java GUI简单登录后端mysql
我正在尝试创建一个GUI程序,简单的登录维护。我有4个gui组件,即:jlabel、jtextfield、jpasswordfield和jbutton。到目前为止,这是我的代码:java GUI简单登录后端mysql,java,swing,jdbc,jbutton,jtextfield,Java,Swing,Jdbc,Jbutton,Jtextfield,我正在尝试创建一个GUI程序,简单的登录维护。我有4个gui组件,即:jlabel、jtextfield、jpasswordfield和jbutton。到目前为止,这是我的代码: import java.awt.Container; import java.awt.FlowLayout; import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.sql.Connection; impo
import java.awt.Container;
import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import javax.swing.*;
public class BankGui extends JApplet implements ActionListener{
// GUI components
JLabel lblUser, lblPass;
JTextField txtUser;
JPasswordField txtPass;
JButton btnOk, btnClear;
// connections to MYSQL
private static Connection connection = null;
private static Statement statement = null;
private static ResultSet resultSet = null;
//public static Scanner in = new Scanner(System.in);
public void init(){
Container c = getContentPane();
c.setLayout( new FlowLayout() );
lblUser = new JLabel( "Username: " );
c.add( lblUser );
txtUser = new JTextField( 10 );
c.add( txtUser );
lblPass = new JLabel( "Password:" );
c.add( lblPass );
txtPass = new JPasswordField( 10 );
c.add( txtPass );
btnOk = new JButton( "OK" );
btnOk.addActionListener( this );
c.add( btnOk );
}
@Override
public void actionPerformed(ActionEvent e) {
// TODO Auto-generated method stub
if( btnOk ){
}
}
public void connect(){
try {
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/USERS", "root", "root");
statement = connection.createStatement();
resultSet = statement
.executeQuery("SELECT lname, fname FROM employees");
} catch (Exception e) {
e.printStackTrace();
}
}
}
但是我被困在actionperformed方法和connect方法中。我不知道该放什么来验证登录的人是否是授权用户。您不能使用Applet
执行SQL操作,请将其更改为Java应用程序(扩展框架/JFrame)。阅读本文-
您必须使用WHERE子句编写SELECT
语句
String sql="SELECT userName FROM employees WHERE UserName=? and Password=?";
编辑:
在static
块中注册JDBC驱动程序
static {
try{
Class.forName("com.mysql.jdbc.Driver");
}catch(Exception ex) {
System.err.println(ex);
}
}
并在actionPerformed
方法中编写代码:
PreparedStatement stmt=null;
boolean isFound=false;
try{
connection = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/USERS", "root", "root");
String sql="SELECT userName FROM employees WHERE UserName=? and Password=?";
stmt=connection.prepareStatement(sql);
stmt.setString(1,txtUser.getText());
stmt.setString(2,txtPass.getPassword());
resultSet=stmt.executeQuery();
if(resultSet.next()){
isFound=true;
}
//
}catch(SQLException ex){
System.err.println(ex);
}finally{
if(stmt!=null){
try{
stmt.close();
}catch(Exception ex) { /* */ }
}
if(connection!=null){
try{
connection.close();
}catch(Exception ex) { /* */ }
}
}
将您的代码更改为此
@Override
public void actionPerformed(ActionEvent e) {
// TODO Auto-generated method stub
if (e.getActionCommand().equals("OK")){
if(connect(txtUser.getText(), txtPass.getText())) {
// Valid
}
else {
//Invalid
}
}
}
public boolean connect(String usr, String pwd){
try {
Class.forName("com.mysql.jdbc.Driver");
connection = DriverManager.getConnection(
"jdbc:mysql://localhost:3306/USERS", "root", "root");
PreparedStatement ps= connection.prepareStatement("SELECT lname, fname FROM employees where username=? and password =?");
ps.setString(1,usr);
ps.setString(2,pwd);
resultSet = ps.executeQuery();
if(resultSet.next()) {
return true;
}
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
我是否要将该字符串sql放入我的connect方法或actionperformed?我已经将其更改为JFrame,我将如何显示文本字段和按钮?请小心。您可以在不使用
PrepareStatement
的情况下进行SQL攻击。您好,谢谢您的回复。我在if(btnOk)中出错。我的btnOk是jbutton。不boolean@Lion我将如何防止sql攻击?您应该始终在PrepareStatement
的帮助下使用参数化查询,以防止sql查询被sql注入,如SELECT lname,fname from employees WHERE UserName=?密码=?
。检查上面更改的代码,也可以使用PrepareStatement执行select查询以摆脱SQL注入。对于将来的任何人,这里有一个关于如何使用java和mysql创建简单GUI登录屏幕的简单介绍