login.html
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<h1> LOGIN </h1>
<form method="POST" action="ControllerServlet?action=loginUser">
<table>
<tr>
<td>Username</td>
<td><input type="text" name="txtUsername" style="width:150px" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="txtPassword" style="width:150px" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" value="Login" /></td>
</tr>
<tr><td> </td></tr>
<tr>
<td> </td>
<td><a href="ControllerServlet?action=formRegister">New user ?</a></td>
</tr>
</table>
</form>
</body>
</html>
Account.java
package myEntities;
public class Account {
private String username;
private String password;
public Account(String username, String password) {
this.username = username;
this.password = password;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}
ConfigDB.java
package myEntities;
import javax.servlet.ServletContext;
public class ConfigDB {
private String driverDB, urlDB, userDB, passDB;
public ConfigDB(ServletContext context) {
this.driverDB = context.getInitParameter("DriverDB").trim();
this.urlDB = context.getInitParameter("UrlDB").trim();
this.userDB = context.getInitParameter("UserDB").trim();
this.passDB = context.getInitParameter("PassDB").trim();
}
public String getDriverDB() {
return driverDB;
}
public void setDriverDB(String driverDB) {
this.driverDB = driverDB;
}
public String getPassDB() {
return passDB;
}
public void setPassDB(String passDB) {
this.passDB = passDB;
}
public String getUrlDB() {
return urlDB;
}
public void setUrlDB(String urlDB) {
this.urlDB = urlDB;
}
public String getUserDB() {
return userDB;
}
public void setUserDB(String userDB) {
this.userDB = userDB;
}
}
AccountDAO.java
package myDAOs;
import myEntities.*;
import java.sql.*;
public class AccountDAO {
private ConfigDB cfgDB;
public AccountDAO(ConfigDB cfgDB) {
this.cfgDB = cfgDB;
}
private Connection createConnection() throws Exception {
Class.forName(cfgDB.getDriverDB());
Connection con =
DriverManager.getConnection(cfgDB.getUrlDB(),cfgDB.getUserDB(),cfgDB.getPassDB());
return con;
}
public boolean isExistAccount(Account account) throws Exception {
String strQuery = "SELECT * FROM Account WHERE Username=? AND Password=?";
PreparedStatement pst = createConnection().prepareStatement(strQuery);
pst.setString(1, account.getUsername());
pst.setString(2, account.getPassword());
ResultSet rs = pst.executeQuery();
if (rs.next())
return true;
else
return false;
}
public boolean insertAccount(Account account) throws Exception {
String strQuery = "INSERT INTO Account VALUES(?,?)";
PreparedStatement pst = createConnection().prepareStatement(strQuery);
pst.setString(1, account.getUsername());
pst.setString(2, account.getPassword());
int rowsAffect = pst.executeUpdate();
if (rowsAffect > 0) return true;
else return false;
}
}
ControllerServlet.java
package myServlets;
import myEntities.*;
import myDAOs.*;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ControllerServlet extends HttpServlet {
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String action = request.getParameter("action");
if (action.equals("loginUser")) {
handleLoginUser(request, response);
} else if (action.equals("home")) {
response.sendRedirect("login.html");
} else if (action.equals("formRegister")) {
response.sendRedirect("register.html");
} else if (action.equals("registerUser")) {
handleRegisterUser(request, response);
} else if (action.equals("pagingPage")) {
String pageID = request.getParameter("pageID");
response.sendRedirect("book-list.jsp?pageID=" + pageID);
} else if (action.equals("formNewBook")) {
response.sendRedirect("book-new.html");
} else if (action.equals("newBook")) {
handleNewBook(request, response);
} else if (action.equals("deleteBook")) {
handleDeleteBook(request, response);
} else if (action.equals("formEditBook")) {
String strCode = request.getParameter("code");
response.sendRedirect("book-edit.jsp?code=" + strCode);
} else if (action.equals("editBook")) {
handleEditBook(request, response);
} else if (action.equals("logoutUser")) {
request.getSession(true).removeAttribute("username");
response.sendRedirect("ControllerServlet?action=home");
}
}
private void handleLoginUser(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String strUser = request.getParameter("txtUsername");
String strPass = request.getParameter("txtPassword");
Account acc = new Account(strUser, strPass);
ConfigDB cfgDB = new ConfigDB(this.getServletContext());
AccountDAO accDAO = new AccountDAO(cfgDB);
boolean result = false;
try {
if (accDAO.isExistAccount(acc)) {
request.getSession(true).setAttribute("username", strUser);
result = true;
}
} catch (Exception ex) { ex.printStackTrace(); }
if (result)
response.sendRedirect("book-list.jsp");
else
response.sendRedirect("login-fail.html");
}
private void handleRegisterUser(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String strUser = request.getParameter("txtUsername");
String strPass = request.getParameter("txtPassword");
Account acc = new Account(strUser, strPass);
ConfigDB cfgDB = new ConfigDB(this.getServletContext());
AccountDAO accDAO = new AccountDAO(cfgDB);
boolean result = false;
try {
if (accDAO.insertAccount(acc))
result = true;
} catch (Exception ex) { ex.printStackTrace(); }
if (result)
response.sendRedirect("ControllerServlet?action=home");
else
response.sendRedirect("register-fail.html");
}
private void handleNewBook(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String name = request.getParameter("txtBookName");
String author = request.getParameter("txtBookAuthor");
String price = request.getParameter("txtBookPrice");
Book b = new Book(0, name, author, Integer.parseInt(price));
ConfigDB cfgDB = new ConfigDB(this.getServletContext());
BookDAO bDAO = new BookDAO(cfgDB);
boolean result = false;
try {
if (bDAO.insertBook(b))
result = true;
} catch (Exception ex) { ex.printStackTrace(); }
if (result)
response.sendRedirect("book-list.jsp");
else
response.sendRedirect("book-fail.html");
}
private void handleDeleteBook(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String strCode = request.getParameter("code");
ConfigDB cfgDB = new ConfigDB(this.getServletContext());
BookDAO bDAO = new BookDAO(cfgDB);