【问题标题】:Blank page is coming as output in servlet [duplicate]空白页作为 servlet 中的输出出现 [重复]
【发布时间】:2023-04-07 09:52:01
【问题描述】:

我正在尝试在 sql 数据库中插入员工详细信息,但是当我运行程序时,它在输入员工详细信息后显示注册页面,输出没有出现,并且显示为空白页面

这是我的 web.xml 文件

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
    <servlet>
        <servlet-name>CreateServlet</servlet-name>
        <servlet-class>com.sai.CreateServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>CreateServlet</servlet-name>
        <url-pattern>/CreateServlet</url-pattern>
    </servlet-mapping>
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
</web-app>

这是我的 servlet 类

public class CreateServlet extends HttpServlet 
{


protected void processRequest(HttpServletRequest request, HttpServletResponse response)
        throws ServletException, IOException 
{
    response.setContentType("text/html;charset=UTF-8");
    PrintWriter out = response.getWriter(); 
    Connection con=null;
    Statement st=null;
   try
   {
    Class.forName("com.mysql.jdbc.Driver");
    DriverManager.getConnection("jdbc:mysql://localhost:3306/dbemployee","root","");
    con.createStatement();
    String id=request.getParameter("UserName");
    String pwd=request.getParameter("Password");
    String eAdd=request.getParameter("EmpAddress");
    String gender=request.getParameter("MaleorFemale");
    String email=request.getParameter("Email");
    String lang=request.getParameter("languages");
    String nation=request.getParameter("Nationality");
    String date=request.getParameter("RegDate");

    String sql="insert into Employee Values ("+id+" "+pwd+" "+eAdd+" "+gender+"  "+email+"  "+lang+"  "+nation+" "+date+")";
    st.executeUpdate(sql);
    if(id !=null | pwd != null | eAdd!=null | gender !=null |email !=null | lang !=null | nation!=null | date !=null)
    {
        RequestDispatcher rd = request.getRequestDispatcher("/success.html");
        rd.forward(request, response);
    }
    else
    {
        out.println("<font color=red>Please fill all the fields</font>");
        RequestDispatcher rd = request.getRequestDispatcher("/index.html");
        rd.forward(request, response);

    }
 }catch(ClassNotFoundException | SQLException  | NullPointerException e)
   {
       e.printStackTrace();
   }
   finally
    {
        try
        {
            if(st!=null) st.close();
            if(con!=null)con.close();
        }
        catch(Exception e)
        {
            e.printStackTrace();
        }
    }
}

这是我创建的注册文档中的 index.html

<body>
      <form name="EmployeeReg" method="post" action="CreateServlet">
        UserName:&nbsp <input type="text" name="UserName" placeholder="username"><br>
        Password:&nbsp &nbsp&nbsp<input type="password" name="password"><br>
        Address :&nbsp&nbsp&nbsp&nbsp <input type="text" name="EmpAdress" placeholder="EmpAddress" ><br>
         Gender : &nbsp&nbsp&nbsp<input type="radio"   name="MaleorFemale" value="Male">MALE<br>
                  &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
                  <input type="radio"   name="MaleorFemale" value="Female">FEMALE<br>

         EMail: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp  <input  type="text"   name="email" placeholder="email"><br>
 Languages Known: <input type="checkbox" name="languages" value="Telugu">Telugu
                  <input type="checkbox" name="languages" value="Kannada">Kannada
                  <input type="checkbox" name="languages" value="Hindi">Hindi
                  <input type="checkbox" name="languages" value="English">English
                  <input type="checkbox" name="languages" value="Tamil">Tamil
                  <input type="checkbox" name="languages" value="Malayalam">Malayalam<br>
     Nationality: <select name="nationality">
                  <option value="">-- select one --</option>
                  <option value="afghan">Afghan</option>
                  <option value="albanian">Albanian</option>
                  <option value="algerian">Algerian</option>
                  <option value="american">American</option>
                  <option value="andorran">Andorran</option>
                  <option value="angolan">Angolan</option>
                  <option value="antiguans">Antiguans</option>
                  <option value="argentinean">Argentinean</option>
                  <option value="armenian">Armenian</option>
                  <option value="australian">Australian</option>
                  <option value="austrian">Austrian</option>
                  <option value="austrian">Indian</option>
     </select><br>
     Reg.Date:    &nbsp&nbsp&nbsp<input type="date" id="RegDate" value="2010-07-77">
                <button onclick="myFunction()">Try it</button>
                 <p id="demo"></p>
                 <script>
                            function myFunction() {
                            var x = document.getElementById("myDate").value;
                            document.getElementById("demo").innerHTML = x;
                            }
                </script>
     <input type="submit"  value="Submit">
    </form>
</body>

【问题讨论】:

  • 请学习如何使用带参数的预处理语句,您当前的代码容易受到 SQL 注入的影响。这也是您的问题的原因,因为您没有正确引用值。当您吞咽并忽略异常时,这可能就是您得到空白页的原因。检查您的日志以查看有什么问题,尽管解决方法是切换到带有参数的准备好的语句。见Using Prepared Statements
  • 它没有显示任何日志
  • 我很确定您的应用程序服务器的其中一个日志中会出现语法错误(假设您的应用程序服务器将System.err 重定向到日志,并且大多数都这样做)。

标签: java mysql servlets jdbc


【解决方案1】:

要按照您显示的方式调用 servlet,必须实现 doPost 方法。它看起来像:

 public class CreateServlet extends HttpServlet {

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response ) throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter(); 
        // and the rest of your method.
    }
}

基本上,您必须将当前方法重命名为doPost,以便在向其发布表单数据时调用它。

在您的浏览器中,您当前应该收到某种错误。这不太可能记录到您的服务器日志中,但如果您使用浏览器的开发工具,那么您应该能够看到服务器返回的可能是 400 或 405 错误。

@MarkRotteveel 提出了这一点 - 不要将此代码发布到公共站点,因为他 100% 正确 - 你正在为 SQL 注入攻击做好准备。

【讨论】:

  • 我将代码作为 Statement 更改为 PreparedStatement 现在它工作正常
猜你喜欢
  • 1970-01-01
  • 2020-02-10
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2015-12-18
  • 1970-01-01
相关资源
最近更新 更多