• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• Java-EE-VulnWeb-master
  • LICENSE
  • VulnWeb.sql
  • README.md
  • VulnWeb
    • src
      • com
        • eveino
          • dao
            • impl
              • UserDaoImpl.java
            • UserDao.java
          • utils
            • HtmlEncode.java
            • XssDefend.java
            • JdbcUtils.java
            • WebUtils.java
          • entity
            • User.java
          • web
            • wrapper
              • EncodingRequest.java
              • HtmlEncodeRequest.java
              • XssDefendRequest.java
            • UI
              • RegisterServletUI.java
              • LoginServletUI.java
            • filter
              • CharacterEncodingFilter.java
              • HtmlFilter.java
              • XssFilter.java
              • WordsFilter.java
            • controller
              • XSSServlet.java
              • RegisterServlet.java
              • CmdServlet.java
              • LoginServlet.java
              • UploadServlet.java
              • DownloadServlet.java
          • service
            • impl
              • BusinessServerImpl.java
            • BusinessServer.java
          • exception
            • UserExistEception.java
      • junit
        • test
          • UserTest.java
          • UserDaoTest.java
      • dbcp.properties
    • .settings
      • org.eclipse.wst.jsdt.ui.superType.container
      • org.eclipse.wst.jsdt.ui.superType.name
      • org.eclipse.wst.common.project.facet.core.xml
      • org.eclipse.wst.common.component
      • .jsdtscope
      • org.eclipse.jdt.core.prefs
      • org.eclipse.core.resources.prefs
    • WebContent
      • show.jsp
      • cmd.jsp
      • xss.jsp
      • message.jsp
      • uploadfile.jsp
      • 404.html
      • index.jsp
      • META-INF
        • MANIFEST.MF
      • WEB-INF
        • lib
          • commons-fileupload-1.3.3.jar
          • commons-dbutils-1.7.jar
          • commons-dbcp2-2.1.1.jar
          • commons-pool2-2.4.3.jar
          • commons-logging-1.2.jar
          • jstl.jar
        • haha
          • haha.txt
          • web.xml
        • jsp
          • register.jsp
          • login.jsp
        • haha.txt
        • web.xml
      • downloadfile.jsp
    • .project
    • .classpath
    • Words
      • com
        • eveino
          • words
            • bandWords.txt
            • auditWords.txt
            • remainWords.txt

package com.eveino.web.controller;

import java.io.IOException;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.eveino.entity.User;
import com.eveino.service.BusinessServer;
import com.eveino.service.impl.BusinessServerImpl;

/**
 * Servlet implementation class LoginServlet
 */
public class LoginServlet extends HttpServlet {
	private static final long serialVersionUID = 1L;

	/**
	 * @see HttpServlet#HttpServlet()
	 */
	public LoginServlet() {
		super();
		// TODO Auto-generated constructor stub
	}

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		BusinessServer bs = new BusinessServerImpl();
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		if(username.equals("")||password.equals("")) {
			request.setAttribute("message", "用户名或密码为空");
			request.getRequestDispatcher("/message.jsp").forward(request, response);
			return;
		}
		HttpSession session = request.getSession(false);
		User user = new User();
		try {
			user = bs.loginUser(username, password);
		} catch (SQLException e) {
			request.setAttribute("message", "未知错误");
			request.getRequestDispatcher("/message.jsp").forward(request, response);
			return;
		}
		if (user != null) {
			request.setAttribute("message", "登录成功");
			session.invalidate();
			session = request.getSession();
			request.setAttribute("user", user);
			request.getRequestDispatcher("/message.jsp").forward(request, response);
			return;
		}
		request.setAttribute("message", "用户名或密码错误");
		request.getRequestDispatcher("/message.jsp").forward(request, response);
		return;
	}

}