0

It seems like I have correctly imported the package and class, yet for some reason, my variable user is not found. User is an object of type String that is created in class AddTo. 

<%@ page import= "package1.AddTo" %>

<html>
 <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>JSP Page</title>
 </head>

 <body>
    <p> Shopping Cart</p>
    <%= System.out.println(user.name); %>
 </body>
</html>
Dave Newton
  • 158,873
  • 26
  • 254
  • 302
user2662437
  • 3
  • 2
  • 1
    You shouldn't be writing bare Java code in JSPs. http://stackoverflow.com/q/3177733/139010 – Matt Ball Aug 07 '13 at 21:58
  • @MattBall It is indeed a rather archaic way of doing things, but is still part of the J2EE first cups tutorial, so this is a valid question. – RudolphEst Aug 07 '13 at 22:15
  • 2
    @RudolphEst - He never said the question isn't valid. He just gave some friendly advice. The question hasn't been downvoted and nobody has voted to close it. – jahroy Aug 07 '13 at 22:25
  • @jahroy Agreed, just didn't want the poster to think he was doing anything 'wrong' by attempting to learn how to use bare Java in JSPs. – RudolphEst Aug 07 '13 at 22:31
  • @jahroy _Shouldn't_ is a very strong word. Many new programmers need to learn the **old ways** in order to support the oodles of legacy code out there. I would think that phrases like _try not to_ or _it is not recommended_ would be more constructive. To each his own though. Opinions will differ in a community ;) – RudolphEst Aug 07 '13 at 22:40

2 Answers2

2

You only import a class from a package, and not it's fields.

That being said, you should add the AddTo object as request attribute in some servlet, and access the attribute in JSP using EL. You should not use scriplets in new code.

In Servlet you do:

request.setAttribute("addTo", addTo);

then in JSP, you can access the user property of attribute addTo as:

<p> Shopping Cart</p>
${addTo.user}  <!-- Access user property of addTo attribute, which is an object of type `AddTo` -->

See Also:

Community
  • 1
  • 1
Rohit Jain
  • 209,639
  • 45
  • 409
  • 525
  • Thanks for the reply. I guess I was not specific enough. My user variable is an object of type String, aka, String user = new String("blahblahblah"). This is create in my class AddTo. – user2662437 Aug 07 '13 at 22:03
  • 1
    @user2662437. Then access it using `${addTo.user}`. Change the request attribute in servlets from `user` to `addTo`. – Rohit Jain Aug 07 '13 at 22:04
0

You don't include classes that are already in your package to your JSP. You simply reference them the long way.

So I'm assuming you need:

    System.out.println(package1.AddTo.user.name);

(Although this doesn't make much sense, seeing the username should be in the session, right?)

What Matt Ball says about it being a bad idea to put much code in JSP is true, but more in situations where an error could reveal some information that shouldn't be revealed, then JSP could reveal that on a compile error that the user can see. Like if you put the code to make the database connection in a JSP directly, rather than calling a class

Like this :

Class.forName(...);
Connection con = DriverManager.getConnection("jdbc:drivertype://server;errors=full;translate binary=true", "user", "pwd");

That's very bad. This would reveal the username and password if there was a compile error, or even a connection error like if the database was inaccessible; and the user would know how to hack your database, because by default it will show the user the offending lines of code!

So instead:

   Connection con = package1.databases.createConnectionToDatabase();

You can also prevent errors from showing the user the actual lines of code by putting all the Java code in your JSPs inside Try and Catch blocks.

developerwjk
  • 8,619
  • 2
  • 17
  • 33
  • 1
    That's a lot of tangential information; I'm not convinced it's overly helpful. Also, there's almost *never* a good reason to throw Java code into JSPs, for many other reasons than security. – Dave Newton Aug 07 '13 at 22:17