人事管理系统

     本项目的文件组织结构:https://github.com/OOMMYY/EM

一个数据库连接的javaBean 一个过滤脚本的工具类,其他的除了登录界面login.html外都是jsp界面

一:登录

 

login.html 包含提交登录信息的表单,特别要注意的是页面编码问题,在本项目中,所有的编码格式统一为UTF-8;

 1 <html>
 2 <style >
 3 #login{
 4 position:absolute;
 5     top:310px;
 6     left:550px;
 7     backgroud-color:blue;
 8     <!--background-image: url(login.png);-->
 9 }
10 #body{
11 background-color: rgb(0,120,255);
12 <!--background-image: url(login.png);-->
13 }
14 h1 {font-size:3.75em;}
15 </style>
16 <head>
17  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
18 </head>
19 <body ID="body">
20 <h1 align="center">欢迎登录人事管理系统</h1>
21 <div id="login">
22 <form action="login.jsp" method="post">
23   <p>user name: <input type="text" name="username" required="required" /></p>
24   <p>Password: <input type="password" name="password" required="required" /></p>
25   <p align="center"><input type="submit"  value="login" /></p>
26 </form>
27 </div>
28 </body>
29 </html>

login.jsp 处理登录界面提交的表单

<%@ page language="java" contentType="text/html; charset=UTF-8"%>
<%@ page import="java.util.*,java.text.*"%>
<%@ page import="java.sql.*,util.*"%>

<style>
* {font-family: "宋体";font-size: 14px}
</style>
<center>
<jsp:useBean id="db"
             scope="page"
             class="util.DB" />
    <%
        Boolean flag=false;
        String username=request.getParameter("username");
        String password=request.getParameter("password");
        String sql = "select Password from users where EmployeeID ="+username;
        Connection conn = null;
        response.setContentType("text/html;charset=utf-8");
        try {
            conn = db.getConn();
            Statement pstmt = db.getStmt(conn);
            ResultSet rs = db.getRs(pstmt,sql);
            if(rs.next()){
            String pwd=rs.getString("PassWord");
            if(password.equals(pwd)){
                out.println("登陆成功");
                flag=true;
            }
            }
            if(!flag){
                out.println("登陆失败");
            }
            rs.close();
            pstmt.close();
        }  catch (SQLException e) {
            e.printStackTrace();
        } finally {
            try {
                conn.close();
            } catch (SQLException e) {
                e.printStackTrace();
            }
        }
        if(!flag)
            response.sendRedirect("login.html");
        else{
            session.setAttribute("ID",username);
            response.sendRedirect("menu.jsp");
        }
    %>
</center>

处理登录账户信息后确定用户是否合法,如果合法就转到menu.jsp;否则返回登录界面。

二:菜单导航

menu界面分三个部分,第一部分是:导航栏

第二部分是一个内置框架,用于信息显示

第三部分就是一张图片资源

menu.jsp

  1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
  2
  3 <%@ include file="/header.jsp"%><div id="logout">
  4 <%out.println("USERID:"+session.getAttribute("ID"));%>&nbsp;
  5 <a href="<%=context%>/loginout.jsp">退出登录</a>
  6 <a href="<%=context%>/multivaluequery.jsp" target="showframe">首页查询</a></div>
  7 <img id="head" src="Picture.jpg"  width="1210" height="60"/>          //第三部分的图片加载
  8 <style>
  9 * {font-family: "宋体";font-size: 14px}
 10 #menu{float:left;}
 11 #showframe{height:500;
 12             width:1200;
 13 }
 14 #logout{float:left; height:60px;width:10%;}
 15 #head{
 16     float:right;height:60px;
 17     width:90%;
 18     font:25px/30px;
 19 }
 20 ul
 21 {
 22 list-style-type:none;
 23 margin:0;
 24 padding:0;
 25 }
 26 a:link,a:visited
 27 {
 28 display:block;
 29 font-weight:bold;
 30 color:#FFFFFF;
 31 background-color:#bebebe;
 32 width:120px;
 33 text-align:center;
 34 padding:4px;
 35 text-decoration:none;
 36 text-transform:uppercase;
 37 }
 38 a:hover,a:active
 39 {
 40 background-color:#cc0000;
 41 }
 42 </style>
 43 <div id="menu">
 44 <jsp:useBean id="db"
 45              scope="page"
 46              class="util.DB" />
 47              <br>
 48              <br>
 49              <br>
 50              <br>
 51              <br>
 52              <br><br><br>
 53     <br><%String EmployeeID=""; %>
 54     <a href="<%=context%>/personal_query.jsp?EmployeeID=<%=session.getAttribute("ID")%>"target=showframe > 个人信息查询</a>//第一部分导航栏
 55
 56     <%
 57
 58         String sql = "select * from v_EmployeeInformation";
 59         Connection conn = null;
 60         response.setContentType("text/html;charset=utf-8");              //注意设置服务器返回客户端的字符编码格式,本项目统一采用UTF-8格式编码
 61         try {
 62
 63             conn = db.getConn();
 64             Statement pstmt = db.getStmt(conn);
 65             ResultSet r_rs=db.getRs(pstmt,"select * from v_roles where v_roles.EmployeeID="+session.getAttribute("ID")+";"); //查询合法用户的各项权限
 66             while(r_rs.next()){
 67             int Auth_Authority=r_rs.getInt("Auth_Authority");
 68             int Auth_Info=r_rs.getInt("Auth_Info");
 69             int Auth_Job=r_rs.getInt("Auth_Job");
 70             int Auth_Attendance=r_rs.getInt("Auth_Attendance");
 71             int Auth_Training=r_rs.getInt("Auth_Training");
 72             int Auth_Evaluation=r_rs.getInt("Auth_Evaluation");
 73             int Auth_RP=r_rs.getInt("Auth_RP");
 74             int Auth_Role=r_rs.getInt("Auth_Role");
 75             int Auth_Encrypt=r_rs.getInt("Auth_Encrypt");
 76             if(Auth_Authority==1){
 77                 session.setAttribute("Auth_Authority","1");
 78             out.println("<a href=\"" + context + "/userrole.jsp\" target=showframe >员工角色分配</a>");    //导航栏
 79             }
 80             if(Auth_Info==1){
 81             session.setAttribute("Auth_Info","1");
 82             }
 83         //    out.println("<a href=\"" + context + "/query.jsp\">信息管理</a><BR><br>");          //导航栏
 84             if(Auth_Job==1){
 85                 session.setAttribute("Auth_Job","1");
 86             }
 87             out.println("<a href=\"" + context + "/query.jsp \" target=showframe >人事管理</a>");      //导航栏
 88             if(Auth_Attendance==1){
 89                 session.setAttribute("Auth_Attendance","1");
 90             }
 91             out.println("<a href=\"" + context + "/attendance_query.jsp\"target=showframe >考勤管理</a>");   //导航栏
 92             if(Auth_Training==1){
 93             session.setAttribute("Auth_Training","1");
 94             }
 95             out.println("<a href=\"" + context + "/training_query.jsp\"target=showframe >培训管理</a>");     //导航栏
 96             if(Auth_Evaluation==1){
 97                 session.setAttribute("Auth_Evaluation","1");
 98             }
 99             out.println("<a href=\"" + context + "/evaluation_query.jsp\"target=showframe >考核管理</a>");
100             if(Auth_RP==1){
101                 session.setAttribute("Auth_RP","1");
102                 }
103             out.println("<a href=\"" + context + "/rewardandpunishment_query.jsp\"target=showframe >奖惩管理</a>");
104             if(Auth_Role==1){
105                 session.setAttribute("Auth_Role","1");
106             out.println("<a href=\"" + context + "/role_query.jsp\"target=showframe >角色管理</a>");
107             }
108             if(Auth_Encrypt==1){
109             session.setAttribute("Auth_Encrypt","1");
110             out.println("<a href=\"" + context + "/password_query.jsp\"target=showframe >用户密码管理</a>");
111             }
112             }
113             r_rs.close();
114             pstmt.close();
115         }  catch (SQLException e) {
116             e.printStackTrace();
117         } finally {
118             try {
119                 conn.close();
120             } catch (SQLException e) {
121                 e.printStackTrace();
122             }
123         }
124     %>
125     <br><br>
126     <br>
127 </div>
128 <iframe id="showframe" name="showframe" src="query.jsp" >            //第二部分:内置框架
129 </iframe>
130 <p align="center">
131 Copyright &copy;2015 </p>
132 <%@ include file="/footer.jsp"%>

三:功能实现

1、个人信息查询

本功能由实现了对员工信息表的增删改查,personl_query.jsp实现

  1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
  2
  3 <%@ include file="/header.jsp"%>
  4 <style>
  5 * {font-family: "宋体";font-size: 14px}
  6 </style>
  7 <center>
  8 <jsp:useBean id="db"
  9              scope="page"
 10              class="util.DB" />
 11
 12     <%
 13         String emID=request.getParameter("EmployeeID");
 14         String sql = "select * from employees where EmployeeID="+emID+";";
 15         Connection conn = null;
 16         response.setContentType("text/html;charset=utf-8");
 17         try {
 18
 19             conn = db.getConn();
 20             Statement pstmt = db.getStmt(conn);
 21             ResultSet rs = db.getRs(pstmt,sql);
 22             while (rs.next()) {
 23
 24     %>
 25     <form id="form1" name="form1" method="post"
 26     action="<%=context%>/employee_editHandler.jsp"
 27     >
 28     <table width="650" height="200" border="0" align="center">
 29         <tr>
 30             <td width="150">EmployeeID:</td>
 31             <td width="500">
 32                 <input name="EmployeeID" type="text" value=<%=rs.getString("EmployeeID")%> size="40" maxlength="20" />
 33             </td>
 34         </tr>
 35         <tr>
 36             <td>EmployeeName:</td>
 37             <td>
 38                 <input name="EmployeeName" type="text" value=<%=rs.getString("EmployeeName")%> size="40" maxlength="40" />
 39             </td>
 40         </tr>
 41         <tr>
 42             <td>Sex:</td>
 43             <td>
 44                 <input name="Sex" type="text" value=<%=rs.getString("Sex")%> size="40" maxlength="20" />
 45             </td>
 46         </tr>
 47         <tr>
 48             <td>BirthDay:</td>
 49             <td>
 50                 <input name="BirthDay" type="text" value=<%=rs.getString("BirthDay")%> size="40" maxlength="20" />
 51             </td>
 52         </tr>
 53             <tr>
 54             <td>Phone:</td>
 55             <td>
 56                 <input name="Phone" type="text" value=<%=rs.getString("Phone")%> size="40" maxlength="20" />
 57             </td>
 58         </tr>
 59         <tr>
 60             <td>DegreeID:</td>
 61             <td>
 62                 <input name="DegreeID" type="text" value=<%=rs.getString("DegreeID")%> size="40" maxlength="20" />
 63             </td>
 64         </tr>
 65             <tr>
 66             <td>HireDate:</td>
 67             <td>
 68                 <input name="HireDate" type="text" value=<%=rs.getString("HireDate")%> size="40" maxlength="20" />
 69             </td>
 70         </tr>
 71             <tr>
 72             <td>EmployeeTypeID:</td>
 73             <td>
 74                 <input name="EmployeeTypeID" type="text" value=<%=rs.getString("EmployeeTypeID")%> size="40" maxlength="20" />
 75             </td>
 76         </tr>
 77             <tr>
 78             <td>DepartmentID:</td>
 79             <td>
 80                 <input name="DepartmentID" type="text" value=<%=rs.getString("DepartmentID")%> size="40" maxlength="20" />
 81             </td>
 82         </tr>
 83             <tr>
 84             <td>Title:</td>
 85             <td>
 86                 <input name="Title" type="text" value=<%=rs.getString("Title")%> size="40" maxlength="20" />
 87             </td>
 88         </tr>
 89             <tr>
 90             <td>Salary:</td>
 91             <td>
 92                 <input name="Salary" type="text" value=<%=rs.getString("Salary")%> size="40" maxlength="20" />
 93             </td>
 94         </tr>
 95         <tr>
 96             <td>ManagerID:</td>
 97             <td>
 98                 <input name="ManagerID" type="text" value=<%=rs.getString("ManagerID")%> size="40" maxlength="20" />
 99             </td>
100         </tr>
101         <tr>
102
103             <td>
104
105             </td>
106         </tr>
107         <tr>
108             <td></td>
109             <td>
110                 <input type="submit" name="Submit" value="提交" />
111                 <input type="reset" name="Reset" value="重置" />
112             </td>
113         </tr>
114     </table>
115 </form>
116     <%
117             }
118             rs.close();
119             pstmt.close();
120         }  catch (SQLException e) {
121             e.printStackTrace();
122         } finally {
123             try {
124                 conn.close();
125             } catch (SQLException e) {
126                 e.printStackTrace();
127             }
128         }
129     %>
130     <form action="personalPassword.jsp" method="post">
131     <input type="submit" value="密码管理" name="button1">
132     </form>
133 </center>
134 <%@ include file="/footer.jsp"%>

在本模块还加入了改密码的功能

personalPassword.jsp是改密码的界面,该界面会提交一个包含旧密码,新密码,确认密码的表单

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style type="text/css">
 4 * {font-family: "宋体";font-size: 14px}
 5 table{
 6     width:300;
 7 }
 8 </style>
 9 <jsp:useBean  id="db" scope="page" class="util.DB"/>
10 <center>
11 <br>
12 <form action="personalPasswordHandler.jsp?EmployeeID=<%=session.getAttribute("ID")%>" method="post">
13 <h2>密码管理</h2><br>
14 <a >原密码:</a><input type="password" align="left" name="oldpassword"><br>
15 <a >新密码:</a><input type="password" align="left" name="newpassword0"><br>
16 <a >重新输入:</a><input type="password" align="left" name="newpassword1"><br>
17 <input type="submit" name="button3" value="确认">
18 </form>
19 </center>
20 <%@ include file="footer.jsp"%>

personalPasswordHandler.jsp是处理用户输入,实现对数据库中password表进行更改的jsp

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style>
 4 * {    font-family: "宋体";    font-size: 14px}
 5 </style>
 6 <jsp:useBean id="db"
 7              scope="page"
 8              class="util.DB" />
 9 <%
10     Connection conn = null;
11 //    request.setCharacterEncoding("gb2312");
12     int result = 0;
13     request.setCharacterEncoding("utf-8");
14     String oldpassword = request.getParameter("oldpassword");
15     String newpassword0 = request.getParameter("newpassword0");
16     String newpassword1 = request.getParameter("newpassword1");
17     if(newpassword0.equals(newpassword1)){
18     String sql_0 = "update users set password=? where EmployeeID="+request.getParameter("EmployeeID")+";";
19     String sql_1="select password from users where EmployeeID="+request.getParameter("EmployeeID")+";";
20     if (StringUtil.validateNull(oldpassword)) {
21         out.println("对不起,密码不能为空,请您重新输入!<br>");
22         out.println("<a href=\"" + context + "/personalPassword.jsp\">返回</a><br>");
23     } else {
24             try {
25                 conn = db.getConn();
26                 Statement stmt=db.getStmt(conn);
27                 //out.println(sql);
28                 ResultSet rs=stmt.executeQuery(sql_1);
29                 //out.print(sql_0);
30                 //out.print(sql_0);
31                 String pwd="";
32                 while(rs.next()){
33                     pwd=rs.getString("password");
34                 }
35                 stmt.close();
36                 if(oldpassword.equals(pwd)){
37                 PreparedStatement pstmt = conn.prepareStatement(sql_0);
38                 pstmt.setString(1, StringUtil.filterHtml(newpassword0));
39                 result = pstmt.executeUpdate();
40                 pstmt.close();
41                 }
42                 else{
43                 result=0;
44                 }
45             } catch (SQLException e) {
46                 e.printStackTrace();
47             } finally {
48                 try {
49                     conn.close();
50                 } catch (SQLException e) {
51                     e.printStackTrace();
52                 }
53             }
54         }
55     }
56     else{
57     result=0;
58     }
59         if (result == 0) {
60             out.println("对不起,密码编辑不成功,请您重新编辑!<BR>");
61             out.println("<a href=\"" + context + "/personalPasswod.jsp\">返回</a><BR>");
62         } else {
63             out.println("祝贺您,密码编辑成功。<BR>");
64             out.println("<a href=\"" + context + "/personalPassword.jsp\">返回</a><BR>");
65         }
66 %>
67 <%@ include file="/footer.jsp"%>

2、员工角色分配

这个模块实现对数据库userrole表的查询和编辑功能,uerrole.jsp把数据库中的userrole表查询一遍,返回并显示结果,这里面的连接数据库时分四步.1、加载数据库驱动;2、连接数据库;3、创建会话获得结果集;4、关闭结果集与会话,断开数据库连接。注意在整个过程中要对可能出现的异常情况进行处理,在该项目中,数据库的连接操作被封装在一个javaBean中(DB.java)DB.java

在jsp中进行数据库操作之前,先实例化DB  <jsp:useBean  id="db" scope="page" class="util.DB"/>

DB中对数据库进行操作的方法有:获得连接 getConn();获得会话 getStmt();获得数据集 getRS();关闭连接 closeConn();关闭会话 closeStmt();关闭数据集 closeRs();

 1 package util;
 2 import java.sql.*;
 3
 4 public class DB {
 5     private Connection conn = null;
 6     private Statement stmt = null;
 7     private ResultSet rs = null;
 8
 9     public DB() {
10
11     }
12
13     public  Connection getConn() {
14
15         try {
16             Class.forName("com.mysql.jdbc.Driver");
17             conn = DriverManager.getConnection("jdbc:mysql://localhost:3306/employeemanage?user=root&password=");
18         } catch (ClassNotFoundException e) {
19             e.printStackTrace();
20         } catch (SQLException e) {
21             e.printStackTrace();
22         }
23
24         return conn;
25     }
26
27     public Statement getStmt(Connection conn) {
28
29         try {
30             if(conn != null) {
31                 stmt = conn.createStatement();
32             }
33         } catch (SQLException e) {
34             e.printStackTrace();
35         }
36         return stmt;
37     }
38
39     public  ResultSet getRs(Statement stmt, String sql) {
40
41         try {
42             if(stmt != null) {
43                 rs = stmt.executeQuery(sql);
44             }
45         } catch (SQLException e) {
46             e.printStackTrace();
47         }
48         return rs;
49     }
50
51     public  void closeConn(Connection conn) {
52         try {
53             if(conn != null) {
54                 conn.close();
55                 conn = null;
56             }
57         } catch (SQLException e) {
58             e.printStackTrace();
59         }
60     }
61
62     public void closeStmt(Statement stmt) {
63         try {
64             if(stmt != null) {
65                 stmt.close();
66                 stmt = null;
67             }
68         } catch (SQLException e) {
69             e.printStackTrace();
70         }
71     }
72
73     public  void closeRs(ResultSet rs) {
74         try {
75             if(rs != null) {
76                 rs.close();
77                 rs = null;
78             }
79         } catch (SQLException e) {
80             e.printStackTrace();
81         }
82     }
83 }

员工角色表的显示userrole.jsp

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style type="text/css">
 4 * {font-family: "宋体";font-size: 14px}
 5 table{
 6     width:100;
 7 }
 8 </style>
 9 <jsp:useBean  id="db" scope="page" class="util.DB"/>
10 <center>
11 <br>
12 员工角色分配
13
14
15 <table>
16 <tr>
17 <th  width=40 >员工ID</th><th width=40 >角色ID</th>
18 </tr>
19
20 <%
21 response.setContentType("text/html;charset=utf-8");
22 Connection conn=null;
23 try{
24     conn=db.getConn();
25     Statement stmt=db.getStmt(conn);
26     ResultSet rs=stmt.executeQuery("select * from userrole;");
27     while(rs.next()){
28     %>
29     <form action="userrole_editHandler.jsp" method="post">
30     <tr>
31     <td><input type="text" maxlength="10"  readonly size="10" name="EmployeeID" value=<%=rs.getString("EmployeeID")%> /></td>
32     <td><input type="text" maxlength="10" size="10" name="RoleID" value=<%=rs.getString("RoleID") %> /></td>
33     <td><input type="submit" name="button3" value="确认修改"> </td>
34     </tr>
35     </form>
36     <%
37     }
38     rs.close();
39     stmt.close();
40     }catch(SQLException e){
41     e.printStackTrace();
42     } finally{
43         try{
44         conn.close();
45         }catch(SQLException e){
46             e.printStackTrace();
47         }
48     }
49 %>
50     </table>
51 </center>
52 <%@ include file="footer.jsp"%>

对员工角色分派表编辑后进行数据库更新的处理页面:userrole_editHandler.jsp

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style>
 4 * {    font-family: "宋体";    font-size: 14px}
 5 </style>
 6 <jsp:useBean id="db"
 7              scope="page"
 8              class="util.DB" />
 9 <%
10     Connection conn = null;
11 //    request.setCharacterEncoding("gb2312");
12     int result = 0;
13     request.setCharacterEncoding("utf-8");
14     String EmployeeID = request.getParameter("EmployeeID");
15     String RoleID = request.getParameter("RoleID");
16     String sql = "update userrole set roleID=? where EmployeeID="+EmployeeID+";";
17     if (StringUtil.validateNull(EmployeeID)) {
18         out.println("对不起,用户名不能为空,请您重新编辑!<br>");
19         out.println("><a href=\"" + context + "/userrole.jsp\">返回</a><br>");
20     } else if (StringUtil.validateNull(RoleID)) {
21         out.println("对不起,RoleID不能为空,请您重新输入!<br>");
22         out.println("<a href=\"" + context + "/userrole.jsp\">返回</a><br>");
23     } else {
24             try {
25                 conn = db.getConn();
26                 Statement stmt=db.getStmt(conn);
27                 //out.println(sql);
28                 //stmt.executeUpdate(sql);
29                 stmt.close();
30                 PreparedStatement pstmt = conn.prepareStatement(sql);
31                 pstmt.setString(1, StringUtil.filterHtml(RoleID));
32                 result = pstmt.executeUpdate();
33                 pstmt.close();
34             } catch (SQLException e) {
35                 e.printStackTrace();
36             } finally {
37                 try {
38                     conn.close();
39                 } catch (SQLException e) {
40                     e.printStackTrace();
41                 }
42             }
43
44
45         if (result == 0) {
46             out.println("对不起,用户角色编辑不成功,请您重新编辑!<BR>");
47             out.println("<a href=\"" + context + "/userrole.jsp\">返回</a><BR>");
48         } else {
49             out.println("祝贺您,用户角色编辑成功。<BR>");
50             out.println("<a href=\"" + context + "/userrole.jsp\">返回</a><BR>");
51         }
52     }
53 %>
54 <%@ include file="/footer.jsp"%>

3、人事管理

该部分实现了员工信息的增、删、改和按ID进行查询。本部分最主要的就是query.jsp

  1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
  2
  3 <%@ include file="/header.jsp"%>
  4 <style>
  5 * {font-family: "宋体";font-size: 14px}
  6 </style>
  7 <center>
  8 <jsp:useBean id="db"
  9              scope="page"
 10              class="util.DB" />
 11
 12     <%
 13
 14         String sql = "select * from v_EmployeeInformation";
 15         Connection conn = null;
 16         response.setContentType("text/html;charset=utf-8");
 17         try {
 18
 19             conn = db.getConn();
 20             Statement pstmt = db.getStmt(conn);
 21             ResultSet r_rs=db.getRs(pstmt,"select * from v_roles where v_roles.EmployeeID="+session.getAttribute("ID")+";");
 22             %>
 23     <form action="employee_query.jsp" method="post">
 24                 员工ID查询:
 25     <input type="text" maxlength="4" size="10" name="text3" required="required">
 26     <input type="submit" name="button2">
 27     </form>
 28     <%
 29         if(session.getAttribute("Auth_Info")=="1"){
 30             out.println("<a href="+context+"/employee_add.jsp>添加员工</a>");
 31         }
 32     %>
 33             <%
 34         ResultSet rs = db.getRs(pstmt,sql);
 35             while (rs.next()) {
 36
 37     %>
 38     <br><br>
 39     <form action="employee_delete.jsp" method="get">
 40     <table width="600" border="1" bordercolor="000000"
 41         style="table-layout: fixed; word-break: break-all">
 42         <tr>
 43             <td width="100" bordercolor="ffffff">
 44                 EmployeeID:
 45             </td>
 46             <%int temp=rs.getInt("EmployeeID"); %>
 47             <td width="500" bordercolor="ffffff"><%=temp%></td>
 48         </tr>
 49         <tr>
 50             <td bordercolor="ffffff">
 51                 EmployeeName:
 52             </td>
 53             <td bordercolor="ffffff"><%=rs.getString("EmployeeName")%></td>
 54         </tr>
 55             <tr>
 56             <td bordercolor="ffffff">
 57                 sex:
 58             </td>
 59             <td bordercolor="ffffff"><%=rs.getString("sex")%></td>
 60         </tr>
 61             <tr>
 62             <td bordercolor="ffffff">
 63                 BirthDay:
 64             </td>
 65             <td bordercolor="ffffff"><%=rs.getString("Birthday")%></td>
 66         </tr>
 67             <tr>
 68             <td bordercolor="ffffff">
 69                 Phone:
 70             </td>
 71             <td bordercolor="ffffff"><%=rs.getString("Phone")%></td>
 72         </tr>
 73             <tr>
 74             <td bordercolor="ffffff">
 75                 HireDate:
 76             </td>
 77             <td bordercolor="ffffff"><%=rs.getString("HireDate")%></td>
 78         </tr>
 79             <tr>
 80             <td bordercolor="ffffff">
 81                 Title:
 82             </td>
 83             <td bordercolor="ffffff"><%=rs.getString("Title")%></td>
 84         </tr>
 85             <tr>
 86             <td bordercolor="ffffff">
 87                 Salary:
 88             </td>
 89             <td bordercolor="ffffff"><%=rs.getString("Salary")%></td>
 90         </tr>
 91             <tr>
 92             <td bordercolor="ffffff">
 93                 DegreeName:
 94             </td>
 95             <td bordercolor="ffffff"><%=rs.getString("DegreeName")%></td>
 96         </tr>
 97             <tr>
 98             <td bordercolor="ffffff">
 99                 DepartmentName:
100             </td>
101             <td bordercolor="ffffff"><%=rs.getString("DepartmentName")%></td>
102         </tr>
103     </table>
104     <%if(session.getAttribute("Auth_Info")=="1"){%>
105     <input type="hidden" name=EmployeeID ID=EmpolyeeID value=<%=temp%> />
106     <input type="submit"  value="delete" >
107     <br>
108     <%}%>
109     </form>
110     <form action="employee_edit.jsp" method="get">
111     <%if(session.getAttribute("Auth_Info")=="1"){%>
112     <input type="hidden" name=EmployeeID ID=EmpolyeeID value=<%=temp%> />
113     <input type="submit"  value="Edit" >
114     <br>
115     <%}%>
116     </form>
117     <%
118             }
119             rs.close();
120             pstmt.close();
121         }  catch (SQLException e) {
122             e.printStackTrace();
123         } finally {
124             try {
125                 conn.close();
126             } catch (SQLException e) {
127                 e.printStackTrace();
128             }
129         }
130     %>
131 </center>
132 <%@ include file="/footer.jsp"%>

添加员工

  1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
  2 <%@ include file="/header.jsp"%>
  3 <style>
  4 * {    font-family: "宋体"; font-size: 14px }
  5 </style>
  6
  7 <p align="center">
  8     添加员工
  9 </p>
 10 <p align="center">
 11     <a href="<%=context%>/query.jsp">查看员工信息</a>
 12 </p>
 13 <form id="form1" name="form1" method="post"
 14     action="<%=context%>/addEmployeeHandler.jsp"
 15     >
 16     <table width="650" height="200" border="0" align="center">
 17         <tr>
 18             <td width="150">EmployeeID:</td>
 19             <td width="500">
 20                 <input name="EmployeeID" type="text" id="EmployeeID" size="40" maxlength="20" />
 21             </td>
 22         </tr>
 23         <tr>
 24             <td>EmployeeName:</td>
 25             <td>
 26                 <input name="EmployeeName" type="text" id="EmployeeName" size="40" maxlength="40" />
 27             </td>
 28         </tr>
 29         <tr>
 30             <td>Sex:</td>
 31             <td>
 32                 <input name="Sex" type="text" id="Sex" size="40" maxlength="20" />
 33             </td>
 34         </tr>
 35         <tr>
 36             <td>BirthDay:</td>
 37             <td>
 38                 <input name="BirthDay" type="text" id="BirthDay" size="40" maxlength="20" />
 39             </td>
 40         </tr>
 41             <tr>
 42             <td>Phone:</td>
 43             <td>
 44                 <input name="Phone" type="text" id="Phone" size="40" maxlength="20" />
 45             </td>
 46         </tr>
 47         <tr>
 48             <td>DegreeID:</td>
 49             <td>
 50                 <input name="DegreeID" type="text" id="DegreeID" size="40" maxlength="20" />
 51             </td>
 52         </tr>
 53             <tr>
 54             <td>HireDate:</td>
 55             <td>
 56                 <input name="HireDate" type="text" id="HireDate" size="40" maxlength="20" />
 57             </td>
 58         </tr>
 59             <tr>
 60             <td>EmployeeTypeID:</td>
 61             <td>
 62                 <input name="EmployeeTypeID" type="text" id="EmployeeTypeID" size="40" maxlength="20" />
 63             </td>
 64         </tr>
 65             <tr>
 66             <td>DepartmentID:</td>
 67             <td>
 68                 <input name="DepartmentID" type="text" id="DepartmentID" size="40" maxlength="20" />
 69             </td>
 70         </tr>
 71             <tr>
 72             <td>Title:</td>
 73             <td>
 74                 <input name="Title" type="text" id="Title" size="40" maxlength="20" />
 75             </td>
 76         </tr>
 77             <tr>
 78             <td>Salary:</td>
 79             <td>
 80                 <input name="Salary" type="text" id="Salary" size="40" maxlength="20" />
 81             </td>
 82         </tr>
 83         <tr>
 84             <td>ManagerID:</td>
 85             <td>
 86                 <input name="ManagerID" type="text" id="ManagerID" size="40" maxlength="20" />
 87             </td>
 88         </tr>
 89         <tr>
 90
 91             <td>
 92
 93             </td>
 94         </tr>
 95         <tr>
 96             <td></td>
 97             <td>
 98                 <input type="submit" name="Submit" value="提交" />
 99                 <input type="reset" name="Reset" value="重置" />
100             </td>
101         </tr>
102     </table>
103 </form>
104 <%@ include file="/footer.jsp"%>

添加员工时的后台处理addEmployeeHandler.jsp

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style>
 4 * {    font-family: "宋体";    font-size: 14px}
 5 </style>
 6 <jsp:useBean id="db"
 7              scope="page"
 8              class="util.DB" />
 9 <%
10     Connection conn = null;
11 //    request.setCharacterEncoding("gb2312");
12     int result = 0;
13     request.setCharacterEncoding("utf-8");
14     String EmployeeID = request.getParameter("EmployeeID");
15     String EmployeeName = request.getParameter("EmployeeName");
16     String Sex = request.getParameter("Sex");
17     String BirthDay = request.getParameter("BirthDay");
18     String Phone = request.getParameter("Phone");
19     String DegreeID= request.getParameter("DegreeID");
20     String HireDate= request.getParameter("HireDate");
21     String EmployeeTypeID= request.getParameter("EmployeeTypeID");
22     String DepartmentID= request.getParameter("DepartmentID");
23     String Title= request.getParameter("Title");
24     String Salary= request.getParameter("Salary");
25     String ManagerID= request.getParameter("ManagerID");
26     String sql = "insert into employees (EmployeeID,EmployeeName,Sex,BirthDay,Phone,DegreeID,HireDate,EmployeeTypeID,DepartmentID,Title,Salary,ManagerID) values(?,?,?,?,?,?,?,?,?,?,?,?);";
27
28     if (StringUtil.validateNull(EmployeeID)) {
29         out.println("对不起,不能为空,请您重新输入!<br>");
30         out.println("><a href=\"" + context + "/employee_add.jsp\">添加新员工</a><br>");
31     } else if (StringUtil.validateNull(EmployeeName)) {
32         out.println("对不起,不能为空,请您重新输入!<br>");
33         out.println("<a href=\"" + context + "/employee_add.jsp\">添加新员工</a><br>");
34     } else {
35             try {
36                 conn = db.getConn();
37                 //Statement stmt=conn.createStatement();
38             //    result=stmt.executeUpdate(sql);
39             //    stmt.close();
40                 PreparedStatement pstmt = conn.prepareStatement(sql);
41                 pstmt.setString(1, StringUtil.filterHtml(EmployeeID));
42                 pstmt.setString(2, StringUtil.filterHtml(EmployeeName));
43                 pstmt.setString(3, StringUtil.filterHtml(request.getParameter("Sex")));
44                 pstmt.setString(4, StringUtil.filterHtml(request.getParameter("BirthDay")));
45                 pstmt.setString(5, StringUtil.filterHtml(request.getParameter("Phone")));
46                 pstmt.setString(6, StringUtil.filterHtml(request.getParameter("DegreeID")));
47                 pstmt.setString(7, StringUtil.filterHtml(request.getParameter("HireDate")));
48                 pstmt.setString(8, StringUtil.filterHtml(request.getParameter("EmployeeTypeID")));
49                 pstmt.setString(9, StringUtil.filterHtml(request.getParameter("DepartmentID")));
50                 pstmt.setString(10, StringUtil.filterHtml(request.getParameter("Title")));
51                 pstmt.setString(11, StringUtil.filterHtml(request.getParameter("Salary")));
52                 pstmt.setString(12, StringUtil.filterHtml(request.getParameter("ManagerID")));
53
54                 result = pstmt.executeUpdate();
55                 pstmt.close();
56             } catch (SQLException e) {
57                 e.printStackTrace();
58             } finally {
59                 try {
60                     conn.close();
61                 } catch (SQLException e) {
62                     e.printStackTrace();
63                 }
64             }
65
66
67         if (result == 0) {
68             out.println("对不起,员工信息添加不成功,请您重新输入!<BR>");
69             out.println("<a href=\"" + context + "/employee_add.jsp\">添加新的员工信息</a><BR>");
70         } else {
71             out.println("祝贺您,员工信息成功添加。<BR>");
72             out.println("<a href=\"" + context + "/query.jsp\">查看所有员工信息</a><BR>");
73             out.println("<a href=\"" + context + "/employee_add.jsp\">继续添加员工信息</a><BR>");
74         }
75     }
76 %>
77 <%@ include file="/footer.jsp"%>

employee_delete.jsp后台进行删除操作

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style>
 4 * {    font-family: "宋体";    font-size: 14px}
 5 </style>
 6 <jsp:useBean id="db"
 7              scope="page"
 8              class="util.DB" />
 9 <%
10     Connection conn = null;
11     request.setCharacterEncoding("utf-8");
12     String EmployeeID = request.getParameter("EmployeeID");
13     String sql = "delete from employees where EmployeeID="+EmployeeID+";";
14             try{
15                 conn = db.getConn();
16                 Statement stmt=conn.createStatement();
17                 out.println("<br><br>删除成功");
18                 stmt.executeUpdate(sql);
19                 stmt.close();
20             } catch (SQLException e) {
21                 e.printStackTrace();
22             } finally {
23                 try {
24                     conn.close();
25                 } catch (SQLException e) {
26                     e.printStackTrace();
27                 }
28             }
29         response.sendRedirect("query.jsp");
30 %>
31 <%@ include file="/footer.jsp"%>

管理员编辑员工信息的界面emoployee_edit.jsp

  1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
  2
  3 <%@ include file="/header.jsp"%>
  4 <style>
  5 * {font-family: "宋体";font-size: 14px}
  6 </style>
  7 <center>
  8 <jsp:useBean id="db"
  9              scope="page"
 10              class="util.DB" />
 11
 12     <%
 13         String emID=request.getParameter("EmployeeID");
 14         String sql = "select * from employees where EmployeeID="+emID+";";
 15         Connection conn = null;
 16         response.setContentType("text/html;charset=utf-8");
 17         try {
 18
 19             conn = db.getConn();
 20             Statement pstmt = db.getStmt(conn);
 21             ResultSet rs = db.getRs(pstmt,sql);
 22             while (rs.next()) {
 23
 24     %>
 25     <form id="form1" name="form1" method="post"
 26     action="<%=context%>/employee_editHandler.jsp"
 27     >
 28     <table width="650" height="200" border="0" align="center">
 29         <tr>
 30             <td width="150">EmployeeID:</td>
 31             <td width="500">
 32                 <input name="EmployeeID" type="text" value=<%=rs.getString("EmployeeID")%> size="40" maxlength="20" />
 33             </td>
 34         </tr>
 35         <tr>
 36             <td>EmployeeName:</td>
 37             <td>
 38                 <input name="EmployeeName" type="text" value=<%=rs.getString("EmployeeName")%> size="40" maxlength="40" />
 39             </td>
 40         </tr>
 41         <tr>
 42             <td>Sex:</td>
 43             <td>
 44                 <input name="Sex" type="text" value=<%=rs.getString("Sex")%> size="40" maxlength="20" />
 45             </td>
 46         </tr>
 47         <tr>
 48             <td>BirthDay:</td>
 49             <td>
 50                 <input name="BirthDay" type="text" value=<%=rs.getString("BirthDay")%> size="40" maxlength="20" />
 51             </td>
 52         </tr>
 53             <tr>
 54             <td>Phone:</td>
 55             <td>
 56                 <input name="Phone" type="text" value=<%=rs.getString("Phone")%> size="40" maxlength="20" />
 57             </td>
 58         </tr>
 59         <tr>
 60             <td>DegreeID:</td>
 61             <td>
 62                 <input name="DegreeID" type="text" value=<%=rs.getString("DegreeID")%> size="40" maxlength="20" />
 63             </td>
 64         </tr>
 65             <tr>
 66             <td>HireDate:</td>
 67             <td>
 68                 <input name="HireDate" type="text" value=<%=rs.getString("HireDate")%> size="40" maxlength="20" />
 69             </td>
 70         </tr>
 71             <tr>
 72             <td>EmployeeTypeID:</td>
 73             <td>
 74                 <input name="EmployeeTypeID" type="text" value=<%=rs.getString("EmployeeTypeID")%> size="40" maxlength="20" />
 75             </td>
 76         </tr>
 77             <tr>
 78             <td>DepartmentID:</td>
 79             <td>
 80                 <input name="DepartmentID" type="text" value=<%=rs.getString("DepartmentID")%> size="40" maxlength="20" />
 81             </td>
 82         </tr>
 83             <tr>
 84             <td>Title:</td>
 85             <td>
 86                 <input name="Title" type="text" value=<%=rs.getString("Title")%> size="40" maxlength="20" />
 87             </td>
 88         </tr>
 89             <tr>
 90             <td>Salary:</td>
 91             <td>
 92                 <input name="Salary" type="text" value=<%=rs.getString("Salary")%> size="40" maxlength="20" />
 93             </td>
 94         </tr>
 95         <tr>
 96             <td>ManagerID:</td>
 97             <td>
 98                 <input name="ManagerID" type="text" value=<%=rs.getString("ManagerID")%> size="40" maxlength="20" />
 99             </td>
100         </tr>
101         <tr>
102
103             <td>
104
105             </td>
106         </tr>
107         <tr>
108             <td></td>
109             <td>
110                 <input type="submit" name="Submit" value="提交" />
111                 <input type="reset" name="Reset" value="重置" />
112             </td>
113         </tr>
114     </table>
115 </form>
116     <%
117             }
118             rs.close();
119             pstmt.close();
120         }  catch (SQLException e) {
121             e.printStackTrace();
122         } finally {
123             try {
124                 conn.close();
125             } catch (SQLException e) {
126                 e.printStackTrace();
127             }
128         }
129     %>
130 </center>
131 <%@ include file="/footer.jsp"%>

编辑后employee_editHandler.jsp对数据库进行更新

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style>
 4 * {    font-family: "宋体";    font-size: 14px}
 5 </style>
 6 <jsp:useBean id="db"
 7              scope="page"
 8              class="util.DB" />
 9 <%
10     Connection conn = null;
11 //    request.setCharacterEncoding("gb2312");
12     int result = 0;
13     request.setCharacterEncoding("utf-8");
14     String EmployeeID = request.getParameter("EmployeeID");
15     String EmployeeName = request.getParameter("EmployeeName");
16     String Sex = request.getParameter("Sex");
17     String BirthDay = request.getParameter("BirthDay");
18     String Phone = request.getParameter("Phone");
19     String DegreeID= request.getParameter("DegreeID");
20     String HireDate= request.getParameter("HireDate");
21     String EmployeeTypeID= request.getParameter("EmployeeTypeID");
22     String DepartmentID= request.getParameter("DepartmentID");
23     String Title= request.getParameter("Title");
24     String Salary= request.getParameter("Salary");
25     String ManagerID= request.getParameter("ManagerID");
26     String sql_d = "delete from employees where EmployeeID="+EmployeeID+";";
27     String sql ="insert into employees (EmployeeID,EmployeeName,Sex,BirthDay,Phone,DegreeID,HireDate,EmployeeTypeID,DepartmentID,Title,Salary,ManagerID) values(?,?,?,?,?,?,?,?,?,?,?,?);";
28
29     if (StringUtil.validateNull(EmployeeID)) {
30         out.println("对不起,不能为空,请您重新输入!<br>");
31         out.println("><a href=\"" + context + "/employee_edit.jsp\">重新编辑</a><br>");
32     } else if (StringUtil.validateNull(EmployeeName)) {
33         out.println("对不起,不能为空,请您重新输入!<br>");
34         out.println("<a href=\"" + context + "/employee_edit.jsp\">重新编辑</a><br>");
35     } else {
36             try {
37                 conn = db.getConn();
38                 Statement stmt=db.getStmt(conn);
39             //    out.println(sql_d);
40                 stmt.executeUpdate(sql_d);
41                 stmt.close();
42                 PreparedStatement pstmt = conn.prepareStatement(sql);
43                 pstmt.setString(1, StringUtil.filterHtml(EmployeeID));
44                 pstmt.setString(2, StringUtil.filterHtml(EmployeeName));
45                 pstmt.setString(3, StringUtil.filterHtml(request.getParameter("Sex")));
46                 pstmt.setString(4, StringUtil.filterHtml(request.getParameter("BirthDay")));
47                 pstmt.setString(5, StringUtil.filterHtml(request.getParameter("Phone")));
48                 pstmt.setString(6, StringUtil.filterHtml(request.getParameter("DegreeID")));
49                 pstmt.setString(7, StringUtil.filterHtml(request.getParameter("HireDate")));
50                 pstmt.setString(8, StringUtil.filterHtml(request.getParameter("EmployeeTypeID")));
51                 pstmt.setString(9, StringUtil.filterHtml(request.getParameter("DepartmentID")));
52                 pstmt.setString(10, StringUtil.filterHtml(request.getParameter("Title")));
53                 pstmt.setString(11, StringUtil.filterHtml(request.getParameter("Salary")));
54                 pstmt.setString(12, StringUtil.filterHtml(request.getParameter("ManagerID")));
55
56                 result = pstmt.executeUpdate();
57                 pstmt.close();
58             } catch (SQLException e) {
59                 e.printStackTrace();
60             } finally {
61                 try {
62                     conn.close();
63                 } catch (SQLException e) {
64                     e.printStackTrace();
65                 }
66             }
67
68
69         if (result == 0) {
70             out.println("对不起,员工信息编辑不成功,请您重新编辑!<BR>");
71             out.println("<a href=\"" + context + "/employee_edit.jsp\">编辑员工信息</a><BR>");
72         } else {
73             out.println("祝贺您,员工信息编辑成功。<BR>");
74             out.println("<a href=\"" + context + "/query.jsp\">查看所有员工信息</a><BR>");
75         }
76     }
77 %>
78 <%@ include file="/footer.jsp"%>

根据员工号进行查询employee_query.jsp

  1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
  2
  3 <%@ include file="/header.jsp"%>
  4 <style>
  5 * {font-family: "宋体";font-size: 14px}
  6 </style>
  7 <center>
  8 <jsp:useBean id="db"
  9              scope="page"
 10              class="util.DB" />
 11
 12     <%
 13         String emID=request.getParameter("text3");
 14         String sql = "select * from v_EmployeeInformation where EmployeeID="+emID+";";
 15         Connection conn = null;
 16         response.setContentType("text/html;charset=utf-8");
 17         try {
 18
 19             conn = db.getConn();
 20             Statement pstmt = db.getStmt(conn);
 21             ResultSet rs = db.getRs(pstmt,sql);
 22             while (rs.next()) {
 23
 24     %>
 25     <br><br>
 26     <table width="600" border="1" bordercolor="000000"
 27         style="table-layout: fixed; word-break: break-all">
 28         <tr>
 29             <td width="100" bordercolor="ffffff">
 30                 EmployeeID:
 31             </td>
 32             <td width="500" bordercolor="ffffff"><%=rs.getInt("EmployeeID")%></td>
 33         </tr>
 34         <tr>
 35             <td bordercolor="ffffff">
 36                 EmployeeName:
 37             </td>
 38             <td bordercolor="ffffff"><%=rs.getString("EmployeeName")%></td>
 39         </tr>
 40             <tr>
 41             <td bordercolor="ffffff">
 42                 sex:
 43             </td>
 44             <td bordercolor="ffffff"><%=rs.getString("sex")%></td>
 45         </tr>
 46             <tr>
 47             <td bordercolor="ffffff">
 48                 BirthDay:
 49             </td>
 50             <td bordercolor="ffffff"><%=rs.getString("Birthday")%></td>
 51         </tr>
 52             <tr>
 53             <td bordercolor="ffffff">
 54                 Phone:
 55             </td>
 56             <td bordercolor="ffffff"><%=rs.getString("Phone")%></td>
 57         </tr>
 58             <tr>
 59             <td bordercolor="ffffff">
 60                 HireDate:
 61             </td>
 62             <td bordercolor="ffffff"><%=rs.getString("HireDate")%></td>
 63         </tr>
 64             <tr>
 65             <td bordercolor="ffffff">
 66                 Title:
 67             </td>
 68             <td bordercolor="ffffff"><%=rs.getString("Title")%></td>
 69         </tr>
 70             <tr>
 71             <td bordercolor="ffffff">
 72                 Salary:
 73             </td>
 74             <td bordercolor="ffffff"><%=rs.getString("Salary")%></td>
 75         </tr>
 76             <tr>
 77             <td bordercolor="ffffff">
 78                 DegreeName:
 79             </td>
 80             <td bordercolor="ffffff"><%=rs.getString("DegreeName")%></td>
 81         </tr>
 82             <tr>
 83             <td bordercolor="ffffff">
 84                 DepartmentName:
 85             </td>
 86             <td bordercolor="ffffff"><%=rs.getString("DepartmentName")%></td>
 87         </tr>
 88
 89     </table>
 90     <br>
 91     <%
 92             }
 93             rs.close();
 94             pstmt.close();
 95         }  catch (SQLException e) {
 96             e.printStackTrace();
 97         } finally {
 98             try {
 99                 conn.close();
100             } catch (SQLException e) {
101                 e.printStackTrace();
102             }
103         }
104     %>
105 </center>
106 <%@ include file="/footer.jsp"%>

4、考勤管理

attendance_query.jsp实现考勤信息的查询输出

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <%@ include file="/header.jsp"%>
 3 <style>
 4 * {font-family: "宋体";font-size: 14px}
 5 </style>
 6 <jsp:useBean  id="db" scope="page" class="util.DB"/>
 7 <center>
 8     <br>出勤日志<br>
 9     <table>
10     <tr>
11     <td>职工姓名</td><td>日期</td><td>出勤状态</td>
12     </tr>
13 <%
14 response.setContentType("text/html;charset=utf-8");
15 Connection conn=null;
16 try{
17     conn=db.getConn();
18     Statement stmt=db.getStmt(conn);
19     ResultSet rs=stmt.executeQuery("select * from v_attendances;");
20     while(rs.next()){
21     %>
22     <tr>
23     <td><%=rs.getString("EmployeeName")%></td><td><%=rs.getString("Date") %></td><td><%=rs.getString("Status")%>
24     </tr>
25     <%
26     }
27     rs.close();
28     stmt.close();
29     }catch(SQLException e){
30     e.printStackTrace();
31     } finally{
32         try{
33         conn.close();
34         }catch(SQLException e){
35             e.printStackTrace();
36         }
37     }
38 %>
39 </table>
40 </center>
41 <%@ include file="footer.jsp"%>

5、培训管理

主要部分training_query.jsp输出培训信息,并能够根据权限选择性输出管理培训信息的入口;添加培训信息training_add.jsp;编辑培训信息training_editHandler.jsp;后台更新数据库training_editHandler.jsp。

6、考核管理

这个部分的设计结构与培训管理模块一样,考核主界面evaluation_query.jsp。添加考核信息evaluation_addHandler.jsp;编辑考核信息evaluation_editHandler.jsp。

7、奖惩管理

本部分与上两部分模式一样,稍有不同的是本模块没有编辑功能,但是有删除功能。奖惩信息主界面rewardandpunishment_query.jsp,添加奖惩信息rewardandpunishment_addHandler.jsp,删除奖惩信息rewardandpunishment_deleteHandler.jsp;

8、角色管理

本部分有特点的是角色的各种权限信息用多选框显示出来了,不再是以文本框的形式输出了。角色管理主界面roler_query.jsp,修改角色的权限roler_editHandler.jsp,roler_addHandler.jsp处理添加角色及勾选相应拥有权限。

9、用户密码管理

本模块也是只有具有密码管理权限的用户才能够进来的界面。password_query.jsp是密码管理界面,password_editHandler.jsp修改员工密码后更新后台数据库。

四:退出登录、错误页的设置、防止恶意脚本注入的过滤操作

注销时使session失效

 1 <%@ page language="java" import="java.util.*" pageEncoding="utf8"%>
 2
 3 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 4 <html>
 5   <head>
 6     <title>My JSP ‘loginout.jsp‘ starting page</title>
 7
 8     <meta http-equiv="pragma" content="no-cache">
 9     <meta http-equiv="cache-control" content="no-cache">
10     <meta http-equiv="expires" content="0">
11     <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
12     <meta http-equiv="description" content="This is my page">
13     <!--
14     <link rel="stylesheet" type="text/css" href="styles.css">
15     -->
16
17   </head>
18   <% String context=request.getContextPath();%>
19   <body>
20       <%session.invalidate(); %>
21       注销成功<br>
22    <a href="<%=context%>/login.html">返回</a>
23   </body>
24 </html>

错误页,在web.xml中进行设置

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"%>
 2 <html>
 3 <head>
 4 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 5 <title>display 500 error</title>
 6 </head>
 7 <body>
 8 对不起,亲爱的用户,您访问的网页发生不可预知的问题。<br>
 9 请您访问其它网页,或者与我们的客服人员联系。<br>
10 </body>
11 </html>

功具类,其中有判断字符串是否为空,对字符串中的敏感符号进行替换,防止恶意脚本注入

 1 package util;
 2
 3 public class StringUtil {
 4     public static boolean validateNull(String args) {
 5         if (args == null || args.length() == 0) {
 6             return true;
 7         } else {
 8             return false;
 9         }
10     }
11
12     public static String chanageNull(String source, String target) {
13         if (source == null || source.length() == 0 || source.equalsIgnoreCase("null")) {
14             return target;
15         } else {
16             return source;
17         }
18     }
19
20
21     public static String filterHtml(String input) {
22         if (input == null) {
23             return null;
24         }
25         if (input.length() == 0) {
26             return input;
27         }
28         input = input.replaceAll("&", "&amp;");
29         input = input.replaceAll("<", "&lt;");
30         input = input.replaceAll(">", "&gt;");
31         input = input.replaceAll(" ", "&nbsp;");
32         input = input.replaceAll("‘", "'");
33         input = input.replaceAll("\"", "&quot;");
34         return input.replaceAll("\n", "<br>");
35     }
36 }

本文中缺少的源码及数据库可以在https://github.com/OOMMYY/EM 下载,直接导入MyEclipse即可

 

1. 表信息汇总


表名


说明


Employees


员工信息表


EmployeeType


职工类型表


Degrees


学位类型表


Departments


部门信息表


Attendances


考勤信息表


AttendanceStatus


出勤状态类型表


Evaluations


考核信息表


EvaluationProjects


考核项目信息表


Training


培训信息表


EmployeeTraining


员工培训表


RewardsAndPunishments


员工奖惩信息表


Users


系统用户信息表


UserRole


用户角色信息表


Roles


角色及权限信息表

2. 表结构详情

员工信息表(Employees


字段名称


数据类型


可否为空


约束条件


说明


EmployeeID


INT


NOT NULL


PK


员工ID


EmployeeName


NVARCHAR(20)


NOT NULL


 


员工姓名


Sex


NCHAR(1)


NOT NULL


 


性别


BirthDay


DATETIME


NOT NULL


 


生日


Phone


VARCHAR(20)


NOT NULL


 


电话


DegreeID


INT


NOT NULL


FK


学位


HireDate


DATETIME


NOT NULL


 


入职日期


EmployeeTypeID


INT


NOT NULL


FK


员工类型


DepartmentID


INT


NOT NULL


FK


所属部门


Title


NVARCHAR(50)


NOT NULL


 


职位头衔


Salary


MONEY


NOT NULL


 


薪酬


ManagerID


INT


NULL


FK


上司ID

 

职工类型表(EmployeeType


字段名称


数据类型


可否为空


约束条件


说明


EmployeeTypeID


INT


NOT NULL


PK


类型ID


EmployeeTypeName


NVARCHAR(50)


NOT NULL


Unique


类型名称

 

学位类型表(Degrees


字段名称


数据类型


可否为空


约束条件


说明


DegreeID


INT


NOT NULL


PK


类型ID


DegreeName


NVARCHAR(20)


NOT NULL


Unique


学位名称

 

部门信息表(Departments


字段名称


数据类型


可否为空


约束条件


说明


DepartmentID


INT


NOT NULL


PK


部门ID


DepartmentName


NVARCHAR(50)


NOT NULL


Unique


部门名称


ManagerID


INT


NULL


FK


部门经理ID

 

考勤信息表(Attendances


字段名称


数据类型


可否为空


约束条件


说明


EmployeeID


INT


NOT NULL


PK


员工ID


StatusID


INT


NOT NULL


FK


出勤类型ID


Date


DATETIME


NOT NULL


PK


日期

 

出勤状态类型表(AttendanceStatus


字段名称


数据类型


可否为空


约束条件


说明


StatusID


INT


NOT NULL


PK


出勤类型ID


Status


NVARCHAR(50)


NOT NULL


Unique


出勤类型名称

 

考核信息表(Evaluations


字段名称


数据类型


可否为空


约束条件


说明


EvaluationID


INT


NOT NULL


PK


考核ID


EmployeeID


INT


NOT NULL


FK


员工ID


EvaluationProjectID


INT


NOT NULL


FK


考核项目ID


Date


DATETIME


NOT NULL


 


日期


Result


NVARCHAR(2)


NOT NULL


 


成绩

 

考核项目信息表(EvaluationProjects


字段名称


数据类型


可否为空


约束条件


说明


EP_ID


INT


NOT NULL


PK


考核项目ID


ProjectName


NVARCHAR(20)


NOT NULL


Unique


项目名称

 

培训信息表(Training


字段名称


数据类型


可否为空


约束条件


说明


TrainingID


INT


NOT NULL


PK


培训ID


BeginDate


DATETIME


NOT NULL


 


开始日期


EndDate


DATETIME


NOT NULL


 


结束日期


TrainingType


NVARCHAR(20)


NOT NULL


 


培训类型


Description


NVARCHAR(255)


NULL


 


详细描述

 

员工培训表(EmployeeTraining


字段名称


数据类型


可否为空


约束条件


说明


TraingingID


INT


NOT NULL


PK FK


培训ID


EmployeeID


INT


NOT NULL


PK FK


员工ID

 

员工奖惩信息表(RewardsAndPunishments


字段名称


数据类型


可否为空


约束条件


说明


RP_ID


INT


NOT NULL


PF


奖惩ID


EmployeeID


INT


NOT NULL


FK


员工ID


Type


NCHAR(2)


NOT NULL


 


奖励/惩罚


Date


DATETIME


NOT NULL


 


日期


Reason


NVARCHAR(50)


NOT NULL


 


原因


Remark


NVARCHAR(255)


NULL


 


备注(可选)

 

系统用户信息表(Users


字段名称


数据类型


可否为空


约束条件


说明


EmployeeID


INT


NOT NULL


PK FK


员工ID


Password


VARCHAR(50)


NOT NULL


 


登录密码

 

用户角色信息表(UserRole


字段名称


数据类型


可否为空


约束条件


说明


EmployeeID


INT


NOT NULL


PK FK


员工ID


RoleID


INT


NOT NULL


PK FK


角色ID

 

角色及权限信息表(Roles


字段名称


数据类型


可否为空


约束条件


说明


RoleID


INT


NOT NULL


PK


角色ID


RoleName


NVARCHAR(50)


NOT NULL


Unique


角色名称


Auth_Authority


INT


NOT NULL


Default 0


权限管理权限


Auth_Info


INT


NOT NULL


Default 0


信息管理权限


Auth_Job


INT


NOT NULL


Default 0


人事管理权限


Auth_Attendance


INT


NOT NULL


Default 0


考勤管理权限


Auth_Training


INT


NOT NULL


Default 0


培训管理权限


Auth_Evaluation


INT


NOT NULL


Default 0


考核管理权限


Auth_RP


INT


NOT NULL


Default 0


奖惩管理权限


Auth_Role


INT


NOT NULL


Default 0


角色管理权限


Auth_Encrypt


INT


NOT NULL


Default 0


加密系统权限

 

本系统支持基于角色的访问控制。正如在业务模块的简介中所述,用户只有拥有某一业务模块的操作权限才能进行相关操作。而用户的权限来源于系统角色,即用户只能从所属的角色中获得若干权限,而本身无法被授权,授权只能对角色进行,即所谓“基于角色的访问控制”。具体的设计原则为:

1. 为每个模块设置独立的权限

业务模块和系统权限呈一一对应关系。拥有该业务模块的权限后,即可对该模块的数据进行全部操作(增、删、改、查等)。

业务模块和系统权限的对应关系如下表所示:


权限


模块


操作


页面


Auth_Job


员工管理


添加员工


employee_add.jsp


查询员工


employee_query.jsp


修改员工


employee_edit.jsp


删除员工


employee_delete.jsp


Auth_Attendance


考勤管理


查询考勤


attendance_query.jsp


Auth_Job


培训管理


添加培训


training_add.jsp


查询培训


training_query.jsp


编辑培训


training_edit.jsp


添加员工培训


trainingdetails.jsp


移除员工培训


Auth_Evaluation


考核管理


查询考核


evaluation_query.jsp


添加考核


evaluation_add.jsp


删除考核


evaluation_delete.jsp


Auth_RP


奖惩管理


查询奖励和惩罚


rewardandpunishment_query.jsp


添加奖励或惩罚


rewardandpunishment_add.jsp


删除奖励或惩罚


rewardandpunishment_delete.jsp


Auth_Authority


权限管理


查询权限信息


authority_query.jsp


查询员工权限


authority_manage.jsp


将员工添加进角色


将员工从角色移除


Auth_Role


角色管理


查询角色权限


role_query.jsp


添加角色


role_add.jsp


删除角色


role_delete.jsp


修改角色权限


role_edit.jsp

2. 将系统角色作为权限授予和撤销的基本单位

l  用户没有任何权限

l  用户获得所属角色的权限

l  用户与角色、角色与权限均呈多对多关系

l  当用户属于多个角色时,其权限为各角色权限的并集

3. 角色管理和权限管理的分离

l  只拥有角色管理权限的用户,不能管理用户角色,而无法直接控制用户的权限。

l  只拥有权限管理权限的用户,只能将用户添加到现有的角色中或移除用户的当前角色,而无法控制角色的权限。

时间: 2024-10-14 11:46:39

人事管理系统的相关文章

人事管理系统 c语言版

int menu(){ printf("请按提示输入完成操作!\n"); printf("1.查询员工信息\n"); printf("2.统计员工数量\n"); printf("3.录入员工信息\n"); printf("4.删除员工信息\n"); printf("5.按id排序所有员工\n"); printf("6.打印所有员工信息\n"); printf(&quo

C#开发人事管理系统(1)

原文取自个人网站:JueYingCoder 学习了C#基本语法和windows窗体编程之后我们就可以进行课程设计了,现以人事管理系统为例: 技术实现:采用C#4.0+Sql Server2010 掌握如何用自定义方法对不同的数据表进行添加.修改的操作 掌握如何用自定义方法实现多条件查询 掌握如何在数据库中读取或写入图片 掌握如何将数据信息以自定义表格的形式插入到word中 掌握如何向Word中插入数据库中的图片 一, 系统设计 1,系统功能结构: 2,系统业务流程图 在开发项目前,必须根据实现目

MFC原创:三层架构01(人事管理系统)DAL

VC++/MFC Window编程原创教程文件夹 C++课程设计来着.但还没学过数据,也还没理解过三层架构,就把这个作业深化点来做了.尽管要做的这个人事管理系统看起来是挺简单的,无非就是处理员工信息.但事情就是那样,仅仅有动手了才知道什么叫做现实.     一開始是没想要用三层架构的,我们小组人员能力參差不齐,那就仅仅能从控制台(黑窗体)做起.后来我想做三层架构的时候,发现这是对的.从网上理解到的资料:三层有3层:表现层(UI).业务逻辑层(BLL).数据訪问层(DAL).最好是从逻辑层做起,而

浅谈--人事管理系统

今年的主要任务是支持集团合资公司,从商务流程至解决方案.少不了,要与供应商打交流,也希望借此平台,多结交圈内的朋友,多掌握一些优质的解决方案.欢迎大家拍砖! 现阶段实现人力资源规划,一般需要借助人事管理系统体现出管理人员的智慧,发挥管理人员的理念实现人事管理的战备目标.诸如合理制定企业人力资源数量规划.结构规划:以及在人员变化过程中需要什么学历.什么技能的人员,如何提升员工的技能.素质等. 功能模块 关于人事管理系统,国内外厂商不少,成熟的解决方案也很多.总结来看,功能上都大同小异,一般都包括:

企业人事管理系统项目拾金

嗯,今天终于把花了3个星期的人事管理系统做完了,然后也答辩完成,导师对我这份作品应该还是比较满意的,我觉得他可能还是对我有点惊讶,因为我增加了很多他期待之外的功能(虽然也并没有什么鬼用).非常感谢我的队友们对我的支持和信任,这也是我第一个完整开发的一个java项目,感触还是比较深的.这一路走过来真的有心酸有欢笑,是真的体会到做项目的那种感受. 我一开始接这个项目的时候我第一感觉是我很狂妄,然后导师一声冷笑,因为在我眼里,我觉得这不就是一个人事管理系统嘛,小case啦!直到后来我发现,天啦噜,好难

Java课程设计——人事管理系统

主界面代码: 1 package PersonSystem; 2 3 import java.awt.*; 4 import java.awt.event.*; 5 import javax.swing.*; 6 import javax.swing.event.*; 7 import javax.swing.tree.*; 8 import java.net.*; 9 /** 10 * 11 * 人事管理系统主界面 12 * 13 */ 14 public class HrMain exten

java人事管理系统源代码---毕业实习(已加入数据库文件)

原文:java人事管理系统源代码---毕业实习(已加入数据库文件) 源代码下载地址:http://www.zuidaima.com/share/1550463722998784.htm 采用MVC模式编写的人事管理系统,我的毕业实习,今天检查,今天开源 项目截图 java build path Project Facets hr.sql /* MySQL Data Transfer Source Host: localhost Source Database: hr Target Host: l

人事管理系统登录验证以及多条件查询的实现

我选的题目是人事管理系统 刚开始系统有个默认的管理员(自己设定),然后管理员将员工信息录入数据库,员工信息(员工表)有一个权限的字段,拥有权限的人也可以以管理员的身份登录 思路不难,就是,从数据库里取出账号,密码,还有权限三个字段,将他们分别存放在三个列表里,然后先匹配账号和密码然后验证权限: 好了,上代码: public Boolean isAdmin() {//判断是不是管理员 try{ connection = (Connection)DriverManager.getConnection

数据库+Java课程设计 人事管理系统 (一)

                                                                  一.JAVA与数据库的合作 此次开发语言为Java,所用的数据库驱动是mysql-connector-java-5.1.8-bin.jar 第一步   用Java连接MySQL数据库(驱动下载:https://dev.mysql.com/downloads/connector/j/   ) 将下载好的mysql-connector-java-5.1.8-bin.ja