数据库设计:
/*商品信息表*/
/*id:序号 */
/*pdm:代码*/
/*pname:商品名字*/
/*povider:品牌*/
/*info:商品信息*/
/*stock:数量*/
/*price:单价*/
CREATE TABLE pro_T (
id int IDENTITY (1, 1) NOT NULL ,
pdm varchar (50) NOT NULL ,
pname varchar (50) NULL ,
provider varchar (50) NULL ,
info varchar (50) NULL ,
stock int NULL ,
price float NULL
) ON PRIMARY
GO
/*用户表*/
/*username:用户名*/
/*password:密码*/
CREATE TABLE user_T (
username varchar (10) NOT NULL ,
password varchar (16) NOT NULL
) ON PRIMARY
GO
index.jsp--登陆页面
<%@ page contentType="text/html; charset=gb2312" language="java" errorPage="" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<script type="text/javascript"?>
function check()
{
if (form.Username.value==""){
alert("请输入用户名");
form.Username.focus();
return false;
}
}
</script>
<html>
<HEAD>
<title>用户登陆</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312"><style type="text/css">
<!--
body {
background-image: url(bg.gif);
}
-->
</style></HEAD>
<BODY>
<form name="form" action="check.jsp" method="get"><div align="center">
<div align="center">
<table width="174" border="0" cellspacing="0" cellpadding="0" height="24">
<tr>
<td><img src="userlogin.gif" border="0" width="173" height="24"></td>
</tr>
</table>
</div>
</div><div align="center"><div align="center">
</div><table width="173" height="121" border="0" cellpadding="0" cellspacing="0" bgcolor="D2E8FF" style="border-left: 1px solid rgb(0, 121, 206); border-right: 1px solid rgb(0, 121, 206); border-bottom: 1px solid rgb(0, 121, 206);">
<TBODY>
<tr>
<td height="20" align="center"><img src="username.gif"></td>
<td width="90" height=20>
<input id=username name=username size="14.3">
</TD>
</TR>
<tr>
<td height="15" align="center"><img src="userps.gif"></td>
<td width="80" height=20 align="center">
<input id=Password type=password name=password size="14.3">
</TD>
</TR>
<TR>
<TD colspan="2" align=center>
<INPUT type=submit value=登陆>
<INPUT type=reset value=重置>
</TD>
</TR>
</TBODY>
</TABLE>
</div>
</FORM>
</BODY>
</HTML>
check.jsp---登陆检测页面
<%@ page contentType="text/html; charset=GBK"%>
<%@ page language="java"%>
<%@ page import="javax.naming.*"%>
<%@ page import="javax.sql.DataSource"%>
<%@ page import="java.sql.*"%>
<html>
<head>
<title>认证码验证页面</title>
</head>
<body>
<%
String username=request.getParameter("username");
String password=request.getParameter("password");
%>
<%
boolean flag = false;
String sql = "select * from user_T where username='" + username
+ "'and password='" + password+ "'";
try {
Context initCtx = new InitialContext();
Context ctx = (Context) initCtx.lookup("java:comp/env");//获取连接池对象
DataSource ds = (DataSource) ctx.lookup("jdbc/sql2000");//创建连接
Connection conn = ds.getConnection();
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(sql);
out.print(sql);
if (rs.next()) {
flag = true;
}
if (flag) {
response.sendRedirect("listPro.jsp");
} else {
response.sendRedirect("1.jsp");
}
} catch (SQLException e) {
out.print("SQL异常!");
}
// 判断用户名及密码
%>
</body>
</html>
listPro.jsp---商品显示页面
<%@ page contentType="text/html;charset=gb2312"%>
<%@ page language="java"%>
<%@ page import="javax.naming.*"%>
<%@ page import="javax.sql.DataSource"%>
<%@ page import="java.sql.*"%>
<html>
<head>
<title>查看商品和管理商品</title>
</head>
<body>
<%@include file="includeTop.jsp"%>
<%
//表名
try {
Context initCtx = new InitialContext();
Context ctx = (Context) initCtx.lookup("java:comp/env");//获取连接池对象
DataSource ds = (DataSource) ctx.lookup("jdbc/sql2000");//创建连接
Connection conn = ds.getConnection();
Statement stmt = conn.createStatement();
//发送要执行的SQL语句
String sql = "select * from pro_T order by id";
ResultSet rs = stmt.executeQuery(sql);
out.print("<table border=1 bordercolorlight=#ffffff");
//out.print("<TD width=40>序号</TD>");
out.print("<TR><TD width=60>代码</TD>");
out.print("<TD width=80>商品名称</TD>");
out.print("<TD width=60>品牌</TD>");
out.print("<TD width=150>产品简介</TD>");
out.print("<TD width=80>存货数量</TD>");
out.print("<TD width=80>价格/元</TD>");
out.print("<TD width=60>更改</TD>");
out.print("<TD width=60>删除</TD></TR>");
while (rs.next()) {
out.print("<TR>");
//out.print("<TD>" + rs.getInt(1) + "</TD>");
out.print("<TD>" + rs.getString("pdm") + "</TD>");
out.print("<TD>" + rs.getString("pname") + "</TD>");
out.print("<TD>" + rs.getString("provider") + "</TD>");
out.print("<TD>" + rs.getString("info") + "</TD>");
out.print("<TD>" + rs.getString("stock") + "</TD>");
out.print("<TD>" + rs.getString("price") + "</TD>");
out.print("<FORM action=update1.jsp method=post");
//
out.print("<TD><INPUT type='hidden' name='id' value='"
+ rs.getInt(1) + "'>");
out
.print("<td><INPUT type='submit' value='更改' name='submit'></TD>");
out.print("</FORM>");
out.print("<FORM action=delPro.jsp method=post>");
//通过一个隐藏的表单,提交记录的id用于识别该记录
out.print("<TD><INPUT type='hidden' name='id' value='"
+ rs.getInt(1) + "'>");
out
.print("<INPUT type='submit' value='删除' name='submit'></TD>");
out.print("</FORM>");
out.print("</TR>");
}
out.print("</tbale>");
rs.close();
stmt.close();
conn.close();
} catch (SQLException e) {
out.print(e.toString());
}
%>
</body>
</html>
newPro.jsp----增加商品页面
<%@ page contentType="text/html; charset=gb2312" %>
<%@ page language="java" %>
<HTML>
<head>
<title>新增商品</title>
</head>
<BODY>
<%
out.print("新增商品<BR>");
out.print("<TABLE BORDER=1 bordercolorlight=#000000 >");
out.print("<TR>");
out.print("<TD width=60>代码</TD><TD width=80>商品名称</TD>");
out.print("<TD width=60>品牌</TD>");
out.print("<TD width=150>产品简介</TD><TD width=80>存货数量</TD>");
out.print("<TD width=80>价格/元</TD>");
out.print("<TD width=60>提交更改</TD></TR>");
out.print("<TR>");
//通过一个隐藏的表单,提交记录的id用于识别该记录
out.print("<FORM action=insertPro.jsp method=get>");
out.print("<TD><INPUT size=10 name='pdm' value=''></TD>");
out.print("<TD><INPUT name='pname' value=''></TD>");
out.print("<TD><INPUT name='provider' value=''></TD>");
out.print("<TD><INPUT name='info' value=''></TD>");
out.print("<TD><INPUT size=10 name='stock' value=''></TD>");
out.print("<TD><INPUT size=10 name='price' value=''></TD>");
out.print("<TD>");
out.print("<INPUT type='submit' value='新增商品' name='submit'></TD>");
out.print("</FORM></TR>");
out.print("</TABLE>");
%>
</BODY>
</HTML>
insertPro.jsp---增加处理页面
<%@ page language="java" pageEncoding="gb2312"%>
<%@ page language="java" %>
<%@ page import="javax.naming.*" %>
<%@ page import="javax.sql.DataSource" %>
<%@ page import="java.sql.*" %>
<html>
<body>
<% String pdm=request.getParameter("pdm");
pdm=new String(pdm.getBytes("ISO-8859-1"));//得到NewPro传过来的Pdm的值
String pname=request.getParameter("pname");
pname= new String(pname.getBytes("ISO-8859-1"));//得到NewPro传过来的Pname的值
String provider=request.getParameter("provider");
provider= new String(provider.getBytes("ISO-8859-1"));//得到NewPro传过来的provider的值
String info=request.getParameter("info");
info= new String(info.getBytes("ISO-8859-1"));//得到NewPro传过来的info的值
String nstock=request.getParameter("stock");
int stock = Integer.parseInt(nstock);//得到NewPro传过来的stock的值
String nprice=request.getParameter("price");
float price = Float.parseFloat(nprice);//得到NewPro传过来的price的值
PreparedStatement pstmt=null;
try
{
Context initCtx=new InitialContext();
Context ctx=(Context)initCtx.lookup("java:comp/env");
DataSource ds=(DataSource)ctx.lookup("jdbc/sql2000");
Connection conn=ds.getConnection();
pstmt=conn.prepareStatement("INSERT INTO pro_T VALUES (?,?,?,?,?,?)");
pstmt.setString(1,pdm);
pstmt.setString(2,pname);
pstmt.setString(3,provider);
pstmt.setString(4,info);
pstmt.setInt(5,stock);
pstmt.setFloat(6,price);
pstmt.execute();
pstmt.close();
conn.close();
}catch(SQLException e){
out.print(e.toString());
}
response.sendRedirect("listPro.jsp");
%>
</body>
</html>
update1.jsp----更改页面
<%@ page contentType="text/html; charset=GBK" %>
<%@ page language="java" %>
<%@ page import= "javax.naming.* "%>
<%@ page import= "javax.sql.DataSource "%>
<%@ page import="java.sql.*" %>
<HTML>
<head>
<title>修改商品信息</title>
</head>
<BODY>
<%
String tableName = "pro_T";
String pid = request.getParameter("id");
try{
Context initCtx = new InitialContext();
Context ctx = (Context)initCtx.lookup("java:comp/env");
DataSource ds = (DataSource)ctx.lookup("jdbc/sql2000");
Connection conn = ds.getConnection();
Statement stmt = conn.createStatement();
String sql="SELECT * FROM "+tableName+" WHERE ID="+pid;
ResultSet rs =stmt.executeQuery(sql);
out.print("修改记录数据。<BR>");
out.print("<TABLE BORDER=1 bordercolorlight=#000000 >");
//out.print("<TD width=40>序号</TD>");
out.print("<TR><TD width=60>代码</TD><TD width=80>商品名称</TD>");
out.print("<TD width=60>品牌</TD>");
out.print("<TD width=150>产品简介</TD><TD width=80>存货数量</TD>");
out.print("<TD width=80>价格/元</TD>");
out.print("<TD width=60>提交更改</TD></TR>");
rs.next();
out.print("<TR>");
//out.print("<TD>"+rs.getInt(1)+"</TD>");
//通过一个隐藏的表单,提交记录的id用于识别该记录
out.print("<FORM action=update2.jsp method=post>");
out.print("<TD><INPUT size=10 name='pdm' value='"+rs.getString("pdm")+"'></TD>");
out.print("<TD><INPUT name='pname' value='"+rs.getString("pname")+"'></TD>");
out.print("<TD><INPUT name='provider' value='"+rs.getString("provider")+"'></TD>");
out.print("<TD><INPUT name='info' value='"+rs.getString("info")+"'></TD>");
out.print("<TD><INPUT size=10 name='stock' value='"+rs.getString("stock")+"'></TD>");
out.print("<TD><INPUT size=10 name='price' value='"+rs.getString("price")+"'></TD>");
out.print("<TD><INPUT type='hidden' name='id' value='"+pid+"'>");
out.print("<INPUT type='submit' value='提交更改' name='submit'></TD>");
out.print("</TR>");
out.print("</TABLE>");
rs.close();
conn.close();
}
catch(SQLException e)
{
out.print(e.toString());
}
%>
</BODY>
</HTML>
update2.jsp----更改处理页面
<%@ page language="java" pageEncoding="gb2312"%>
<%@ page language="java" %>
<%@ page import="javax.naming.*" %>
<%@ page import="javax.sql.DataSource" %>
<%@ page import="java.sql.*" %>
<html>
<body >
<%
String pid=request.getParameter("id");
String pdm=request.getParameter("pdm");
pdm=new String(pdm.getBytes("ISO-8859-1"));//得到NewPro传过来的Pdm的值
String pname=request.getParameter("pname");
pname= new String(pname.getBytes("ISO-8859-1"));//得到NewPro传过来的Pname的值
String provider=request.getParameter("provider");
provider= new String(provider.getBytes("ISO-8859-1"));//得到NewPro传过来的provider的值
String info=request.getParameter("info");
info= new String(info.getBytes("ISO-8859-1"));//得到NewPro传过来的info的值
String nstock=request.getParameter("stock");
int stock = Integer.parseInt(nstock);//得到NewPro传过来的stock的值
String nprice=request.getParameter("price");
float price = Float.parseFloat(nprice);//得到NewPro传过来的price的值
PreparedStatement pstmt=null;
try
{
Context initCtx=new InitialContext();
Context ctx=(Context)initCtx.lookup("java:comp/env");
DataSource ds=(DataSource)ctx.lookup("jdbc/sql2000");
Connection conn=ds.getConnection();
pstmt=conn.prepareStatement("UPDATE pro_T SET pdm=?,pname=?,provider=?,"+
"info=?,stock=?,price=? where id="+pid);
pstmt.setString(1,pdm);
pstmt.setString(2,pname);
pstmt.setString(3,provider);
pstmt.setString(4,info);
pstmt.setInt(5,stock);
pstmt.setFloat(6,price);
pstmt.execute();
pstmt.close();
conn.close();
}catch(SQLException e){
out.print(e.toString());
}
response.sendRedirect("listPro.jsp");
%>
</body>
</html>
delPro.jsp-----删除页面
<%@ page contentType="text/html;charset=gb2312"%>
<%@ page language="java"%>
<%@ page import="javax.naming.*"%>
<%@ page import="javax.sql.DataSource"%>
<%@ page import="java.sql.*"%>
<html>
<head>
<title>查看商品和管理商品</title>
</head>
<body>
<%
String pid=request.getParameter("id");
String tableName="pro_T";
try {
Context initCtx = new InitialContext();
Context ctx = (Context) initCtx.lookup("java:comp/env");//获取连接池对象
DataSource ds = (DataSource) ctx.lookup("jdbc/sql2000");//创建连接
Connection conn = ds.getConnection();
Statement stmt = conn.createStatement();
//发送要执行的SQL语句
String sql="DELETE FROM "+tableName+" WHERE ID="+pid;
stmt.executeUpdate(sql);
stmt.close();
conn.close();
} catch (SQLException e) {
out.print(e.toString());
}
response.sendRedirect("listPro.jsp");
%>
</body>
</html>