一、模糊查询
<!-- 功能1:实现admin.jsp页面中新闻管理模块----模糊查询的搜索功能(根据标题进行模糊查询) -->
<!--
注意:在没有学习servlet时,模糊查询都是本页面
问题:当输入关键词后,点击搜索按钮,跳转(1.do处理页面 2.admin.jsp) admin.jsp
-->
<div style = "width:100%;height:40px;text-align: center;line-height:40px; ">
<form action = "admin.jsp" method = "post">
<label>新闻标题</label>
<!-- autocomplete 关闭自动提示 -->
<input type = "text" name = "strName" autocomplete="off"/>
<input type = "submit" value = "搜索"/>
</form>
</div>
<%
//1.运行admin.jsp之后,默认显示所有新闻。
//2.在输入框中输入关键词点击搜索 跳转到本页面
//通过request内置对象获取当前模糊查询表单提交的关键词
//编码设置
request.setCharacterEncoding("utf-8");
String strName = request.getParameter("strName");
//搜索的关键词为中文 获取时会出现乱码 通过String类进行编码和解码(得到我们看得懂的中文)
System.out.println("模糊查询的关键词为:[解决前] "+strName);
//sql语句
String sql = "select * from tb_news";
//第一次运行admin.jsp strName为null 不能调用任何方法
if(null!=strName){
//new String(strName.getBytes("ISO-8859-1"),"utf-8");
//将指定编码的字符串进行解码 通过getBytes("编码") 构造函数new String()编码
strName = new String(strName.getBytes("ISO-8859-1"),"utf-8");
//强调 电脑 有些电脑不需要第82行代码。
//sql语句拼接模糊查询
sql+=" where ntitle like '%"+strName+"%'";
}
System.out.println("模糊查询的关键词为:[解决后] "+strName);
System.out.println("模糊查询的关键词为:[sql] "+sql);
%>
二、发布评论
<%@page import="java.text.SimpleDateFormat"%>
<%@page import="java.util.Date"%>
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.DriverManager"%>
<%@page import="java.sql.Connection"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%
//1.设置编码
request.setCharacterEncoding("utf-8");
//获取数据
//评论编号
int cid = 0;//定义一个变量保存最终的id
//链接数据库查询到最大的id 最后+1
//加载驱动
Class.forName("oracle.jdbc.driver.OracleDriver");
//建立连接
String url = "jdbc:oracle:thin:@localhost:1521:orcl";
Connection conn = DriverManager.getConnection(url, "scott", "123");
String sql = "select nvl(max(cid),0) from tb_comment";
PreparedStatement ps = conn.prepareStatement(sql);
ResultSet rs = ps.executeQuery();
if(rs.next()){
cid = rs.getInt(1)+1;
}
//out.println("cid = "+cid);
//用户编号
int cuserid = 0;
String username = request.getParameter("username");
//根据用户名查找到该用户的编号
sql = "select * from tb_news_users where username = ?";
ps = conn.prepareStatement(sql);
ps.setString(1,username);
rs = ps.executeQuery();
if(rs.next()){
cuserid = rs.getInt(1);
}
//新闻编号
int nid = Integer.valueOf(request.getParameter("nid"));
//ip地址
String cip = request.getParameter("cip");
//内容
String ccontent = request.getParameter("ccontent");
//时间
Date date = new Date();
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
String cdate = sdf.format(date);
//发表评论
sql = "insert into tb_comment values(?,?,?,?,?,to_date(?,'yyyy-mm-dd hh24:mi:ss'))";
ps = conn.prepareStatement(sql);
ps.setInt(1, cid);
ps.setInt(2, cuserid);
ps.setInt(3, nid);
ps.setString(4, cip);
ps.setString(5, ccontent);
ps.setString(6, cdate);
int n = ps.executeUpdate();
if(n>0){
out.println("<script>alert('评论成功');location.href='newRead.jsp?username="+username+"&nid="+nid+"'</script>");
}else{
out.println("<script>alert('评论失败');location.href='newRead.jsp?username="+username+"&nid="+nid+"'</script>");
}
%>
三、删除评论
<%@page import="java.sql.ResultSet"%>
<%@page import="java.sql.PreparedStatement"%>
<%@page import="java.sql.DriverManager"%>
<%@page import="java.sql.Connection"%>
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%
//删除评论
//设置编码
request.setCharacterEncoding("utf-8");
//获取用户名
String username = request.getParameter("username");
//加载驱动
Class.forName("oracle.jdbc.driver.OracleDriver");
//建立连接
String url = "jdbc:oracle:thin:@localhost:1521:orcl";
Connection conn = DriverManager.getConnection(url, "scott", "123");
int cuserid = 0;
String sql = "select * from tb_news_users where username = ?";
PreparedStatement ps = conn.prepareStatement(sql);
ps.setString(1, username);
ResultSet rs = ps.executeQuery();
if(rs.next()){
cuserid = rs.getInt(1);
}
//获取cid
String id = request.getParameter("cid");
int cid = 0;
if(null!=id){
cid = Integer.valueOf(id);
}
int cid_cuserid = 0;
//根据cid进行查找 cuserid
int nid = 0;//保存新闻编号
//sql
sql = "select * from tb_comment where cid = ?";
ps = conn.prepareStatement(sql);
ps.setInt(1, cid);
rs = ps.executeQuery();
if(rs.next()){
cid_cuserid = rs.getInt(2);
nid = rs.getInt(3);
}
if(cuserid!=cid_cuserid){//不是当前登录用户所评论的内容
//out.println("不是当前登录用户的评论内容");
out.println("<script>alert('此评论不是当前用户所评,无法删除');location.href='newRead.jsp?username="+username+"&nid="+nid+"'</script>");
}else{
//out.println("是当前登录用户的评论内容");
//根据当前登录的用户以及对应的评论编号进行删除
sql = "delete from tb_comment where cuserid = ? and cid = ?";
ps = conn.prepareStatement(sql);
ps.setInt(1, cid_cuserid);
ps.setInt(2, cid);
int n = ps.executeUpdate();
if(n>0){
out.println("<script>alert('删除成功');location.href='newRead.jsp?username="+username+"&nid="+nid+"'</script>");
}else{
out.println("<script>alert('删除失败');location.href='newRead.jsp?username="+username+"&nid="+nid+"'</script>");
}
}
%>
四、include指令
<!-- 通过jsp中的include指令进行引入第三方页面 -->
<%@ include file="foot.jsp" %>
