Login Page

<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1" %> <%@ page import="java.util.*,java.lang.*"%> <%@ page import="java.sql.*,java.io.*, java.net.*, javax.servlet.http.*"%> <%@ page import="com.test.DBConn"%> <%@ page errorPage="error.jsp?frompg=login.jsp"%> <%! public boolean userExists(String usr, String password) { boolean flag = false; String Sql = ""; String errMsg=""; System.out.print("User name:"+ usr); System.out.print("Password:"+password); if(DBConn.isSqlServer()|| DBConn.isOracle()) { Sql= "select * from test_table where user_id='"+usr+"' and password='"+password+"'"; System.out.println("Query from login.jsp: " +Sql); } else if(DBConn.isMsAccess()){ Sql = ""; // follow ms access syntax while writing sql } try{ Connection con = DBConn.getConn(); Statement stmt = con.createStatement(); ResultSet rs = stmt.executeQuery(Sql); while(rs.next()){ flag = true; break; } }catch(Exception e){ errMsg=e.getMessage(); System.out.print(errMsg); //response.sendRedirect("error.jsp?frompg=login.jsp&error="+errMsg); } //System.out.println(" Outside rs loop: " + flag); return flag; } %> <%! public String getUserName(String userId){ String userName=""; String Sql = ""; String errMsg=""; if(DBConn.isSqlServer()|| DBConn.isOracle()) { Sql= "select * from test_table where user_id='"+userId+"'"; System.out.println("Query from login.jsp to get Username:"+Sql); } else if(DBConn.isMsAccess ()){ Sql = ""; // follow ms access syntax while writing sql } try{ Connection con = DBConn.getConn(); Statement stmt = con.createStatement(); ResultSet rs = stmt.executeQuery(Sql); while(rs.next()){ userName=rs.getString("name"); String ccard=rs.getString("credit_card"); String add1=rs.getString("address1"); String add2=rs.getString("address2"); String city=rs.getString("city"); String state=rs.getString("state"); int zip=rs.getInt("zip"); /* session.setAttribute("card",ccard); session.setAttribute("address1",add1); session.setAttribute("address2",add2); session.setAttribute("city",city); session.setAttribute("state",state); session.setAttribute("zip",zip); */ } }catch(Exception e){ errMsg=e.getMessage(); System.out.print(errMsg); //response.sendRedirect("error.jsp?frompg=login.jsp&error="+errMsg); } return userName; } %> <% boolean frmSubmit=false; boolean userExists=false; String errMsg=""; StringBuffer sf=new StringBuffer(); String userName=""; String userId= request.getParameter("user_id"); String password=request.getParameter("user_pass"); String role=request.getParameter("role"); if(userId!=null || password!=null || role!=null){ if(userId.equalsIgnoreCase("") || userId==null){ frmSubmit=true; sf.append("User ID is missing
"); } if(password.equalsIgnoreCase("") || password==null){ frmSubmit=true; sf.append("Password is missing
"); } if(!userId.trim().equalsIgnoreCase("")&& !password.trim().equalsIgnoreCase("")){ // Code to check login-start boolean flag = false; String Sql = ""; System.out.print("User name:"+ userId); System.out.print("Password:"+password); if(DBConn.isSqlServer()|| DBConn.isOracle()) { Sql= "select * from test_table where user_id='"+userId+"' and password='"+password+"'"; System.out.println("Query from login.jsp: " +Sql+"\n"); } else if(DBConn.isMsAccess()){ Sql = ""; // follow ms access syntax while writing sql } try{ Connection con = DBConn.getConn(); Statement stmt = con.createStatement(); ResultSet rs = stmt.executeQuery(Sql); while(rs.next()){ userName=rs.getString("name"); flag = true; break; } }catch(Exception e){ errMsg=e.getMessage(); System.out.print(errMsg); response.sendRedirect("error.jsp?frompg=login.jsp&error="+errMsg); } //Code to check login-end //System.out.println(" Outside rs loop: " + flag); if(!flag){ frmSubmit=true; sf.append("User ID and Password do not match!Enter Again."); }else{ frmSubmit=false; //set the session info //set persistent cookie Cookie loginCookie= new Cookie("user",userId); loginCookie.setMaxAge(48*60*60); response.addCookie(loginCookie); //Setting the Session Cookie Cookie pwdCookie= new Cookie("pwd", password); response.addCookie(pwdCookie); Cookie userCookie=new Cookie("userName", userName); session.setAttribute("userId", userId); session.setAttribute("userName", userName); if (role.equalsIgnoreCase("admin")){ response.sendRedirect("admintasks.jsp"); } else { response.sendRedirect("usertasks.jsp"); } } } } %>

Home

<%if(frmSubmit==true){%>

Important message!
Error in processing. See below for details.
<%=sf.toString()%>

<%}%>

Enter your details

Please enter your User ID and Password to access your account

Information gathered about volunteers will only be used for providing Relief Services. This is guaranteed by the Law

Any misuse of the site may lead to penalties under the judicial system.