AJAX版CD管理系统

////////////////////////////////////////////////////GTON原创作品-CD管理系统////////////////////////////////////////////////////////////// ////////////所用技术:jsp2.0+servlet2.4+jstl1.1+ajax+DOM+proxool+sqlserver2000+tomcat5.5+jbuilder2006///////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////QQ:27612285////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////Mail:punkwang@126.com//////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////WEB:www.98202.com www.630cn.com////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////求高薪工作一个有意者联系本人///////////////////////////////////////////////////////// ////////////////////////////////////////////////////Phone:010-81110277(王先生)/////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// package com.wang.bean; import java.sql.*; import com.wang.bean.*; import java.util.*; /* 数据库业务Bean */ public class DataBean { private Connection conn = null; private ResultSet res = null; private java.sql.PreparedStatement prepar = null; private java.sql.CallableStatement proc = null; public static int PAGECOUNT; //查询后返回的总页数 因为java的函数不能传引用所以需要用静态变量来获得 public DataBean() { try { conn = DriverManager.getConnection( "proxool.MyData"); System.out.println("连接成功"); } catch (SQLException ex) { System.out.println(ex.getMessage() + "1路径错误"); } } public UserBean checkUsersLogin(String userName, String userPwd) //登陆验证 { UserBean ub = null; if (!checkParameter(userName + userPwd)) { userName = "null"; userPwd = "null"; } try { String sql = "select count(*) from admin where userName=? and userPwd=?"; prepar = conn.prepareStatement(sql); prepar.setString(1, userName); prepar.setString(2, userPwd); res = prepar.executeQuery(); if (res.next()) { if (res.getInt(1) > 0) { ub = this.getUser(userName); } else { ub = null; } } } catch (Exception e) { ub = null; e.printStackTrace(); } return ub; } public UserBean getUser(String userName) //提取登陆用户信息 { UserBean ub = new UserBean(); String sql = "select * from admin where userName=?"; try { prepar = conn.prepareStatement(sql); prepar.setString(1, userName); res = prepar.executeQuery(); while (res.next()) { ub.setUserName(res.getString("userName")); ub.setUserPwd(res.getString("userPwd")); ub.setUserId(res.getLong("userId")); } } catch (SQLException ex) { ex.printStackTrace(); } return ub; } public boolean checkParameter(String para) //过滤非法字符 { int flag = 0; flag += para.indexOf("'") + 1; flag += para.indexOf(";") + 1; flag += para.indexOf("1=1") + 1; flag += para.indexOf("|") + 1; flag += para.indexOf("<") + 1; flag += para.indexOf(">") + 1; if (flag != 0) { System.out.println("提交了非法字符!!!"); return false; } return true; } public ArrayList selectCDBean(String selectValue, int page, int count) //查询分页 { ArrayList list = new ArrayList(); if (!checkParameter(selectValue)) { selectValue = ""; } try { proc = conn.prepareCall("{call proc_page(?,?,?,?)}"); proc.setInt(1, page); proc.setInt(2, count); proc.setString(3, selectValue); proc.registerOutParameter(4, Types.INTEGER); //OUTPUT参数 返回结构共多少页 res = proc.executeQuery(); //接收存储过程的结果集 while (res.next()) //提取结果集的每条记录 { CDBean cb = new CDBean(); cb.setCdAlbum(res.getString("CDalbum")); cb.setCdCompany(res.getString("CDcompany")); cb.setCdName(res.getString("CDname")); cb.setCdId(res.getLong("CDid")); cb.setCdType(getCDType(res.getInt("CDtypeId"))); list.add(cb); } PAGECOUNT = proc.getInt(4); } catch (SQLException ex) { ex.printStackTrace(); } return list; } public String getCDType(int cdtypeId) { try { java.sql.PreparedStatement prepar1 = conn.prepareStatement( "select display from CDtype where CDtypeId=?"); prepar1.setLong(1, cdtypeId); ResultSet res1 = prepar1.executeQuery(); res1.next(); return res1.getString("display"); } catch (SQLException ex) { return null; } } public boolean setCDBean(CDBean cb) { if (!checkParameter(cb.getCdName() + cb.getCdCompany() + cb.getCdAlbum() + cb.getCdType())) { return false; } boolean flag = false; String sql = "update CDinfo set CDname=?,CDcompany=?,CDalbum=?,CDtypeId=? where CDid=?"; try { prepar = conn.prepareStatement(sql); prepar.setString(1, cb.getCdName()); prepar.setString(2, cb.getCdCompany()); prepar.setString(3, cb.getCdAlbum()); prepar.setInt(4, Integer.parseInt(cb.getCdType())); prepar.setLong(5, cb.getCdId()); int result = prepar.executeUpdate(); if (result > 0) { flag = true; } else { flag = false; } } catch (Exception ex) { flag = false; ex.printStackTrace(); } return flag; } public CDBean getCDBean(long id) { CDBean cb = new CDBean(); String sql = "select * from CDinfo where CDid=?"; try { prepar = conn.prepareStatement(sql); prepar.setLong(1, id); res = prepar.executeQuery(); while (res.next()) { cb.setCdAlbum(res.getString("CDalbum")); cb.setCdCompany(res.getString("CDcompany")); cb.setCdName(res.getString("CDname")); cb.setCdId(res.getLong("CDid")); cb.setCdType(getCDType(res.getInt("CDtypeId"))); } } catch (SQLException ex) { ex.printStackTrace();