public String update() throws Exception { HttpServletRequest request = ServletActionContext.getRequest(); User user = new User( request.getSession().getAttribute("userName").toString(), request.getParameter("oldPassword").toString()); if (userDao.isLogin(user)) { User user2 = new User(request.getSession().getAttribute("userName").toString(), passWord); userDao.updateUser(user2); } else { oprMessage = "原密码错误!"; return "oprFailed"; } oprMessage = "密码更新成功!"; return "oprSuccess"; }