jsp+servlet+javaBean实现MVC

package com.wang.bean; import java.sql.*; import com.wang.bean.*; import java.util.*; /* 数据库业务Bean */ public class DataBean { private Connection conn = null; private ResultSet res = null; private java.sql.PreparedStatement prepar = null; private java.sql.CallableStatement proc = null; public static int PAGECOUNT; //查询后返回的总页数 因为java的函数不能传引用所以需要用静态变量来获得 public DataBean() { try { Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver"); conn = DriverManager.getConnection( "jdbc:microsoft:sqlserver://127.0.0.1:1433;databasename=MyData", "sa", "123"); } catch (SQLException ex) { System.out.println(ex.getMessage() + "1路径错误"); } catch (ClassNotFoundException ex) { System.out.println(ex.getMessage() + "驱动错误"); } } public UserBean checkUsersLogin(String userName, String userPwd) //登陆验证 { UserBean ub = null; if (!checkParameter(userName + userPwd)) { userName = "null"; userPwd = "null"; } try { String sql = "select count(*) from admin where userName=? and userPwd=?"; prepar = conn.prepareStatement(sql); prepar.setString(1, userName); prepar.setString(2, userPwd); res = prepar.executeQuery(); if (res.next()) { if (res.getInt(1) > 0) { ub = this.getUser(userName); } else { ub = null; } } } catch (Exception e) { ub = null; e.printStackTrace(); } return ub; } public UserBean getUser(String userName) //提取登陆用户信息 { UserBean ub = new UserBean(); String sql = "select * from admin where userName=?"; try { prepar = conn.prepareStatement(sql); prepar.setString(1, userName); res = prepar.executeQuery(); while (res.next()) { ub.setUserName(res.getString("userName")); ub.setUserPwd(res.getString("userPwd")); ub.setUserId(res.getLong("userId")); } } catch (SQLException ex) { ex.printStackTrace(); } return ub; } public boolean checkParameter(String para) //过滤非法字符 { int flag = 0; flag += para.indexOf("'") + 1; flag += para.indexOf(";") + 1; flag += para.indexOf("1=1") + 1; flag += para.indexOf("|") + 1; flag += para.indexOf("<") + 1; flag += para.indexOf(">") + 1; if (flag != 0) { System.out.println("提交了非法字符!!!"); return false; } return true; } public ArrayList selectCDBean(String selectValue, int page, int count) //查询分页 { ArrayList list = new ArrayList(); if (!checkParameter(selectValue)) { selectValue = ""; } try { proc = conn.prepareCall("{call proc_page(?,?,?,?)}"); proc.setInt(1, page); proc.setInt(2, count); proc.setString(3, selectValue); proc.registerOutParameter(4, Types.INTEGER); //OUTPUT参数 返回结构共多少页 res = proc.executeQuery(); //接收存储过程的结果集 while (res.next()) //提取结果集的每条记录 { CDBean cb = new CDBean(); cb.setCdAlbum(res.getString("CDalbum")); cb.setCdCompany(res.getString("CDcompany")); cb.setCdName(res.getString("CDname")); cb.setCdId(res.getLong("CDid")); cb.setCdType(getCDType(res.getInt("CDtypeId"))); list.add(cb); } PAGECOUNT = proc.getInt(4); } catch (SQLException ex) { ex.printStackTrace(); } return list; } public String getCDType(int cdtypeId) { try { java.sql.PreparedStatement prepar1 = conn.prepareStatement( "select display from CDtype where CDtypeId=?"); prepar1.setLong(1, cdtypeId); ResultSet res1 = prepar1.executeQuery(); res1.next(); return res1.getString("display"); } catch (SQLException ex) { return null; } } public boolean setCDBean(CDBean cb) { if (!checkParameter(cb.getCdName() + cb.getCdCompany() + cb.getCdAlbum() + cb.getCdType())) { return false; } boolean flag = false; String sql = "update CDinfo set CDname=?,CDcompany=?,CDalbum=?,CDtypeId=? where CDid=?"; try { prepar = conn.prepareStatement(sql); prepar.setString(1, cb.getCdName()); prepar.setString(2, cb.getCdCompany()); prepar.setString(3, cb.getCdAlbum()); prepar.setInt(4, Integer.parseInt(cb.getCdType())); prepar.setLong(5, cb.getCdId()); int result = prepar.executeUpdate(); if (result > 0) { flag = true; } else { flag = false; } } catch (Exception ex) { flag = false; ex.printStackTrace(); } return flag; } public CDBean getCDBean(long id) { CDBean cb = new CDBean(); String sql = "select * from CDinfo where CDid=?"; try { prepar = conn.prepareStatement(sql); prepar.setLong(1, id); res = prepar.executeQuery(); while (res.next()) { cb.setCdAlbum(res.getString("CDalbum")); cb.setCdCompany(res.getString("CDcompany")); cb.setCdName(res.getString("CDname")); cb.setCdId(res.getLong("CDid")); cb.setCdType(getCDType(res.getInt("CDtypeId"))); } } catch (SQLException ex) { ex.printStackTrace(); } return cb; } public boolean deleteCDBean(long id) { boolean flag = false; String sql = "delete from CDinfo where CDid=?"; try { prepar = conn.prepareStatement(sql); prepar.setLong(1, id); int result = prepar.executeUpdate(); if (result > 0) { flag = true; } else { flag = false; } } catch (Exception ex) { flag = false; ex.printStackTrace(); } return flag; } public boolean addCDBean(CDBean cb) { boolean flag = false; if (!checkParameter(cb.getCdName() + cb.getCdCompany() + cb.getCdAlbum() + cb.getCdType())) { return false; } String sql = "insert into CDinfo values(?,?,?,?)"; try { this.prepar = conn.prepareStatement(sql); prepar.setString(1, cb.getCdName()); prepar.setString(2, cb.getCdCompany()); prepar.setString(3, cb.getCdAlbum()); prepar.setInt(4, Integer.parseInt(cb.getCdType())); int resul