JSP - 로그인 & AJAX 비동기 방식으로 처리&암호화&정규표현식

by 조쉬 posted Mar 28, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

1.로그인 페이지 

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE  >
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
 
<script src="http://code.jquery.com/jquery-3.1.0.js">
    
</script>
 
 
<script>
    $(document).ready(function() {
 
        
        alert("오잉");
        
        $("#btnLogin").click(function() {
 
            var userid = $("#userid").val();
            var passwd = $("#passwd").val();
 
            if (userid == "") {
 
                alert("아이디를 입력해주세요");
                $("#userid").focus();
                return;
            }
 
//$반복 var exp = /[a-z0-9]$/; //영문자와 숫자 //정규표현식. test(입력값) 규칙에 맞으면 true if(!exp.test(userid)){ alert("영문자와 숫자만 입력가능합니다."); $("#userid").focus(); return; }
 
            if (passwd == "") {
 
                alert("비밀번호를 입력해주세요");
 
                $("#passwd").focus();
                return;
            }
 
            //비동기 ajax 방식으로 데이터 주고 받기 방버버
 
            var data = "userid=" + userid + "&passwd=" + passwd;
 
            alert(userid+passwd);
            
            $.ajax({
                
                type : "post",
                data : data,
                url : "/web02/member_servlet/login.do",
                success : function(value) {
 
                    $("#result").html(value);
 
                }
 
            });
 
            /*             
             document.form1.action=""
             document.from1.submit();
             */
        });
 
    });
</script>
 
 
</head>
<body>
 
 
    <table border="1">
 
 
 
        <tr>
            <td>아이디</td>
            <td><input type="text" id="userid"></td>
        </tr>
 
        <tr>
            <td>비밀번호</td>
            <td><input type="password" id="passwd"></td>
        </tr>
 
 
 
        <tr>
            <td colspan="2" align="center"><input type="button" value="로그인"
                id="btnLogin"></td>
        </tr>
 
 
 
 
    </table>
    <div id="result">로그인 결과 출력 영역</div>
 
 
 
</body>
</html>
cs

 

 

 

2.컨트롤러

 

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
package member;
 
import java.io.IOException;
 
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
@WebServlet("/member_servlet/*")
public class MemberController extends HttpServlet {
    private static final long serialVersionUID = 1L;
 
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        System.out.println("멤버서블릿 호출");
        String path = request.getContextPath();
        String url = request.getRequestURI().toString();
 
        MemberDAO dao = new MemberDAO();
 
        // url 분석
        // 로그인 이면
        if (url.indexOf("login.do"!= -1) {
 
            String userid = request.getParameter("userid");
            String passwd = request.getParameter("passwd");
            String name = dao.loginCheck(userid, passwd);
            String message = "";
 
            if (name == null) { // 로그인 실패
 
                message = "아이디 또는 비밀번호가 일치하지 않습니다.";
            } else { // 로그인 성공
 
                message = name + "님 환영합니다.";
            }
            // 데이터 저장
            request.setAttribute("message", message);
            // 포워딩
 
            String page = "/member/login_result.jsp";
 
            RequestDispatcher rd = request.getRequestDispatcher(page);
            rd.forward(request, response);
        }
 
    }
 
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
 
        doGet(request, response);
    }
 
}
 
cs
 

 

 

 

 

3.다오

 

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package member;
 
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
 
import config.DB;
 
public class MemberDAO {
 
    public String loginCheck(String userid, String passwd) {
 
        String name = null;
        Connection conn = null// db접속
        PreparedStatement pstmt = null// sql 실행
        ResultSet rs = null// select 결과 처리
 
        try {
 
            conn = DB.dbConn(); // db접속 성공
 
            String sql = "select name from member where userid=? and passwd=password(?)";
 
            pstmt = conn.prepareStatement(sql);
            pstmt.setString(1, userid);
            pstmt.setString(2, passwd);
            rs = pstmt.executeQuery(); // rs에 실행결과 리턴
 
            if (rs.next()) { // 레코드가 존재하면
 
                name = rs.getString("name"); // 이름 저장
            }
 
        } catch (Exception e) {
 
            e.printStackTrace();
        } finally {
 
            try {
                if (pstmt != null) {
                    pstmt.close();
                }
 
            } catch (Exception e2) {
                e2.printStackTrace();
            }
 
            try {
                if (conn != null) {
                    conn.close();
                }
 
            } catch (Exception e2) {
                e2.printStackTrace();
            }
 
        }
 
        return name;
 
    }
 
}
 
cs

 

 

4.결과 페이지  AJAX

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE  >
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
 
${message}
 
</body>
</html>
cs

 

 

 

5.DTO

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
package member;
 
public class MemberDTO {
 
    private String userid;
    private String passwd;
    private String name;
    private String email;
    private String hp;
    private String zipcode;
    private String address1;
    private String address2;
    private String join_date;
 
    public MemberDTO() {
        // TODO Auto-generated constructor stub
    }
 
 
 
    public MemberDTO(String userid, String passwd, String name, String email, String hp, String zipcode,
            String address1, String address2) {
        super();
        this.userid = userid;
        this.passwd = passwd;
        this.name = name;
        this.email = email;
        this.hp = hp;
        this.zipcode = zipcode;
        this.address1 = address1;
        this.address2 = address2;
    }
 
 
 
    public String getUserid() {
        return userid;
    }
 
    public void setUserid(String userid) {
        this.userid = userid;
    }
 
    public String getPasswd() {
        return passwd;
    }
 
    public void setPasswd(String passwd) {
        this.passwd = passwd;
    }
 
    public String getName() {
        return name;
    }
 
    public void setName(String name) {
        this.name = name;
    }
 
    public String getEmail() {
        return email;
    }
 
    public void setEmail(String email) {
        this.email = email;
    }
 
    public String getHp() {
        return hp;
    }
 
    public void setHp(String hp) {
        this.hp = hp;
    }
 
    public String getZipcode() {
        return zipcode;
    }
 
    public void setZipcode(String zipcode) {
        this.zipcode = zipcode;
    }
 
    public String getAddress1() {
        return address1;
    }
 
    public void setAddress1(String address1) {
        this.address1 = address1;
    }
 
    public String getAddress2() {
        return address2;
    }
 
    public void setAddress2(String address2) {
        this.address2 = address2;
    }
 
    public String getJoin_date() {
        return join_date;
    }
 
    public void setJoin_date(String join_date) {
        this.join_date = join_date;
    }
 
    @Override
    public String toString() {
        return "MemberDTO [userid=" + userid + ", passwd=" + passwd + ", name=" + name + ", email=" + email + ", hp="
                + hp + ", zipcode=" + zipcode + ", address1=" + address1 + ", address2=" + address2 + ", join_date="
                + join_date + "]";
    }
 
}
 
cs

 

 

 

 

 

6테이블 생성 및 삽입

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
-- 회원가입과 로그인
 
create table member(
userid varchar(20not null primary key,
passwd varchar(100not null,
name varchar(50not null,
email varchar(50),
hp varchar(50),
zipcode varchar(20),
address1 varchar(200),
address2 varchar(200),
join_date datetime default now()
);
 
 
-- 회원추가 쿼리
 
insert into member (userid,passwd,name)
values('kim1',password('1234'),'강영균');
 
-- 암호화
-- password('값') 암호화 되어 저장됨
 
--복호화
 
-- sql injection attack
 userid 에  ' or 1=1#을 입력
 
 
-- 선택
select * from member;
 
 
-- 삭제
 
delete from member;
 
 
 
--로그인 
 
select * from member
where userid='kim'
and passwd=password('1234');
cs