Hi guys,
I have just started learning JSP and implemented login model in my application.
Request all of you to kindly go through the code and suggest any recommendation if required.
Though there is no error while executing the code and getting the login page . I just wanted to know whether the code is written in proper manner or not.
I have just started learning JSP and implemented login model in my application.
Request all of you to kindly go through the code and suggest any recommendation if required.
Though there is no error while executing the code and getting the login page . I just wanted to know whether the code is written in proper manner or not.
Code:
<%@ page import="java.lang.*" language="java"%>
<%@ page import="java.sql.*" %>
<%@ page import="java.io.*" %>
<%
//Getting Username and Password from text box
String username = request.getParameter("username");
String password = request.getParameter("password");
try
{
//Triming Username and Password
String trim_Username = username.trim();
trim_Username= trim_Username.toLowerCase();
String trim_Password = password.trim();
Connection conn=null;
Statement stmt=null;
ResultSet rs=null;
String id = null;
String pin = null;
String fullname =null;
String role =null;
Class.forName ("oracle.jdbc.driver.OracleDriver");
conn = DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:XE", "lightweight", "oracle");
// @machineName:port:SID, userid, password
String sql = "select * from LIGHT_CRED where USERNAME='"+trim_Username+"'";
stmt = conn.createStatement();
rs = stmt.executeQuery(sql);
while( rs.next() )
{
//Getting Username,Password,roll,Fullname from Database.
id=rs.getString(1);
pin=rs.getString(2);
role=rs.getString(3);
fullname=rs.getString(4);
}
if(trim_Username.equals(id) && trim_Password.equals(pin))
{
out.println("login successful");
session.setAttribute("user",trim_Username);
session.setAttribute("fullname",fullname);
session.setAttribute("role",role);
response.sendRedirect("cgipage.jsp");
}
else
{
out.println("incorrect username/password combination");
}
}
catch(Exception e)
{
System.out.println(e.getMessage());
}
%>
<html>
<body>
<form action=login.jsp method=post>
<p align="center">
Light Weight Manager</p>
<table border="1" width="443" height="80" align=center>
<tr>
<td height="37" width="177">Username: </td>
<td height="37" width="180"><input type=text size=20 name=username></td>
<td height="37" width="64">Â </td>
</tr>
<tr>
<td height="35" width="177">Password:Â </td>
<td height="35" width="180"><input type=password size=20 name=password></td>
<td height="35" width="64">
<input type=submit value="Log In"></td>
</tr>
</table>
 </p>
 </p>
</form>
</body>
</html>