上传文件往往都必须登陆后才可以进行操作,以前我们已经讲过上传,注册登陆但是并没有将它们联系在一起,今天主要就是设置权限只有登陆成功后才可以上传文件。
1、原本的界面如图所示:不用登陆便可以上传
2、给它加上条件
<c:choose>
<c:when test="${empty sessionScope.user_name }">
<form action="${pageContext.request.contextPath}/tishi.jsp" enctype="multipart/form-data" method="post">
<input id="submit" type="submit" value="提交" >
</form>
</c:when>
<c:otherwise>
<form action="${pageContext.request.contextPath}/uploadservlet" enctype="multipart/form-data" method="post">
<input id="submit" type="submit" value="提交" >
</form>
</c:otherwise>
</c:choose>
当登录成功了才可以进行操作,否则,会跳转到提示登陆的界面
这里需要注意的是sessionScope.user_name对应的是login的servlet里放到内置对象的变量名
3、因为jsp使用<c:choose>标签来控制内容显示,所以,引用
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
故必须添加jstl.jar和standard.jar两个架包
4、jsp完整的代码及截图如下所示
(1)目录结构:
(2)login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/LoginServlet" method="post" class="" role="form">
username<input type="username" name="username" class="" id="username" placeholder="请输入用户名...">
password<input type="password" name="password" class="" id="password" placeholder="请输入密码...">
<span style="color:red">${msg }</span>
<input type="submit">
</form>
<a href="upload.jsp">现在去上传文件</a>
</body>
</html>
(3)upload.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<c:choose>
<c:when test="${empty sessionScope.user_name }">
<form action="${pageContext.request.contextPath}/tishi.jsp" enctype="multipart/form-data" method="post">
上传用户:<input type="text" name="username" >${name } <br/>
<br/>
上传文件1:<input type="file" name="file1"><br/><br/>
上传文件2:<input type="file" name="file2"><br/><br/>
上传文件3:<input type="file" name="file3"><br/><br/>
上传文件4:<input type="file" name="file4"><br/><br/>
上传文件5:<input type="file" name="file5"><br/><br/>
<input id="submit" type="submit" value="提交" >
</form>
</c:when>
<c:otherwise>
<form action="${pageContext.request.contextPath}/uploadservlet" enctype="multipart/form-data" method="post">
上传用户:<input type="text" name="username" >${name } <br/>
<br/>
上传文件1:<input type="file" name="file1"><br/><br/>
上传文件2:<input type="file" name="file2"><br/><br/>
上传文件3:<input type="file" name="file3"><br/><br/>
上传文件4:<input type="file" name="file4"><br/><br/>
上传文件5:<input type="file" name="file5"><br/><br/>
<input id="submit" type="submit" value="提交" >
</form>
</c:otherwise>
</c:choose>
</body>
</html>
注意:蓝色字体部分对应的是login的serverlet类中的蓝色字体部分。
因为用的choose标签,故必须加入引用语句:即红色字体部分。
(4)其他的为各类提示界面,这里就不做详细的讲解了。
message.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
${msg}
</body>
</html>
注意:${msg}获取内置对象名为msg的变量的值,对应servlet类中的紫色字体部分
tishi.jsp
<%@ page language="java" pageEncoding="UTF-8"%>
<!DOCTYPE HTML>
<html>
<head>
<title>消息提示</title>
<link rel="stylesheet" type="text/css" href="css/help.css"/>
<script type="text/javascript">
window.onload=function(){
function addzero(num){
if(num>=10)
{ return ""+num;
}
else
{return "0"+num;
}
}
function times(){
var date=new Date();
var aTime=document.getElementById('aTime');
var str= addzero(date.getHours())+":"+ addzero(date.getMinutes())+":"+ addzero(date.getSeconds());
aTime.innerHTML=str;
}
setInterval(times,1000);
times();
}
</script>
</head>
<body>
<div id="tab">
<h1 id="aTime"></h1>
</div>
<h1>您还没有登陆,请先去登陆</h1>
<h1><a href="login.jsp">登陆</a></h1>
</body>
</html>
5、web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>web_test</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>demo.web.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<servlet>
<description></description>
<display-name>uploadservlet</display-name>
<servlet-name>uploadservlet</servlet-name>
<servlet-class>com.sunlizhen.upload.uploadservlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>uploadservlet</servlet-name>
<url-pattern>/uploadservlet</url-pattern>
</servlet-mapping>
</web-app>
6、servlet编写
uploadservlet.jsp
package com.sunlizhen.upload;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;
public class uploadservlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
//得到上传文件的保存目录,将上传的文件存放于WEB-INF目录下,不允许外界直接访问,保证上传文件的安全
String savePath = "E://上传//";
/* String savePath = this.getServletContext().getRealPath("/WEB-INF/upload");*/
/*String savePath = this.getServletContext().getContextPath();*/
File file = new File(savePath);
//判断上传文件的保存目录是否存在
if (!file.exists() && !file.isDirectory()) {
System.out.println(savePath+"目录不存在,需要创建");
//创建目录
file.mkdir();
}
//消息提示
String message = "";
try{
//使用Apache文件上传组件处理文件上传步骤:
//1、创建一个DiskFileItemFactory工厂
DiskFileItemFactory factory = new DiskFileItemFactory();
//2、创建一个文件上传解析器
ServletFileUpload upload = new ServletFileUpload(factory);
//解决上传文件名的中文乱码
upload.setHeaderEncoding("UTF-8");
//3、判断提交上来的数据是否是上传表单的数据
if(!ServletFileUpload.isMultipartContent(request)){
//按照传统方式获取数据
return;
}
//4、使用ServletFileUpload解析器解析上传数据,解析结果返回的是一个List<FileItem>集合,每一个FileItem对应一个Form表单的输入项
List<FileItem> list = upload.parseRequest(request);
for(FileItem item : list){
//如果fileitem中封装的是普通输入项的数据
if(item.isFormField()){
String name = item.getFieldName();
//解决普通输入项的数据的中文乱码问题
String value = item.getString("UTF-8");
//value = new String(value.getBytes("iso8859-1"),"UTF-8");
System.out.println(name + "=" + value);
}else{//如果fileitem中封装的是上传文件
//得到上传的文件名称,
String filename = item.getName();
System.out.println(filename);
if(filename==null || filename.trim().equals("")){
continue;
}
//注意:不同的浏览器提交的文件名是不一样的,有些浏览器提交上来的文件名是带有路径的,如: c:\a\b\1.txt,而有些只是单纯的文件名,如:1.txt
//处理获取到的上传文件的文件名的路径部分,只保留文件名部分
filename = filename.substring(filename.lastIndexOf("\\")+1);
//获取item中的上传文件的输入流
InputStream in = item.getInputStream();
//创建一个文件输出流
FileOutputStream out = new FileOutputStream(savePath + "\\" + filename);
//创建一个缓冲区
byte buffer[] = new byte[1024];
//判断输入流中的数据是否已经读完的标识
int len = 0;
//循环将输入流读入到缓冲区当中,(len=in.read(buffer))>0就表示in里面还有数据
while((len=in.read(buffer))>0){
//使用FileOutputStream输出流将缓冲区的数据写入到指定的目录(savePath + "\\" + filename)当中
out.write(buffer, 0, len);
}
//关闭输入流
in.close();
//关闭输出流
out.close();
//删除处理文件上传时生成的临时文件
item.delete();
message = "文件上传成功!";
}
}
}catch (Exception e) {
message= "文件上传失败!";
e.printStackTrace();
}
request.setAttribute("msg",message);
request.getRequestDispatcher("/message.jsp").forward(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}
LoginServlet.jsp
package demo.web.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginServlet extends HttpServlet {
static final String driverClassName = "com.mysql.jdbc.Driver";
static final String url = "jdbc:mysql://localhost:3306/test?characterEncoding=utf-8";
static final String mysqlUsername = "root";
static final String mysqlPassword = "slzslz";
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=utf-8");
Connection conn = null;
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
Class.forName(driverClassName);
conn = DriverManager.getConnection(url, mysqlUsername, mysqlPassword);
String username = request.getParameter("username");
String password = request.getParameter("password");
String sql = "SELECT * FROM sign WHERE username=? and password=?";
pstmt = conn.prepareStatement(sql);
pstmt.setString(1, username);
pstmt.setString(2, password);
rs = pstmt.executeQuery();
System.out.println(username +", " + password);
if(rs.next()) {
request.setAttribute("username", rs.getString("username"));
request.getSession().setAttribute("user_name", username);
/*System.out.println(rs.getString("username"));*/
request.setAttribute("msg", "成功登陆!");
request.getRequestDispatcher("/message.jsp").forward(request, response);
} else {
request.setAttribute("msg", "用户名或密码不正确!");
request.getRequestDispatcher("/login.jsp").forward(request,
response);
}
} catch(Exception e) {
throw new RuntimeException(e);
} finally {
try {
if(conn != null) conn.close();
if(pstmt != null) pstmt.close();
if(conn != null) conn.close();
} catch(Exception e) {
throw new RuntimeException(e);
}
}
}
}