Cookie是客户端技术,程序把每个用户的数据以cookie的形式写给用户各自的浏览器。当用户使用浏览器再去访问服务器中的web资源时,就会带着各自的数据去。
这样web资源处理的就是用户各自的数据了。
Session
Session是服务器端技术,利用这个技术,服务器在运行时可以为每一个用户的浏览器创建一个其独享的session对象,由于session为用户浏览器独享,所以用户在访问服务器
的web资源时,可以把各自的数据放在各自的session中,当用户再去访问服务器中的其他web资源时,其他web资源再从用户各自的session中取出数据为用户服务。
什么是会话?用户打开浏览器,访问站点,连续进行多次操作,关闭浏览器,整个过程称为会话。
管理HTTP协议会话状态:Cookie和Session
Cookie:将用户相关数据,保存客户端,用户每次访问服务器自动携带cookie数据。
Session:将用户相关数据保存服务器端,为每个客户端生成一个独立Session数据对象,通过对象唯一编号,区分哪个浏览器对应哪个Session
Cookie
Cookie快速入门案例:(上次访问时间)
eg:
package cn.lsl.cookie; import java.io.IOException; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LastVisitServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Cookie[] cookies = request.getCookies(); response.setContentType("text/html;charset=utf-8"); if(cookies == null){ //当前时间毫秒等价new Date().getTime() long now = System.currentTimeMillis(); //向客户端写出cookie需要用到cookie Cookie cookie = new Cookie("last", now+""); response.addCookie(cookie); response.getWriter().println("欢迎第一次访问本网站"); }else{ for (Cookie cookie : cookies) { if(cookie.getName().equals("last")){ long lasttime = Long.parseLong(cookie.getValue()); //显示给用户 Date date = new Date(lasttime); //格式化日期 DateFormat dateFormat = new SimpleDateFormat("yyyy年MM月dd日 HH时mm分ss秒"); response.getWriter().println("上次访问时间:" + dateFormat.format(date)); } } long now = System.currentTimeMillis(); Cookie cookie = new Cookie("last", now+""); response.addCookie(cookie); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
分析:
1、通过服务器向客户端写cookie
Cookie cookie = new Cookie(name,value);
response.addCookie(cookie);
* 在HTTP协议响应头信息中 Set-Cookie: last=1339556457609
2、当客户端存在cookie之后,以后每次请求自动携带 HTTP协议请求头信息 Cookie: last=1339556456859
服务器端获得需要cookie数据
Cookie[] cookies = request.getCookies(); ---- 获得客户端所有cookie
if(cookies==null){} 判断cookie是否存在
遍历cookie获得需要信息
for (Cookie cookie : cookies) {
// 获得每个cookie
if (cookie.getName().equals("last")) {
// 找到了需要cookie
}
}
CookieAPI详解
1.将cookie写回客户端 response.addCookie(cookie);
2.读取请求中cookie信息 request.getCookies
3.Cookie对象创建 new Cookie(name,value)
*cookie的name不允许改变
什么是会话cookie,什么是持久cookie?
cookie信息默认情况保存在浏览器内存中 ---- 会话cookie
会话cookie会在关闭浏览器时清除
持久Cookie,cookie数据保存客户端硬盘上
通过setMaxAge设置Cookie为持久Cookie
* 在JavaAPI 中所有与时间相关参数,int 类型 单位秒, long类型 单位毫秒
eg:
package cn.lsl.cookie; import java.io.IOException; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LastVisitServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setHeader("Cache-Control", "no-cache"); response.setDateHeader("Expires", -1); response.setHeader("Pragma", "no-cache"); Cookie[] cookies = request.getCookies(); response.setContentType("text/html;charset=utf-8"); if(cookies == null){ //当前时间毫秒等价new Date().getTime() long now = System.currentTimeMillis(); //向客户端写出cookie需要用到cookie Cookie cookie = new Cookie("last", now+""); cookie.setPath("/Cookie"); //设置cookie有效时间 cookie.setMaxAge(60*60*24*2); response.addCookie(cookie); response.getWriter().println("欢迎第一次访问本网站"); }else{ for (Cookie cookie : cookies) { if(cookie.getName().equals("last")){ long lasttime = Long.parseLong(cookie.getValue()); //显示给用户 Date date = new Date(lasttime); //格式化日期 DateFormat dateFormat = new SimpleDateFormat("yyyy年MM月dd日 HH时mm分ss秒"); response.getWriter().println("上次访问时间:" + dateFormat.format(date)); } } long now = System.currentTimeMillis(); Cookie cookie = new Cookie("last", now+""); cookie.setPath("/Cookie"); //设置cookie有效时间 cookie.setMaxAge(60*60*24*2); response.addCookie(cookie); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
访问cookie有效路径path
默认情况下,生成cookie时,产生默认有效访问路径 (默认生成cookie程序路径)
http://localhost/Cookie/lastvisit --- 生成cookie --- path 默认值: /Cookie
http://localhost/Cookie/servlet/path ---- 生成cookie ---- path 默认值:/Cookie/servlet
第二次访问程序携带cookie信息,如果访问路径与path不一致,不会携带cookie 信息
company cookie : path --- /Cookie/serlvet
last cookie : path --- /Cookie
访问 :http://localhost/Cookie/servlet/path ---- 同时满足/Cookie/serlvet、/Cookie 携带 company 和 last两个cookie信息
访问 :http://localhost/Cookie/lastvisit ---- 满足 /Cookie 不满足/Cookie/serlvet 携带 last 一个cookie 信息
* 以后程序开发,尽量设置path ---- setPath方法
第一方cookie 和 第三方cookie
通过setDomain 设置cookie 有效域名
访问google时,生成cookie过程中 cookie.setDomain(".baidu.com") ---- 生成百度cookie ------ 第三方cookie
* 第三方cookie 属于不安全 ----- 一般浏览器不接受第三方cookie
访问google时,生成cookie,cookie.setDomain(.google.con) ---- 生成google的cookie ------ 第一方cookie
删除Cookie
案例:删除上次访问时间
原理:设置cookie MaxAge为 0
*删除cookie必须设置path与cookie的path一致
eg:
package cn.lsl.cookie; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class DeleteCookieServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Cookie cookie = new Cookie("last", ""); cookie.setMaxAge(0); //path一致 cookie.setPath("/Cookie"); response.addCookie(cookie); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
历史浏览记录案例
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%@page import="cn.lsl.cookie.CookieUtils"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>product.jsp</title> </head> <body> <h1>商品列表</h1> <a href="/Cookie/producthistory?id=1">冰箱</a><br/> <a href="/Cookie/producthistory?id=2">洗衣机</a><br/> <a href="/Cookie/producthistory?id=3">笔记本电脑</a><br/> <a href="/Cookie/producthistory?id=4">手机</a><br/> <a href="/Cookie/producthistory?id=5">空调</a><br/> <a href="/Cookie/producthistory?id=6">热水器</a><br/> <a href="/Cookie/producthistory?id=7">微波炉</a><br/> <a href="/Cookie/producthistory?id=8">电风扇</a><br/> <h1>商品浏览记录</h1><h3><a href="/Cookie/cleanhistory">清空浏览记录</a></h3> <% Cookie cookie = CookieUtils.findCookie(request.getCookies(),"history"); if(cookie == null){ out.println("无浏览记录!"); }else{ String ids = cookie.getValue(); String[] idArray = ids.split(","); String[] arr = { "冰箱", "洗衣机", "笔记本电脑", "手机", "空调", "热水器", "微波炉", "电风扇" }; for(String id : idArray){ out.println(arr[Integer.parseInt(id)-1]+"<br/>"); } } %> </body> </html>
package cn.lsl.cookie; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class ProductHistoryServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String[] arr = { "冰箱", "洗衣机", "笔记本电脑", "手机", "空调", "热水器", "微波炉", "电风扇" }; //获得用户点击查看商品编号 String id = request.getParameter("id"); response.setContentType("text/html;charset=utf-8"); response.getWriter().println("用户正在浏览商品:" + arr[Integer.parseInt(id) - 1]); response.getWriter().println("<a href='/Cookie/product.jsp'>返回</a>"); Cookie cookie = CookieUtils.findCookie(request.getCookies(), "history"); if(cookie == null){ cookie = new Cookie("history", id); cookie.setMaxAge(60 * 60); cookie.setPath("/Cookie"); response.addCookie(cookie); }else{ //已存在商品浏览记录,判断当前浏览商品是否已经在记录中 String ids = cookie.getValue(); String[] idArray = ids.split(","); for(String existId : idArray){ if(existId.equals(id)){ //当前浏览商品已经在浏览器记录中 return; } } //当前id没有在浏览器记录中 cookie.setValue(ids + "," + id); cookie.setMaxAge(60 * 60); cookie.setPath("/Cookie"); response.addCookie(cookie); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
package cn.lsl.cookie; import javax.servlet.http.Cookie; public class CookieUtils { /** * 在Cookie数组中查找指定name cookie */ public static Cookie findCookie(Cookie[] cookies, String name){ if(cookies == null){ return null; }else{ for (Cookie cookie : cookies) { if(cookie.getName().equals(name)){ return cookie; } } return null; } } }
package cn.lsl.cookie; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class CleanHistoryServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { Cookie cookie = new Cookie("history",""); cookie.setMaxAge(0); cookie.setPath("/Cookie"); response.addCookie(cookie); //跳转到商品列表页面:重定向 response.sendRedirect("/Cookie/product.jsp"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { } }
Session
1.Session是服务器端会话管理技术,服务器会为每个浏览器创建一个单独Session对象,保存该浏览器(会话)操作相关信息。
与Cookie区别:cookie是保存在客户端,Session保存在服务器端
2.为什么有Cokie技术?还需要Session?
Cookie存在客户端---- 存在安全问题
Session将数据存在服务器,数据更加安全
*Session将数据保存在服务器端,占用服务器内存资源,Cookie不会占用服务器资源
例如:京东购物车信息保存Cookie,淘宝购物车信息保存Session
3.Session共享
实验:用IE6 向Session保存一个数据,用另一个IE6读取数据?
用第一个IE6保存session数据,当前浏览器可以获得,但是第二个IE6 无法获得第一个浏览器保存Session 数据
IE8以上或火狐浏览器当打开多个浏览器窗口,之间Session共享
原因:IE6的cookie中保存jsessionId默认是会话级别;IE8或者火狐的cookie中保存jsessionId默认是持久cookie
三个问题:
问题一:如何让多个IE6 共享同一个Session ---- 将session id 持久化
问题二:如果客户端关闭浏览器,是否就删除了Session ?
没有,Session保存在服务器端
问题三:IE6 保存Session,关闭浏览器,再次打开,数据丢失了?
IE6默认jsessionId保存会话Cookie中,关闭浏览器,会话cookie就会被删除,客户端丢失jsessionid 无法找到服务器对应Session对象
* 服务器Session对象还存在
案例一:实现多个浏览器的session共享和关闭浏览器再次打开数据还存在
package cn.lsl.session; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class WriteSessionServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //获得Session对象 HttpSession httpSession = request.getSession(); //向session保存一个数据 httpSession.setAttribute("company", "软件公司"); //将写回给浏览器JSESSIONID持久化 Cookie cookie = new Cookie("JSESSIONID", httpSession.getId()); cookie.setMaxAge(60 * 60); cookie.setPath("/SessionTest"); response.addCookie(cookie); response.setContentType("text/html;charset=utf-8"); response.getWriter().println("已向session保存一个数据!"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
package cn.lsl.session; import java.io.IOException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class ReadSessionServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession httpSession = request.getSession(); response.setContentType("text/html;charset=utf-8"); response.getWriter().println("读取之前保存session信息:" + httpSession.getAttribute("company")); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
Session购物车案例
1、商品列表、用户点击列表中商品、将商品添加购物车
2、查看购物车中商品,以及商品购买件数
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>product.jsp</title> </head> <body> <h1>商品列表</h1> 冰箱 <a href="/SessionTest/buy?id=1">购买</a> <br/> 洗衣机 <a href="/SessionTest/buy?id=2">购买</a> <br/> 热水器 <a href="/SessionTest/buy?id=3">购买</a> <br/> 微波炉 <a href="/SessionTest/buy?id=4">购买</a> <br/> 空调 <a href="/SessionTest/buy?id=5">购买</a> <br/> 电饭锅 <a href="/SessionTest/buy?id=6">购买</a> <br/> </body> </html>
package cn.lsl.session; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class BuyServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //获得购买商品编号 String id = request.getParameter("id"); //根据编号得到商品名称 String[] arr = { "冰箱", "洗衣机", "热水器", "微波炉", "空调", "电饭锅" }; String productName = arr[Integer.parseInt(id)-1]; //判断商品名称是否在购物车中 //先判断购物车是否存在 Map<String, Integer> cart = (Map<String, Integer>) request.getSession().getAttribute("cart");//可能返回null if(cart == null){ //购物车对象不存在 cart = new HashMap<String, Integer>(); } // Map containsKey(String Key),判断key有没有对应的value值;有,则返回true if(cart.containsKey(productName)){ //购物车存在该商品,数量+1 int number = cart.get(productName); cart.put(productName, number+1); }else{ //商品没有在购物车中 cart.put(productName, 1); } //将购物车加入session request.getSession().setAttribute("cart", cart); response.setContentType("text/html;charset=utf-8"); response.getWriter().println("商品已经被加入购物车!"); response.getWriter().println("<a href='/SessionTest/cart.jsp'>查看购物车</a>"); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>cart.jsp</title> </head> <body> <h1>查看购物车</h1> <h3><a href="/SessionTest/invalidate.jsp">清空购物车</a></h3> <!-- 购物车信息保存session中 Map<String, Integer> --> <% Map<String, Integer> cart = (Map<String,Integer>)request.getSession().getAttribute("cart"); if(cart == null){ out.println("无购物信息"); }else{ for(String productName : cart.keySet()){ out.println("<h3>商品名称:"+productName+",数量:" + cart.get(productName)+"</h3>"); } } %> </body> </html>
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!-- 清空购物车 --> <% //销毁Session request.getSession().invalidate(); response.sendRedirect("/SessionTest/cart.jsp"); %>
4.禁用Cookie后,Session还能否使用?
可以,可以对url进行重写,原理在url;jsessionid=xxx ---- 在程序中可以调用response.encodeURL进行URL重写
* 如果服务器进行URL重写,所有路径都必须重写
5.Cookie生命周期和Session生命周期
Cookie生命周期
创建:Cookie cookie = new Cookie(name,value); response.add(cookie);
销毁:会话cookie会在浏览器关闭时销毁,持久cookie会在cookie过期(MaxAge)后销毁
Session生命周期
创建:request.getSession()创建session
销毁:三种:1.服务器关闭时销毁 2.session过期时销毁 3.手动调用session.invalidate
设置session过期时间
1、配置web.xml
<session-config>
<session-timeout>30</session-timeout>
</session-config>
2、调用session对象 setMaxInactiveInterval(int interval) 单位是秒
HttpSession session = request.getSession();
session.setMaxInactiveInterval(60*60); 设置session过期时间1小时
用户登陆案例和一次性验证码:
验证码从session获取后,马上删除 ---- 验证码只能使用一次
eg:
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>My JSP 'login.jsp' starting page</title> <script type="text/javascript"> function change(){ //切换验证码 document.getElementById("myimg").src="/SessionTest/checkcode?"+new Date().getTime(); } </script> </head> <body> <h1>登陆页面</h1> <h3 style="color:red;">${requestScope.msg}</h3> <form action="/SessionTest/login" method="post"> 用户名<input type="text" name="username" /><br/> 密码<input type="password" name="password" /><br/> 请输入验证码<input type="text" name="checkcode" /><img id="myimg" src="/SessionTest/checkcode" style="cursor:pointer;" onclick="change();"><br/> <input type="submit" value="登陆" /> </form> </body> </html>
package cn.lsl.session; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginServlet extends HttpServlet { private Map<String, String> userInfo = new HashMap<String, String>(); @Override public void init() throws ServletException { //制作用户数据 userInfo.put("aaa", "111"); userInfo.put("bbb", "222"); userInfo.put("ccc", "333"); userInfo.put("ddd", "444"); } public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { //中文验证码,需要解决乱码问题 request.setCharacterEncoding("utf-8"); //判断验证码输入是否正确 String checkcode = request.getParameter("checkcode"); String checkcode_session = (String)request.getSession().getAttribute("checkcode_session"); //删除session中验证码 request.getSession().removeAttribute("checkcode_session"); if(checkcode_session == null || !checkcode_session.equals(checkcode)){ //传递出错错误信息给jsp request.setAttribute("msg", "验证码错误"); request.getRequestDispatcher("/login.jsp").forward(request, response); return; } //从请求中获得数据 String username = request.getParameter("username"); String password = request.getParameter("password"); //判断用户信息是否正确 if(userInfo.containsKey(username)){ //如果用户名存在 if(userInfo.get(username).equals(password)){ //密码正确 -- 登陆成功 //将用户信息保存session request.getSession().setAttribute("username", username); //跳转登陆成功,系统主页 response.sendRedirect("/SessionTest/welcome.jsp"); }else{ request.setAttribute("msg", "密码码错误"); request.getRequestDispatcher("/login.jsp").forward(request, response); } }else{ //用户名不存在 request.setAttribute("msg", "用户名不存在"); request.getRequestDispatcher("/login.jsp").forward(request, response); } } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
package cn.lsl.session; import java.awt.Color; import java.awt.Font; import java.awt.Graphics; import java.awt.Graphics2D; import java.awt.image.BufferedImage; import java.io.IOException; import java.io.PrintWriter; import java.util.Random; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class CheckcodeServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // response.setHeader("Cache-Control", "no-cache"); // response.setDateHeader("Expires", -1); // response.setHeader("Pragma", "no-cache"); int width = 120; int height = 30; //创建一张内存中缓冲图片 BufferedImage bufferedImage = new BufferedImage(width, height, BufferedImage.TYPE_INT_BGR); //背景色 Graphics graphics = bufferedImage.getGraphics(); //通过graphics对象绘制图片 graphics.setColor(Color.YELLOW); graphics.fillRect(0, 0, width, height); //边框 graphics.setColor(Color.BLUE); graphics.drawRect(0, 0, width-1, height-1); //写验证内容 Graphics2D graphics2d = (Graphics2D)bufferedImage.getGraphics(); graphics2d.setColor(Color.RED); graphics2d.setFont(new Font("宋体",Font.BOLD,18)); //String content = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890"; String content = "u7684u4e00u4e86u662fu6211u4e0du5728u4ebau4eecu6709u6765u4ed6u8fd9u4e0a" + "u7740u4e2au5730u5230u5927u91ccu8bf4u5c31u53bbu5b50u5f97u4e5fu548cu90a3u8981u4e0b" + "u770bu5929u65f6u8fc7u51fau5c0fu4e48u8d77u4f60u90fdu628au597du8fd8u591au6ca1u4e3a" + "u53c8u53efu5bb6u5b66u53eau4ee5u4e3bu4f1au6837u5e74u60f3u751fu540cu8001u4e2du5341" + "u4eceu81eau9762u524du5934u9053u5b83u540eu7136u8d70u5f88u50cfu89c1u4e24u7528u5979" + "u56fdu52a8u8fdbu6210u56deu4ec0u8fb9u4f5cu5bf9u5f00u800cu5df1u4e9bu73b0u5c71u6c11" + "u5019u7ecfu53d1u5de5u5411u4e8bu547du7ed9u957fu6c34u51e0u4e49u4e09u58f0u4e8eu9ad8" + "u624bu77e5u7406u773cu5fd7u70b9u5fc3u6218u4e8cu95eeu4f46u8eabu65b9u5b9eu5403u505a" + "u53ebu5f53u4f4fu542cu9769u6253u5462u771fu5168u624du56dbu5df2u6240u654cu4e4bu6700" + "u5149u4ea7u60c5u8defu5206u603bu6761u767du8bddu4e1cu5e2du6b21u4eb2u5982u88abu82b1" + "u53e3u653eu513fu5e38u6c14u4e94u7b2cu4f7fu5199u519bu5427u6587u8fd0u518du679cu600e" + "u5b9au8bb8u5febu660eu884cu56e0u522bu98deu5916u6811u7269u6d3bu90e8u95e8u65e0u5f80" + "u8239u671bu65b0u5e26u961fu5148u529bu5b8cu5374u7ad9u4ee3u5458u673au66f4u4e5du60a8" + "u6bcfu98ceu7ea7u8ddfu7b11u554au5b69u4e07u5c11u76f4u610fu591cu6bd4u9636u8fdeu8f66" + "u91cdu4fbfu6597u9a6cu54eau5316u592au6307u53d8u793eu4f3cu58ebu8005u5e72u77f3u6ee1" + "u65e5u51b3u767eu539fu62ffu7fa4u7a76u5404u516du672cu601du89e3u7acbu6cb3u6751u516b" + "u96beu65e9u8bbau5417u6839u5171u8ba9u76f8u7814u4ecau5176u4e66u5750u63a5u5e94u5173" + "u4fe1u89c9u6b65u53cdu5904u8bb0u5c06u5343u627eu4e89u9886u6216u5e08u7ed3u5757u8dd1" + "u8c01u8349u8d8au5b57u52a0u811au7d27u7231u7b49u4e60u9635u6015u6708u9752u534au706b" + "u6cd5u9898u5efau8d76u4f4du5531u6d77u4e03u5973u4efbu4ef6u611fu51c6u5f20u56e2u5c4b" + "u79bbu8272u8138u7247u79d1u5012u775bu5229u4e16u521au4e14u7531u9001u5207u661fu5bfc" + "u665au8868u591fu6574u8ba4u54cdu96eau6d41u672au573au8be5u5e76u5e95u6df1u523bu5e73" + "u4f1fu5fd9u63d0u786eu8fd1u4eaeu8f7bu8bb2u519cu53e4u9ed1u544au754cu62c9u540du5440" + "u571fu6e05u9633u7167u529eu53f2u6539u5386u8f6cu753bu9020u5634u6b64u6cbbu5317u5fc5" + "u670du96e8u7a7fu5185u8bc6u9a8cu4f20u4e1au83dcu722cu7761u5174u5f62u91cfu54b1u89c2" + "u82e6u4f53u4f17u901au51b2u5408u7834u53cbu5ea6u672fu996du516cu65c1u623fu6781u5357" + "u67aau8bfbu6c99u5c81u7ebfu91ceu575au7a7au6536u7b97u81f3u653fu57ceu52b3u843du94b1" + "u7279u56f4u5f1fu80dcu6559u70edu5c55u5305u6b4cu7c7bu6e10u5f3au6570u4e61u547cu6027" + "u97f3u7b54u54e5u9645u65e7u795eu5ea7u7ae0u5e2eu5566u53d7u7cfbu4ee4u8df3u975eu4f55" + "u725bu53d6u5165u5cb8u6562u6389u5ffdu79cdu88c5u9876u6025u6797u505cu606fu53e5u533a" + "u8863u822cu62a5u53f6u538bu6162u53d4u80ccu7ec6"; //内容四个字 -- 随机从content中抽取四个字 Random random = new Random(); int x=10; int y=20; StringBuffer stringBuffer = new StringBuffer(); for(int i=0; i<4; i++){ //为字生成旋转角度 -30 -- 30 double jiaodu = random.nextInt(60) - 30; //将旋转角度换算弧度 double theta = jiaodu/180*Math.PI; System.out.println(theta); int index = random.nextInt(content.length()); char letter = content.charAt(index); stringBuffer.append(letter); graphics2d.rotate(theta, x, y); graphics2d.drawString(letter+"", x, y); //将角度还原 graphics2d.rotate(-theta, x, y); x += 30; } //将StringBuffer中四个字转换String String checkcode = stringBuffer.toString(); //将验证码存入session request.getSession().setAttribute("checkcode_session", checkcode); //绘制随机干扰线 int x1; int x2; int y1; int y2; graphics.setColor(Color.LIGHT_GRAY); for(int i=0; i<10; i++){ x1 = random.nextInt(width); x2 = random.nextInt(width); y1 = random.nextInt(height); y2 = random.nextInt(height); //根据两点 绘制直线 graphics.drawLine(x1, y1, x2, y2); } //内存中资源释放 graphics.dispose(); //将图片输出到浏览器 ImageIO //将内存的图片通过浏览器输出流写成jpg格式图片 ImageIO.write(bufferedImage, "jpg", response.getOutputStream()); } public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request,response); } }
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>welcome.jsp</title> </head> <body> <h1>系统主页</h1> <% //因为session会保存登陆用户信息,如果session中没有该信息,说明用户未登陆 if(request.getSession().getAttribute("username")==null){ out.println("你还没有登陆,<a href='/SessionTest/login.jsp'>去登陆</a>"); }else{ //已经登陆 out.println("欢迎你," + request.getSession().getAttribute("username")); } %> </body> </html>
Servlet三种数据范围总结:
ServletContext
HttpServletRequest
HttpSession
三种数据范围,每个对象各自维护类似map集合结构,具备相同几个方法
setAttribute 存入一个属性
getAttribute 取出一个属性
removeAttribute 移除一个属性
三种数据范围对象在哪些情况使用?
ServletContext服务器启动时创建,服务器关闭销毁,所有Servlet共享 --- 保存一些全局数据
例如:数据库连接池、工程配置属性、配置文件内容
HttpSession 在request.getSession时创建,在三种情况下销毁 ----- 保存与用户相关数据
例如:系统登陆信息、购物车数据
HttpServletRequest在客户端发起请求时,服务器创建对象,在响应结束时,对象销毁 ---- 保存Servlet向JSP传输数据信息
例如:执行某个操作,Servlet将操作结果传递JSP(Servlet将登陆错误信息传递JSP)、Servlet将数据查询结果传递JSP
以上三种数据范围 ServletContext > HttpSession > HttpServletRequest
*宗旨:优先使用生命周期短的