java - 产生 IllegalStateException 的基于登录的应用程序

Question

这背后的想法是，如果我的数据库中存在登录名(正确的用户名+密码)，我将重定向到一个页面，并且在进行此身份验证后，他们可以将消息存储在文本文件中。代码非常简单尽管我不确定为什么会收到 IllegalStateException

这是我的-logininfo.java

public class logininfo extends HttpServlet 
{   private static final long serialVersionUID = 1L;

     //I've hidden all the unused code

    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException 
    {
    String user= request.getParameter("user");
    String pass= request.getParameter("pass");
    response.setContentType("text/html");
    PrintWriter pw = response.getWriter();
    Connection con = null;
    Statement stmt = null;
    ResultSet rs = null;


        try
        {
            Class.forName("com.mysql.jdbc.Driver");
            con=DriverManager.getConnection("jdbc:mysql://localhost:3306/mayurtest","root","root");
            String sql = "SELECT * FROM LOGIN where user=? and pass=?";   //thanks braj
            stmt = con.prepareStatement(sql);
            stmt.setString(1, user); 
            stmt.setString(2, pass); 
            rs = stmt.executeQuery();
            while(rs.next())
            {
                if((rs.getObject(1).toString().equals(user))&&(rs.getObject(2).toString().equals(pass)))     //edited code
                {   
                         pw.println("correct login");                   
                         response.sendRedirect("message.HTML");  //request.getRequestDispatcher("message.html").include(request,response); is what I should write instead
                    String message=request.getParameter("message");   //error here???? /*seems to be a problem as now all I get are null values printed*/ 
                    testmessage(message);                   
                    break;  
                }
                else
                {
                    pw.println("please check username/password again.<br>");
                    response.sendRedirect("userlogininfo.HTML");//request.getRequestDispatcher("userlogininfo.html").include(request,response); is what I should write instead
                    break;
                }
            }


        }


        }
        catch (SQLException e) 
        {
            pw.println(e.getNextException());
        } 
        catch (ClassNotFoundException e)
        {
            pw.println(e.getException());
        } 
        finally 
        {
            try
            {
                if (rs != null) {
                    rs.close();
                    rs = null;
                }
                if (stmt != null) {
                    stmt.close();
                    stmt = null;
                }
                if (con != null) {
                    con.close();
                    con = null;
                }
            } 
            catch (Exception e)
            {
            pw.close();
            }

        }   


    }





    public void testmessage(Connection con,Statement stmt,ResultSet rs,String message) throws FileNotFoundException
    {
        File file = new File("C:/Users/thammaiahm/Desktop/mayur desktop files/mayur.txt");
        FileReader fr = new FileReader(file);
        try{

            PrintWriter pw1 = new PrintWriter(new    
            FileOutputStream("C:/Users/thammaiahm/Desktop/mayur desktop files/mayur.txt",true));  
            pw1.println( message ); 
            pw1.close();
            fr.close();

        }
        catch(IOException ioio){//do something
            }
      }
}

接下来是两个 HTML 页面-用户登录页面.HTML

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>Enter the login details<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></head>

<body>
<form method="post" action="http://localhost:8888/Servlet/logininfo">
Login   :<input type="text" name="user"/><br>
Password:<input type="password" name="pass"/><br>
<input type="submit" value="login"/>


</form></body>
</html>

和message.HTML->>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>Welcome user: 
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></head>

<body>
<form method="post" action="http://localhost:8888/Servlet/logininfo">
Please enter you secret message:<input type="text" name="message"/><br>
<input type="submit" value="login"/>
</form></body>
</html>

你能帮我找出错误吗？也许可以帮助我了解我应该遵循的任何编程实践？

Answer 1

这里是完整的异常消息:

java.lang.IllegalStateException: Cannot call sendRedirect() after the response has been committed

异常一目了然，问题出在哪里。

当调用 sendRedirect() 时，这意味着现在 HTML 响应将由另一个重定向的 HTML/JSP/Servlet 生成，但在执行此操作之前，一些响应已经发送到无法还原的客户端.

如果你想包含另一个 HTML/JSP/Servlet 的响应，那么使用 forward或 include而不是 sendRedirect。

例如

request.getRequestDispatcher("message.html").include(request,response);

---

不需要从表中获取所有记录。您可以使用 PreparedStatement

根据用户名和密码仅获取单个记录

示例代码:

String sql = "SELECT * FROM LOGIN where username=? and password=?";

stmt = con.prepareStatement(sql);
// Bind values into the parameters.
stmt.setString(1, user); // This would set username
stmt.setString(2, pass); // This would set password
rs = stmt.executeQuery();
if (rs.next()) {
    pw.println("correct login");
    request.getRequestDispatcher("message.html").include(request, response);
    ...
} else {
    pw.println("please check username/password again.<br>");
    request.getRequestDispatcher("userloginpage.html").include(request, response);
}

注意:不要在每次需要新连接时都加载驱动程序类。为连接管理创建一个单独的类。

I have already posted a nice ConnectionUtil class to manage all the connections in a single class for whole application.