注册、登陆及验证模块设计.doc

注册、登陆及验证模块设计一、 在MySQL中建立用户信息表1.1 确定用户信息字段用户信息只有一些常用的、比较重要的信息，由于需要邮件验证，所以还需要保存临时验证码。 序号字段类型和长度描述主键可空默认值1idinteger自增型的主键是否无2uidvarchar(20)用户账号否否无3passwordvarchar(30)密码否否无4realNamevarchar(20)用户真实姓名否否无5gendertinyint(1)性别:0,女；1，男否否无6emailvarchar(50)e-mail地址否否无7telvarchar(15)联系电话否是无8questionvarchar(50)密码提示问题否否无9answervarchar(50)问题答案否否无10validateCodevarchar(20)验证码，当激活过后，该字段置为activated，表示已经激活否是无11loginNuminteger登陆次数否否无1.2 建立用户表create table user( id int(10) unsigned not null auto_increment, uid varchar(20) not null default , password varchar(30) not null default , realName varchar(20) not null default , gender tinyint(1) unsigned not null default 0, email varchar(50) not null default , tel varchar(15) default null, question varchar(50) default null, validateCode varchar(20) not null default , answer varchar(50) not null default , loginNum int(10) unsigned not null default 0, primary key(id)二、 用JSP处理注册数据2.1 创建注册提交表单用户注册用户注册 用户名: * (用户名由az的英文字母(不区分大小写)、09的数字、点、减号或下划线组成，长度为318个字符，只能以数字或字母开头和结尾,例如:syjk3_001 ) 密码: *(密码长度为616位，区分字母大小写。登录密码可以由字母、数字、特殊字符组成。) 密码确认: *(请再输一遍，以便确认！) 电子邮件: *(请您输入正确的E-mail地址！方便您的密码查询！) 性别: 酷哥 靓女   密码提示问题: *(帐号验证以及用于帮你找回密码！) 提示问题答案: *(找回密码的答案！) 真实姓名:   联系电话:   2.2 客户端验证数据有效性function checkForm(form)if(isEmpty(form.uid.value) | isEmpty(form.password.value) | isEmpty(form.confirmPassword.value) | isEmpty(form.email.value) | isEmpty(form.question.value) | isEmpty(form.answer.value) )alert(请将必填项填写完整!);return false;if(form.password.value!=form.confirmPassword.value)alert(两次密码不匹配!);return false;if(form.password.value.length16)alert(密码长度不得少于6个字符，不得多于16个字符！);return false;return true;function isEmpty(str)if(str=null | str.length=0)return true;else return false;function checkUid()var name=document.userRegisterForm.uid.value;if(name.length0)window.open(checkUid.jsp?uid= +name ,检查用户名,toolbar=no, location=no,status=no,menubar=no, scrollbars=no,resizable=no,width=300,height=200);2.3 业务操作逻辑Bean/* * */package ch2.service;import java.sql.Connection;import java.util.List;import ch2.dao.UserDAO;import ch2.dao.impl.UserDAOImpl;import ch2.util.db.Database;import ch2.util.mail.MailUtil;import ch2.vo.User;/* * author Administrator * */public class UserService private UserDAO userDAO=new UserDAOImpl();public void addUser(User user,String basePath)throws ExceptionConnection connection = null;StringBuffer body=new StringBuffer();StringBuffer link=new StringBuffer();body.append(您在XXX网站新注册的用户名是：);body.append(user.getUid();body.append(,请点击以下链接激活帐号！n);link.append(basePath);link.append(activeUser.jsp?uid=);link.append(user.getUid();link.append(&validateCode=);link.append(user.getValidateCode();body.append(link.toString();tryconnection=Database.getConnection();userDAO.setConnection(connection);userDAO.addUser(user);MailUtil.sendEmail(user.getEmail(),XXX网站用户注册激活码,body.toString();Dmit();catch(Exception e)e.printStackTrace();Database.rollback();throw e;finallyDatabase.releaseConnection(connection); public void deleteUser(String uid)throws ExceptionConnection connection = null; try connection=Database.getConnection(); userDAO.setConnection(connection); userDAO.deleteUser(uid); Dmit(); catch(Exception e) e.printStackTrace(); Database.rollback(); throw e; finally Database.releaseConnection(connection); public void updateUser(User user)throws ExceptionConnection connection = null;try connection=Database.getConnection(); userDAO.setConnection(connection); userDAO.updateUser(user); Dmit(); catch(Exception e) e.printStackTrace(); Database.rollback(); throw e; finally Database.releaseConnection(connection); public List listAllUser()throws Exception List userList=null; Connection connection = null; try connection=Database.getConnection(); userDAO.setConnection(connection); userList=userDAO.listAllUser(); catch(Exception e) e.printStackTrace(); throw e; finally Database.releaseConnection(connection); return userList; public User getUser(String uid)throws Exception User user=null; Connection connection = null; try connection=Database.getConnection(); userDAO.setConnection(connection); user=userDAO.getUser(uid); catch(Exception e) e.printStackTrace(); throw e; finally Database.releaseConnection(connection); return user; public boolean login(String uid,String password)throws Exception User user=null; boolean result=false; Connection connection = null; try connection=Database.getConnection(); userDAO.setConnection(connection); user=userDAO.getUser(uid); if(user!=null) if(user.getPassword().equals(password) user.setLoginNum(user.getLoginNum()+1); userDAO.updateUser(user); Dmit(); result=true; else result=false; else result=false; catch(Exception e) e.printStackTrace(); Database.rollback(); throw e; finally Database.releaseConnection(connection); return result; public boolean checkUid(String uid)throws Exception try User user=getUser(uid); if(user=null) return false; else return true; catch(Exception e) throw e; public boolean validateUser(String uid,String validateCode)throws Exception UserDAO userDAO=new UserDAOImpl(); Connection connection = null; try connection=Database.getConnection(); userDAO.setConnection(connection); User user=userDAO.getUser(uid); if(user!=null) if(user.getValidateCode().equals(validateCode) user.setValidateCode(activated); userDAO.updateUser(user); Dmit(); return true; catch(Exception e) e.printStackTrace(); Database.rollback(); throw e; finally Database.releaseConnection(connection); return false; /* * return Returns the userDAO. */public UserDAO getUserDAO() return userDAO;/* * param userDAO The userDAO to set. */public void setUserDAO(UserDAO userDAO) this.userDAO = userDAO; 2.4 检测用户名是否已存在此用户名已经存在，请选用一个新用户名！此用户名尚未被使用！2.5 保存注册信息到数据库用Servlet根据提交来的数据来处理请求，检查合法性，并将合法的数据持久化Register.java/* * */package ch2.servlet;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import ch2.service.UserService;import ch2.util.Generator;import ch2.vo.User;/* * author Administrator * */public class Register extends HttpServlet protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException / TODO Auto-generated method stub response.setContentType(text/html;charset=utf-8); String uid=request.getParameter(uid); String password=request.getParameter(password); String confirmPassword=request.getParameter(confirmPassword); String email=request.getParameter(email); int gender=Integer.parseInt(request.getParameter(gender); String question=request.getParameter(question); String answer=request.getParameter(answer); String realName=request.getParameter(realName); String tel=request.getParameter(tel); if(uid=null | password.trim().equals() | password.trim().equals() |confirmPassword=null | confirmPassword.trim().equals() | email=null | email.trim().equals() | question=null | question.equals() | answer=null | answer.equals() request.setAttribute(errMsg,请将必填的数据填写完整!); this.getServletContext().getRequestDispatcher(/error.jsp).forward(request,response); return; else if(!password.equals(confirmPassword) request.setAttribute(errMsg,两次密码不匹配!); this.getServletContext().getRequestDispatcher(/error.jsp).forward(request,response); return; UserService service=new UserService(); try boolean isExist=service.checkUid(uid); if(isExist) request.setAttribute(errMsg,用户名已经存在！); this.getServletContext().getRequestDispatcher(/error.jsp).forward(request,response); return; User user=new User(); user.setUid(uid); user.setPassword(password); user.setEmail(email); user.setGender(gender); user.setQuestion(question); user.setAnswer(answer); user.setTel(tel); user.setRealName(realName); String validateCode=Generator.getEmailCode(); user.setValidateCode(validateCode); String path = request.getContextPath(); String basePath = request.getScheme()+:/+request.getServerName()+:+request.getServerPort()+path+/; service.addUser(user,basePath); PrintWriter out = response.getWriter(); out.println(注册成功！); catch(Exception e) e.printStackTrace(); request.setAttribute(errMsg,注册出错！); this.getServletContext().getRequestDispatcher(/error.jsp).forward(request,response); protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException / TODO Auto-generated method stubdoGet(request,response);Servlet类编写完后，在使用它之前，还需要部署及设置访问映射，配置比较简单，只要在web.xml中加入： Register ch2.servlet.Register Register /Register 2.6 使用JavaMail发送注册验证邮件MailUtil.javapackage ch2.util.mail;import java.io.File;import java.io.IOException;import java.io.StringWriter;import .URLEncoder;import java.util.Date;import java.util.HashMap;import java.util.Map;import java.util.Properties;import java.util.Random;import javax.mail.Message;import javax.mail.MessagingException;import javax.mail.NoSuchProviderException;import javax.mail.Session;import javax.mail.Transport;import ernet.InternetAddress;import ernet.MimeMessage;import javax.mail.Address;/* * author Administrator */public class MailUtil static int port = 25;static String server = ;static String from = Webmaster;static String user = 765251318;static String password = woaijia09100606;public static void sendEmail(String email, String subject, String body) try Properties props = new Properties();props.put(mail.smtp.host, server);props.put(mail.smtp.port, String.valueOf(port);props.put(mail.smtp.auth, true);Transport transport = null;Session session = Session.getDefaultInstance(props, null);transport = session.getTransport(smtp);transport.connect(server, user, password);MimeMessage msg = new MimeMessage(session);msg.setSentDate(new Date();InternetAddress fromAddress = new InternetAddress(from);msg.setFrom(fromAddress);InternetAddress toAddress = new InternetAddress1;toAddress0 = new InternetAddress(email);msg.setRecipients(Message.RecipientType.TO, toAddress);msg.setSubject(subject, UTF-8);msg.setText(body, UTF-8);msg.saveChanges();transport.sendMessage(msg, msg.getAllRecipients(); catch (NoSuchProviderException e) e.printStackTrace(); catch (MessagingException e) e.printStackTrace();三、 实现用户登录3.1 创建登陆输入表单3.2 验证用户名和密码是否正确Login.java/* * */package ch2.servlet;import java.io.IOException;import java.io.PrintWriter;import javax.servlet.ServletException;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import ch2.service.UserService;/* * author Administrator * */public class Login extends HttpServlet protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException / TODO Auto-generated method stub response.setContentType(text/html;charset=utf-8); try String uid=request.getParameter(uid); String password=request.getParameter(password); UserService userService=new UserService(); HttpSession session=request.getSession(); PrintWriter out = response.getWriter(); if(userService.login(uid,password) session.setAttribute(uid,uid); out.println(你已登录成功！); else out.println(用户名或密码错误!返回); catch(Exception e) e.printStackTrace