package com.subing.web;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


@WebServlet("/CustomerServlet")
public class CustomerServlet extends HttpServlet {
  private static final long serialVersionUID = 1L;

  private SqlDemo sql = null;
  private final static String s1 = "<h1>歡迎進(jìn)入管理頁面</h1><form action='CustomerServlet' method='post'> "
      + "精確查詢:<input type='text' name='jqmess'/><br>"
      + "模糊查詢:<input type='text' name='mhmess'/><br>"
      + "<input type='submit' value='提交' name='sub'/>"
      + "</form>";


  // 登錄的時(shí)候進(jìn)行驗(yàn)證
  private boolean isLoginProv(String userinfo, String password) {
    if (userinfo != null && userinfo.length() > 0 && password != null
        && password.length() > 0) {
      return true;
    }
    return false;

  }

  public CustomerServlet() throws Exception {
    super();
    sql = new SqlDemo(); // 進(jìn)行數(shù)據(jù)庫訪問的類
    // TODO Auto-generated constructor stub
  }

  /**
   * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
   *   response)
   */
  protected void doGet(HttpServletRequest request,
      HttpServletResponse response) throws ServletException, IOException {
    // TODO Auto-generated method stub
    this.doPost(request, response);
  }

  /**
   * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
   *   response)
   */
  protected void doPost(HttpServletRequest request,
      HttpServletResponse response) throws ServletException, IOException {
    response.setContentType("text/html;charset=gb2312");
    request.setCharacterEncoding("gb2312");
    PrintWriter pw = response.getWriter();

    String sub = request.getParameter("sub");
    String login = request.getParameter("login");

    if (login != null && login.length() > 0) {
      String admin_id = request.getParameter("admin_id");
      String password = request.getParameter("password");
      if (isLoginProv(admin_id, password)) {
        try {
          if (sql.loginVerify(admin_id, password)) {
            pw.println(s1);
          } else {
            pw.println("<h1>登錄失?。?lt;/h2>2秒自動(dòng)跳轉(zhuǎn)到登錄頁面!");
            response.setHeader("refresh", "2;url=login.html");
          }
        } catch (Exception e) {
          e.printStackTrace();
        }
      } else {
        pw.println("<h1>登錄失??！</h2>5秒自動(dòng)跳轉(zhuǎn)到登錄頁面!");
        response.setHeader("refresh", "5;url=login.html");
      }
    } else if (sub != null && sub.length() > 0) {
      pw.println(s1);
      String jqmess = request.getParameter("jqmess");
      String mhmess = request.getParameter("mhmess");
      if (jqmess != null && jqmess.length() > 0) {
        try {
          String s = sql.getJqMess(jqmess);
          String mess[] = s.split(",");
          String html = "<table border='5'>" + "<tr>" + "<th>Id號(hào)碼</th>"
              + "<th>商品名稱</th>" + "<th>商品價(jià)格</th>"
              + "<th>商品庫存數(shù)量</th>" + "<th>商品描述</th>";
          String main = "<tr>" + "<td>" + mess[0] + "</td>" + "<td>"
              + mess[1] + "</td>" + "<td>" + mess[2] + "</td>"
              + "<td>" + mess[3] + "</td>" + "<td>" + mess[4]
              + "</td></tr></table>";
          String head = html + main;
          pw.println(head);
        } catch (Exception e) {
          e.printStackTrace();
        }
      } else if (mhmess != null && mhmess.length() > 0) {
        try {
          String head = "";
          String html = "<table border='5'>" + "<tr>" + "<th>Id號(hào)碼</th>"
              + "<th>商品名稱</th>" + "<th>商品價(jià)格</th>"
              + "<th>商品庫存數(shù)量</th>" + "<th>商品描述</th>";
          head += html;
          String s = sql.getMhMess(mhmess);
          String m[] = s.split(",,");
          for (int i = 0; i < m.length; i++) {
            String mess[] = m[i].split(",");
            String main = "<tr>" + "<td>" + mess[0] + "</td>"
                + "<td>" + mess[1] + "</td>" + "<td>" + mess[2]
                + "</td>" + "<td>" + mess[3] + "</td>" + "<td>"
                + mess[4] + "</td></tr>";
            head += main;
          }
          head += "</table>";
          pw.println(head);
        } catch (Exception e) {
          e.printStackTrace();
        }
      }
    }
  }
}

package com.subing.web;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;

public class SqlDemo {

  private Connection conn = null;
  private PreparedStatement preparedStatement = null;

  public SqlDemo() throws Exception {
    conn = getConnection();
  }

  private Connection getConnection() throws Exception {
    String driverClass = "com.mysql.jdbc.Driver";
    String url = "jdbc:mysql:///shop?useUnicode=true&characterEncoding=gb2312";
    String user = "root";
    String password = "12345";

    // 注冊(cè)加載驅(qū)動(dòng)
    Class.forName(driverClass);

    // 獲取連接
    Connection conn = DriverManager.getConnection(url, user, password);
    System.out.println(conn);
    return conn;
  }

  // 登錄的時(shí)候 進(jìn)行驗(yàn)證
  public boolean loginVerify(String userinfo, String password)
      throws Exception {
    String sql = "select * from admin where admin_id = ?";
    preparedStatement = conn.prepareStatement(sql);
    preparedStatement.setString(1, userinfo);
    ResultSet rs = preparedStatement.executeQuery();
    if (rs.next()) {
      if (rs.getString("password").equals(password)) {
        System.out.println("成功！");
        return true;
      }
    }
    System.out.println("失?。?);
    return false;
  }

  public String getJqMess(String admin_id) throws Exception {
    String s = "";
    String sql = "select * from product1 where product_id = ? OR product_name LIKE ?"
        + "OR product_price LIKE ?"
        + "OR product_num LIKE ?"
        + "OR product_describe LIKE ?";
    preparedStatement = conn.prepareStatement(sql);
    preparedStatement.setString(1, admin_id);
    preparedStatement.setString(2, admin_id);
    preparedStatement.setString(3, admin_id);
    preparedStatement.setString(4, admin_id);
    preparedStatement.setString(5, admin_id);
    //查詢到記錄的時(shí)候，返回一個(gè)resultSet，也處理了該方法查找失敗的時(shí)候返回null的情況
    ResultSet rs = preparedStatement.executeQuery();
    while (rs.next()) {
      s = rs.getInt(1) + "," + rs.getString(2) + "," + rs.getInt(3) + ","
          + rs.getInt(4) + "," + rs.getString(5);
    }
    return s;

  }

  public String getMhMess(String admin_id) throws Exception {
    String mess = "";
    String sql = "select * from product1 where product_id like ? OR product_name LIKE ? OR product_price LIKE ? OR product_num LIKE ?"
        + "OR product_describe LIKE ?";
    preparedStatement = conn.prepareStatement(sql);
    preparedStatement.setString(1, "%" + admin_id + "%");
    preparedStatement.setString(2, "%" + admin_id + "%");
    preparedStatement.setString(3, "%" + admin_id + "%");
    preparedStatement.setString(4, "%" + admin_id + "%");
    preparedStatement.setString(5, "%" + admin_id + "%");
    ResultSet rs = preparedStatement.executeQuery();
    while (rs.next()) {
      String s = rs.getInt(1) + "," + rs.getString(2) + ","
          + rs.getInt(3) + "," + rs.getInt(4) + "," + rs.getString(5);
      mess += s + ",,";
    }
    return mess;
  }

  public static void main(String[] args) throws Exception {
    SqlDemo sqlDemo = new SqlDemo();
    String s = sqlDemo.getMhMess("xi");
    String m[] = s.split(",,");
    for (int i = 0; i < m.length; i++) {
      System.out.println(m[i]);
    }
  }

}

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
  <h1>登錄</h1>
  <form action="CustomerServlet" method="post">
    賬號(hào):<input type="text" name="admin_id"/>
    密碼:<input type="password" name="password"/>
    <input type="submit" value="登錄" name="login"/>
  </form>        

</body>
</html>