Siryuanshao 6 years ago
parent 94a6c7773c
commit b0a2671443

@ -1,20 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
// 这个页面的作用是把清单加入永久的购物车中, 以及由购物车变成以及购买的状态
@WebServlet(name = "Servlet")
public class AddCart extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
}

@ -1,20 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
// 这个界面的作用是对于该用户的地址进行管理
@WebServlet(name = "Address")
public class Address extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
}

@ -1,12 +0,0 @@
package WeChat;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
public class Authentication {
// 用cookie验证用户身份
public static boolean islegal(HttpServletRequest request){
return true;
}
}

@ -1,45 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
// 首先明确我们这个目的是目标页面的分类功能,根据用户所需要返回所有该类别的图书
@WebServlet(name = "BookInfo", urlPatterns = {"/BookInfo.do"}, loadOnStartup = 2)
public class BookInfo extends HttpServlet {
protected void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
if (Authentication.islegal(request)) {
String bookid = request.getParameter("bookid");
String fuzzy = request.getParameter("fuzzy");
String bookname = request.getParameter("bookname");
boolean isfuzzy = false;
if(fuzzy != null && fuzzy.equals("true") && bookname != null) isfuzzy = true;
// 防止sql注入
if (isfuzzy || (bookid != null && sqlfilter.islegal(bookid))) {
String sql = "";
if(!isfuzzy) sql = "select * from Book where BookId = " + bookid;
else sql = "select * from Book where BookName like '"+bookname+"%'";
System.err.println(sql);
HashMap<String,String> names = new HashMap<>();
names.put("BookID","BookId");
names.put("BookName","BookName");
names.put("Author","Author");
names.put("Price","Price");
names.put("Introduce","Introduce");
names.put("Type","Type");
GetJson.Getinfo(request,response,sql,names);
}
}
}
protected void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
}

@ -1,20 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
// 这个就是表示用户下单
@WebServlet(name = "Buy")
public class Buy extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
}

@ -1,39 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
// 检查该用户的订单
@WebServlet(name = "CheckOrders", urlPatterns = {"/CheckOrders.do"}, loadOnStartup = 2)
public class CheckOrders extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if(Authentication.islegal(request)){
String UserID = request.getParameter("UserID");
String Statuetype = request.getParameter("status");
// 防止sql注入
if(UserID != null && sqlfilter.islegal(UserID)) {
String sql = "select MessageID,Book.BookID,UserName,BookName,'tel-phone',Address from User join Ordered on User.UserID = Ordered.UserID join Address on " +
"Address.UserId = Ordered.UserID and Address.MessageID = Ordered.MessageID join Book on Ordered.BookID = Book.BookID where User.UserID = " +
UserID;
if(Statuetype !=null && sqlfilter.isright(Statuetype)) sql += " and Status like '" + Statuetype + "%'";
HashMap<String,String> names = new HashMap<>();
names.put("UserName","UserName");
names.put("BookName","BookName");
names.put("tel-phone","tel-phone");
names.put("Address","Address");
names.put("BookID","BookID");
names.put("MessageID","MessageID");
GetJson.Getinfo(request,response,sql,names);
}
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}

@ -1,40 +0,0 @@
package WeChat;
import org.json.simple.JSONArray;
import org.json.simple.JSONObject;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.HashMap;
// 首先明确我们这个目的是目标页面的分类功能,根据用户所需要返回所有该类别的图书
@WebServlet(name = "Classify", urlPatterns = {"/Classify.do"}, loadOnStartup = 2)
public class Classify extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if(Authentication.islegal(request)){
String booktype = request.getParameter("booktype");
// 防止sql注入
if(booktype != null && sqlfilter.islegal(booktype)) {
String sql = "select * from Book where Type = " + booktype;
HashMap<String,String> names = new HashMap<>();
names.put("BookID","BookId");
names.put("BookName","BookName");
names.put("Author","Author");
names.put("Price","Price");
GetJson.Getinfo(request,response,sql,names);
}
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request,response);
}
}

@ -1,22 +0,0 @@
package WeChat;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.rmi.ServerException;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.Map;
public class ExecuteUpd {
public static void Execute(HttpServletRequest request, String QueryString){
ServletContext context = request.getServletContext();
Statement state = (Statement)context.getAttribute("state");
try{
state.execute(QueryString);
}catch (Exception e){
e.printStackTrace();
}
}
}

@ -1,29 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
// 得到首页信息
@WebServlet(name = "GetFrontInfo", urlPatterns = {"/GetFrontInfo.do"}, loadOnStartup = 2)
public class GetFrontInfo extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// 其实我们只要返回BookID对应的名称就可以了
// 然后根据书本名字就可以在对应的目录
if(Authentication.islegal(request)){
String sql = "select Display.BookID,BookName from Book join Display on Display.BookID=Book.BookID";
HashMap<String,String> names = new HashMap<>();
names.put("BookID","BookId");
names.put("BookName","BookName");
GetJson.Getinfo(request,response,sql,names);
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}

@ -1,38 +0,0 @@
package WeChat;
import org.json.simple.JSONObject;
import org.json.simple.JSONArray;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.rmi.ServerException;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.Map;
public class GetJson {
public static void Getinfo(HttpServletRequest request, HttpServletResponse response, String QueryString, Map<String,String> names) throws ServerException, IOException {
response.setHeader("Content - Encoding","utf-8");
response.setContentType("text/json; charset=utf-8");
ServletContext context = request.getServletContext();
PrintWriter out = response.getWriter();
Statement state = (Statement)context.getAttribute("state");
JSONArray jsonArray = new JSONArray();
try{
ResultSet rs=state.executeQuery(QueryString);
while(rs.next()){
JSONObject jsonObject = new JSONObject();
for (Map.Entry<String, String> entry : names.entrySet()) {
jsonObject.put(entry.getKey(), rs.getString(entry.getValue()));
}
//对于图片的话我们直接返回对应的图书封面的url就可以了
jsonArray.add(jsonObject);
}
}catch (Exception e){
e.printStackTrace();
}
out.println(jsonArray);
}
}

@ -1,72 +0,0 @@
package WeChat;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.sql.Statement;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
// 连接数据库的我们是服务开始的时候
@WebServlet(name = "LoginDatabase", urlPatterns = {"/Startup.do"}, loadOnStartup = 1)
public class LoginDatabase extends HttpServlet {
private String mysql, url, user, passwd;
private Connection conn;
private Statement state;
private void initDataBase() throws ClassNotFoundException, SQLException {
Class.forName(mysql);
conn = DriverManager.getConnection(url,user,passwd);
state = conn.createStatement();
}
private void closeDataBase(){
if(state != null) {
try{
state.close();
}catch (Exception e) {
e.printStackTrace();
}
}
if(conn != null) {
try{
conn.close();
}catch (Exception e) {
e.printStackTrace();
}
}
}
public void init(ServletConfig config) throws ServletException{
super.init(config);
ServletContext context=getServletContext();
mysql = context.getInitParameter("mysql");
url = context.getInitParameter("url");
user = context.getInitParameter("user");
passwd = context.getInitParameter("passwd");
try{
initDataBase();
}catch (Exception e){
e.printStackTrace();
}
context.setAttribute("conn",conn);
context.setAttribute("state",state);
}
public void destroy(){
closeDataBase();
super.destroy();
}
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
response.sendRedirect("/index.html");
}
public void doPost(HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}

@ -1,35 +0,0 @@
package WeChat;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.lang.module.ModuleFinder;
import java.util.HashMap;
@WebServlet(name = "ModifyStatus", urlPatterns = {"/ModifyStatus"}, loadOnStartup = 2)
public class ModifyStatus extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
if(Authentication.islegal(request)){
String UserID = request.getParameter("UserID");
String BookID = request.getParameter("BookID");
String MessageID = request.getParameter("MessageID");
String Modify = request.getParameter("NewStatus");
// 防止sql注入
// 反正我觉得大概是没人用了,就无所谓吧?
if(UserID != null && sqlfilter.islegal(UserID) && MessageID !=null
&& sqlfilter.islegal(BookID) && MessageID != null && sqlfilter.islegal(MessageID)) {
Modify = sqlfilter.filter(Modify);
String sql = "update Ordered set Status="+ Modify + " where UserID='" +
UserID + "' and BookID='" + BookID +"' and MessageID='" + MessageID+"'";
ExecuteUpd.Execute(request,sql);
}
}
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
}

@ -1,5 +0,0 @@
package WeChat;
public class PersonInfo {
//反正对应返回你们所需要的信息
}

@ -1,27 +0,0 @@
package WeChat;
// 过滤掉奇奇怪怪的英文字符
public class sqlfilter {
private static String danger="`~!@#$^&*()=|{}';'\\[].<>/?~@#¥……&*——|{}";
public static boolean islegal(String text) {
int length = text.length();
if(length>5) return false;
for(int i=0; i<length; i++){
char digit = text.charAt(i);
if(!(digit>='0'&&digit<='9')) return false;
}
return true;
}
public static boolean isright(String Status){
if(Status.equals("待付款")||Status.equals("待收货")||Status.equals("待发货")||Status.equals("待评价")) return true;
else return false;
}
public static String filter(String sqlQue) {
StringBuffer ret = new StringBuffer();
for (int i = 0; i < sqlQue.length(); i++) {
char sign = sqlQue.charAt(i);
if (danger.indexOf(sign) == -1) ret.append(sign);
}
return ret.toString();
}
}
Loading…
Cancel
Save