2024-01-23(32일차) - JSP_AM_2024_01
📅2024. 01. 23 32일차
🎬JSP_AM_2024_01 구현
게시물 등록 구현
ArticleDoWriteServlet, ArticleWriteServlet
- get 방식
url 뒤에 쿼리스트링을 쓰고 -> 보안에 취약
- post방식
url 뒤에 안쓰고, body에 담음 -> 보안적
- ArticleDoWriteServlet.java
try {
conn = DriverManager.getConnection(url, user, password);
String title = request.getParameter("title");
String body = request.getParameter("body");
SecSql sql = SecSql.from("INSERT INTO article");
sql.append("SET regDate = NOW(),");
sql.append("title = ?,", title);
sql.append("`body` = ?;", body);
int id = DBUtil.insert(conn, sql);
response.getWriter()
.append(String.format("<script>alert('%d번 글이 등록되었습니다.'); location.replace('list');</script>", id));
} catch (SQLException e) {
System.out.println("에러 : " + e);
} finally {
try {
if (conn != null && !conn.isClosed()) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}- ArticleWriteServlet.java
@WebServlet("/article/write")
public class ArticleWriteServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getRequestDispatcher("/jsp/article/write.jsp").forward(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doGet(request, response);
}
}- write.jsp
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>게시물 작성 페이지</title>
</head>
<body>
<h2>게시물 작성</h2>
<form method="POST" action="doWrite">
<div>
제목 : <input type="text" placeholder="제목을 입력해주세요" name="title" />
</div>
<div>
내용 :
<textarea type="text" placeholder="내용을 입력해주세요" name="body"></textarea>
</div>
<button type="submit">작성</button>
</form>
<div>
<a style="color: green" href="list">리스트로 돌아가기</a>
</div>
</body>
</html>게시물 수정 구현
ArticleDoModifyServlet, ArticleModifyServlet
- ArticleDoModifyServlet
try {
conn = DriverManager.getConnection(url, user, password);
int id = Integer.parseInt(request.getParameter("id"));
String title = request.getParameter("title");
String body = request.getParameter("body");
SecSql sql = SecSql.from("UPDATE article");
sql.append("SET ");
sql.append("title = ?,", title);
sql.append("`body` = ?", body);
sql.append("WHERE id = ?;", id);
DBUtil.update(conn, sql);
response.getWriter().append(String
.format("<script>alert('%d번 글이 수정되었습니다.'); location.replace('detail?id=%d');</script>", id, id));
} catch (SQLException e) {
System.out.println("에러 : " + e);
} finally {
try {
if (conn != null && !conn.isClosed()) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}- ArticleModifyServlet
try {
conn = DriverManager.getConnection(url, user, password);
int id = Integer.parseInt(request.getParameter("id"));
SecSql sql = SecSql.from("SELECT *");
sql.append("FROM article");
sql.append("WHERE id = ?;", id);
Map<String, Object> articleRow = DBUtil.selectRow(conn, sql);
request.setAttribute("articleRow", articleRow);
request.getRequestDispatcher("/jsp/article/modify.jsp").forward(request, response);
} catch (SQLException e) {
System.out.println("에러 : " + e);
} finally {
try {
if (conn != null && !conn.isClosed()) {
conn.close();
}
} catch (SQLException e) {
e.printStackTrace();
}
}
}- modify.jsp
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>게시물 수정 페이지</title>
</head>
<body>
<h2>게시물 수정</h2>
<h3><%=articleRow.get("id")%>번 게시물 수정
</h3>
<form method="POST" action="doModify">
<input type="hidden" value="<%=articleRow.get("id")%>" name="id" />
<div>
제목 : <input type="text" name="title"
value="<%=articleRow.get("title")%>"/ >
</div>
<div>
내용 :
<textarea type="text" name="body"><%=articleRow.get("body")%></textarea>
</div>
<button type="submit">수정</button>
</form>
<div>
<a style="color: green" href="list">리스트로 돌아가기</a>
</div>
</body>
</html>TODO
밑에 방식으로 프로그래머스 문제 풀자!!! 정해져있는 하루량 하기
-
문제 이해한거 기록 > 문제가 어떤걸 원하는가
-
1번을 해결하려면? > 한국어
-
2번을 코드로 번역
-
벨로그에 정리
-
시간 정해놓고 하자! 문제
