1.로그인 페이지
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 | <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE > <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> <script src="http://code.jquery.com/jquery-3.1.0.js"> </script> <script> $(document).ready(function() { alert("오잉"); $("#btnLogin").click(function() { var userid = $("#userid").val(); var passwd = $("#passwd").val(); if (userid == "") { alert("아이디를 입력해주세요"); $("#userid").focus(); return; } //$반복 var exp = /[a-z0-9]$/; //영문자와 숫자 //정규표현식. test(입력값) 규칙에 맞으면 true if(!exp.test(userid)){ alert("영문자와 숫자만 입력가능합니다."); $("#userid").focus(); return; } if (passwd == "") { alert("비밀번호를 입력해주세요"); $("#passwd").focus(); return; } //비동기 ajax 방식으로 데이터 주고 받기 방버버 var data = "userid=" + userid + "&passwd=" + passwd; alert(userid+passwd); $.ajax({ type : "post", data : data, url : "/web02/member_servlet/login.do", success : function(value) { $("#result").html(value); } }); /* document.form1.action="" document.from1.submit(); */ }); }); </script> </head> <body> <table border="1"> <tr> <td>아이디</td> <td><input type="text" id="userid"></td> </tr> <tr> <td>비밀번호</td> <td><input type="password" id="passwd"></td> </tr> <tr> <td colspan="2" align="center"><input type="button" value="로그인" id="btnLogin"></td> </tr> </table> <div id="result">로그인 결과 출력 영역</div> </body> </html> | cs |
2.컨트롤러
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 | package member; import java.io.IOException; import javax.servlet.RequestDispatcher; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @WebServlet("/member_servlet/*") public class MemberController extends HttpServlet { private static final long serialVersionUID = 1L; protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { System.out.println("멤버서블릿 호출"); String path = request.getContextPath(); String url = request.getRequestURI().toString(); MemberDAO dao = new MemberDAO(); // url 분석 // 로그인 이면 if (url.indexOf("login.do") != -1) { String userid = request.getParameter("userid"); String passwd = request.getParameter("passwd"); String name = dao.loginCheck(userid, passwd); String message = ""; if (name == null) { // 로그인 실패 message = "아이디 또는 비밀번호가 일치하지 않습니다."; } else { // 로그인 성공 message = name + "님 환영합니다."; } // 데이터 저장 request.setAttribute("message", message); // 포워딩 String page = "/member/login_result.jsp"; RequestDispatcher rd = request.getRequestDispatcher(page); rd.forward(request, response); } } protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } } | cs |
3.다오
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 | package member; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import config.DB; public class MemberDAO { public String loginCheck(String userid, String passwd) { String name = null; Connection conn = null; // db접속 PreparedStatement pstmt = null; // sql 실행 ResultSet rs = null; // select 결과 처리 try { conn = DB.dbConn(); // db접속 성공 String sql = "select name from member where userid=? and passwd=password(?)"; pstmt = conn.prepareStatement(sql); pstmt.setString(1, userid); pstmt.setString(2, passwd); rs = pstmt.executeQuery(); // rs에 실행결과 리턴 if (rs.next()) { // 레코드가 존재하면 name = rs.getString("name"); // 이름 저장 } } catch (Exception e) { e.printStackTrace(); } finally { try { if (pstmt != null) { pstmt.close(); } } catch (Exception e2) { e2.printStackTrace(); } try { if (conn != null) { conn.close(); } } catch (Exception e2) { e2.printStackTrace(); } } return name; } } | cs |
4.결과 페이지 AJAX
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE > <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> ${message} </body> </html> | cs |
5.DTO
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 | package member; public class MemberDTO { private String userid; private String passwd; private String name; private String email; private String hp; private String zipcode; private String address1; private String address2; private String join_date; public MemberDTO() { // TODO Auto-generated constructor stub } public MemberDTO(String userid, String passwd, String name, String email, String hp, String zipcode, String address1, String address2) { super(); this.userid = userid; this.passwd = passwd; this.name = name; this.email = email; this.hp = hp; this.zipcode = zipcode; this.address1 = address1; this.address2 = address2; } public String getUserid() { return userid; } public void setUserid(String userid) { this.userid = userid; } public String getPasswd() { return passwd; } public void setPasswd(String passwd) { this.passwd = passwd; } public String getName() { return name; } public void setName(String name) { this.name = name; } public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } public String getHp() { return hp; } public void setHp(String hp) { this.hp = hp; } public String getZipcode() { return zipcode; } public void setZipcode(String zipcode) { this.zipcode = zipcode; } public String getAddress1() { return address1; } public void setAddress1(String address1) { this.address1 = address1; } public String getAddress2() { return address2; } public void setAddress2(String address2) { this.address2 = address2; } public String getJoin_date() { return join_date; } public void setJoin_date(String join_date) { this.join_date = join_date; } @Override public String toString() { return "MemberDTO [userid=" + userid + ", passwd=" + passwd + ", name=" + name + ", email=" + email + ", hp=" + hp + ", zipcode=" + zipcode + ", address1=" + address1 + ", address2=" + address2 + ", join_date=" + join_date + "]"; } } | cs |
6테이블 생성 및 삽입
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 | -- 회원가입과 로그인 create table member( userid varchar(20) not null primary key, passwd varchar(100) not null, name varchar(50) not null, email varchar(50), hp varchar(50), zipcode varchar(20), address1 varchar(200), address2 varchar(200), join_date datetime default now() ); -- 회원추가 쿼리 insert into member (userid,passwd,name) values('kim1',password('1234'),'강영균'); -- 암호화 -- password('값') 암호화 되어 저장됨 --복호화 -- sql injection attack userid 에 ' or 1=1#을 입력 -- 선택 select * from member; -- 삭제 delete from member; --로그인 select * from member where userid='kim' and passwd=password('1234'); | cs |