using the GET method");
out.println(" </BODY>");
out.println("</HTML>");
out.flush();
out.close();
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
HttpSession session = request.getSession(false);
if(session == null)
{
response.sendRedirect("error.jsp");
return;
}
String usernameone = (String)session.getAttribute("username");
String usernametwo = request.getParameter("username");
if(!usernameone.equals(usernametwo))
{
response.sendRedirect("error.jsp");
return;
}
response.setContentType("text/html;charset = GBK");
request.setAttribute("username", usernametwo);
if(usernametwo.equals("teacher"))
{
response.sendRedirect("teacher.jsp");
return;
}
else
{
response.sendRedirect("error.jsp");
return;
}
}
}
}