Código PHP:
<html>
<head>
<title>CPAG ratzhel.Ingresar</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf8">
</head>
<body>
<table width="100%" border="0">
<tr>
<td colspan="3"><div align="center"><img src="/cpag_pages/Escudo%20CPAG%20Gray.png" width="80" height="80" align="middle"></div></td>
</tr>
<tr>
<td colspan="3"><div align="center"><strong><font size="+2" face="Georgia, Times New Roman, Times, serif">CENTRO
POPULAR ATANASIO GIRARDOT</font></strong></div></td>
</tr>
<tr>
<td><div align="right">DISTRITO 1</div></td>
<td><div align="right">NUCLEO 3</div></td>
<td><div align="center">SEDE: BARRANQUILLA</div></td>
</tr>
</table>
<%
boolean ComparacionCadena(String str1, String str2)
{
}
%>
<%@ include file="Settings.jsp" %>
<%@ page session="false" %>
<%@ page import="java.sql.*" %>
<%
try { Class.forName("com.mysql.jdbc.Driver"); }
catch (ClassNotFoundException e) { System.out.println(e.toString()); }
String ThisFileName = "Ingresar.jsp";
String OtherFileName = "Principal.jsp";
String GInsert = request.getParameter("GInsert");
String GUpdate = request.getParameter("GUpdate");
String GDelete = request.getParameter("GDelete");
String GSelect = request.getParameter("GSelect");
String tfIdnt = request.getParameter("tfIdnt");
String tfKey = request.getParameter("tfKey");
%>
<%
if(request.getParameter("tfIngresar")== null)
{
if (tfIdnt!=null)
{
out.println("tfIdnt:"+tfIdnt+"<P>");
out.println("Usuario y/o Clave Incorrectos");
}
out.println("<form action=\""+ThisFileName+"\" method=post>");
out.println("<input name=GInsert type= hidden value=\""+GInsert+"\">");
out.println("<input name=GUpdate type= hidden value=\""+GUpdate+"\">");
out.println("<input name=GDelete type= hidden value=\""+GDelete+"\">");
out.println("<input name=GSelect type= hidden value=\""+GSelect+"\">");
out.println("Solicitud de Ingreso al Sistema "+DataBaseName);
out.println("<table width=300 border=1>");
out.println("<tr>");
out.println("<td><strong>Identificador:</strong></td>");
out.println("<td><input type=text name=tfIdnt></td>");
out.println("</tr>");
out.println("<tr>");
out.println("<td><strong>Clave Acesso:</strong></td>");
out.println(" <td><input type=password name=tfKey></td>");
out.println("</tr>");
out.println("<tr>");
out.println("<td><input type= reset name=tfLimpiar value= \"Limpiar\"> </td>");
out.println("<td><input type= submit name=tfIngresar value=\"Ingresar\"></td>");
out.println("</tr>");
out.println("</table>");
out.println("</form><P>");
return;//System.exit(0);
}
%>
<%
String Idnt = request.getParameter("tfIdnt");
String sKey = request.getParameter("tfKey");
GSelect = "0";
GInsert = "0";
GUpdate = "0";
GDelete = "0";
String StrCon = "jdbc:mysql://"+host+"/"+dbi;
//out.println(StrCon+"<P>");
Connection connect = null;
Statement sta = null;
ResultSet result = null;
try
{
connect = DriverManager.getConnection(StrCon,mrn,mpr);
sta = connect.createStatement();
}
catch (SQLException e) {out.println(e.toString());}
catch (Exception e) {out.println(e.toString());}
try
{
String ugrantee = "'\\'"+Idnt+"\\'@\\'localhost\\''";
//out.println(ugrantee+"<P>");
String query ="SELECT grantee FROM SCHEMA_PRIVILEGES WHERE privilege_type = 'SELECT' AND TABLE_SCHEMA = '"+DataBaseName+"';";
try { result = sta.executeQuery(query); } catch(SQLException e) {out.println(e.toString());}
query ="SELECT privilege_type FROM SCHEMA_PRIVILEGES WHERE grantee = "+ugrantee+" AND TABLE_SCHEMA = '"+DataBaseName+"';";
//out.println(query+"<P>");
try { result = sta.executeQuery(query); } catch(SQLException e) {out.println(e.toString());}
out.println("<table border=1><P>\n");
%>
<%
while (result.next()) {
out.println("<TR>");
out.println("<td>"+Idnt+", ");
String sGrant = (String)result.getString(1);
int iLenghtsGrant = sGrant.length();
String NewsGrant;
StringBuffer NewsbGrant = new StringBuffer(6);
NewsbGrant.append('S');
NewsbGrant.append('E');
NewsbGrant.append('L');
NewsbGrant.append('E');
NewsbGrant.append('C');
NewsbGrant.append('T');
out.println("sGrant:"+sGrant+" NewsbGrant:"+NewsbGrant);
sGrant = sGrant;
String sSelect = (String)"SELECT";
int iLenghtsSelect = sSelect.length();
String sInsert = (String)"INSERT";
out.println("sGrant:"+sGrant+iLenghtsGrant+",sSelect:"+sSelect+iLenghtsSelect+"</td><td>");
boolean Compa = sGrant==sSelect;
//out.println("sGrant:"+sGrant+",sSelect:"+sSelect+"</td><td>");
if((String)sGrant==(String)sSelect)
{
GSelect = "1";
out.println("Tiene Privilegio para Buscar Registros</td><P>");
}
else//(sGrant!=sSelect)
{
//GSelect = "1";
//out.println(sGrant+", No Tiene Privilegio para Buscar Registros</td><P>");
}
if((String)sGrant==(String)sInsert)
{
GInsert = "1";
out.println("<font color=DARKGREEN>Tiene Privilegio para Insertar Registros</font></td><P>\n");
}
else//(sGrant!=sSelect)
{
//GSelect = "1";
//out.println(sGrant+", No Tiene Privilegio para Insertar Registros</td><P>");
}
if((String)sGrant==(String)"UPDATE")
{
GUpdate = "1";
out.println("<font color=DARKBLUE>Tiene Privilegio para Actualizar Registros</font></td><P>\n");
}
else//(sGrant!=sSelect)
{
//GSelect = "1";
//out.println(sGrant+", No Tiene Privilegio para Actualizar Registros</td><P>");
}
if((String)sGrant==(String)"DELETE")
{
GDelete = "1";
out.println("<font color=DARKRED>Tiene Privilegio para Borrar Registros</font></td><P>\n");
}else//(sGrant!=sSelect)
{
//GSelect = "1";
//out.println(sGrant+", No Tiene Privilegio para Borrar Registros</td><P>");
}
out.println("</TR>");
}
out.println("</table><P>\n");
result.close();
sta.close();
connect.close();
}
catch (Exception e) {out.println(e.toString());}
if (GSelect!="0")
{
try
{
StrCon = "jdbc:mysql://"+host+"/"+DataBaseName;
connect = DriverManager.getConnection(StrCon,Idnt,sKey);
sta = connect.createStatement();
}
catch (SQLException e) {out.println(e.toString());}
catch (Exception e) {out.println(e.toString());}
sta.close();
connect.close();
out.println("Procederemos a entrar con :"+Idnt);
if (request.getParameter("tfIdnt")!= null)
{
out.println("<form action=\"Principal.php\" method=post>");
out.println("<input name=GInsert type= hidden value=\""+GInsert+"\">");
out.println("<input name=GUpdate type= hidden value=\""+GUpdate+"\">");
out.println("<input name=GDelete type= hidden value=\""+GDelete+"\">");
out.println("<input name=GSelect type= hidden value=\""+GSelect+"\">");
out.println("<input name=tfIdnt type= hidden value=\""+tfIdnt+"\">");
out.println("<input name=tfKey type= hidden value=\""+tfKey+"\">");
out.println("<input type=submit name=Principal value=\"Principal\"> <P>\n");
out.println("</form><P>\n");
return;//System.exit(0);
}
}
else
{
out.println("Usuario y/o Clave Incorrectos");
out.println("<form action=\""+ThisFileName+"\" method=post>");
out.println("<input name=GInsert type= hidden value=\""+GInsert+"\">");
out.println("<input name=GUpdate type= hidden value=\""+GUpdate+"\">");
out.println("<input name=GDelete type= hidden value=\""+GDelete+"\">");
out.println("<input name=GSelect type= hidden value=\""+GSelect+"\">");
out.println("Solicitud de Ingreso al Sistema "+DataBaseName);
out.println("<table width=300 border=1>");
out.println("<tr>");
out.println("<td><strong>Identificador:</strong></td>");
out.println("<td><input type=text name=tfIdnt></td>");
out.println("</tr>");
out.println("<tr>");
out.println("<td><strong>Clave Acesso:</strong></td>");
out.println("<td><input type=password name=tfKey></td>");
out.println("</tr>");
out.println("<tr>");
out.println("<td><input type= reset name=tfLimpiar value= \"Limpiar\"> </td>");
out.println("<td><input type= submit name=tfIngresar value=\"Ingresar\"></td>");
out.println("</tr>");
out.println("</table>");
out.println("</form><P>");
return;//System.exit(0);
}
%>
