Java Reference
In-Depth Information
String memberPwd = null;
String userName = request.getParameter("username");
String password = request.getParameter("password");
try {
Connection con = ds.getConnection(dbUserName,dbPassword);
Statement stmt;
ResultSet rs = null;
String SQLQuery = "SELECT * FROM LOGIN WHERE UserName =
'"+userName+"';";
stmt = con.createStatement();
rs = stmt.executeQuery(SQLQuery);
while(rs.next()){
id = rs.getInt("MemberID");
memberPwd = rs.getString("Password");
}
con.close();
}catch(SQLException e){
System.err.println(e.getMessage());
}
RequestDispatcher dispatcher = null;
if(id==-1){
dispatcher =
getServletContext().getRequestDispatcher("/jdbc/NewMember.html");
}else if(!memberPwd.equals(password)){
dispatcher =
getServletContext().getRequestDispatcher("/jdbc/BadPassword.html");
}else{
dispatcher =
getServletContext().getRequestDispatcher("/jdbc/WelcomeBack.html");
}
dispatcher.forward(request, response);
}
}
The login servlet works by getting the UserName and Password inputs from the
HttpServletRequest
object and plugging the UserName into a simple SQL query. The query
returns matching rows from the LOGIN table. A series of simple checks on the returned values is used
to create the appropriate response to the user.
JDBC initialization is performed in the
init()
method. In this example, the Opta2000 driver is being
used, but you can substitute whichever driver you prefer by simply substituting the appropriate driver
name and URL into the appropriate String variables.
