import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class ProcessCustLogin extends HttpServlet {
public static Connection conn;
public static Statement stmt;
public static String uAccess;
public void doGet (HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
doPost(request,response);
}
public void doPost (HttpServletRequest request,
HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
String cno[] = request.getParameterValues("customerId");
String pwd[] = request.getParameterValues("password");
try {
Class.forName("oracle.jdbc.driver.OracleDriver");
} catch(ClassNotFoundException e){
out.println("Error loading the Driver:"+e.getMessage());
return;
}
Connection conn = null;
try {
conn = DriverManager.getConnection (
MyUtilities.CONNECTSTRING,MyUtilities.ID,MyUtilities.PASSWORD);
} catch (SQLException e1) {
out.println("Error connecting to Oracle:"+e1.getMessage());
return;
}
if (conn == null) {
out.println("Null Connection");
return;
}
Statement stmt = null;
try {
stmt = conn.createStatement ();
} catch (SQLException e) {
out.println("createStatement " + e.getMessage());
try {conn.close();} catch (SQLException e2) {};
return;
}
ResultSet rset = null;
String query = "select password from customers where cno='"+cno[0]+"'";
try {
rset = stmt.executeQuery(query);
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
boolean OK = false;
try {
if (rset.next()) {
if (pwd[0].equals(rset.getString(1))) {
OK = true;
String update = "update customers set u_access = to_char(sysdate, 'DDMONYYYYHHMISS'), l_access = sysdate where cno='"+cno[0]+"'";
int nrows;
try {
nrows = stmt.executeUpdate(update);
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
}
else {
out.println("Invalid Password
");
}
}
else {
out.println("Invalid Customer Id
");
}
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
String query1 = "select u_access from customers where cno='"+cno[0]+"'";
try {
rset = stmt.executeQuery(query1);
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
try {
if (rset.next()) {
uAccess = rset.getString(1);
}
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
try {
stmt.close();
conn.close();
} catch (SQLException e) {
out.println("executeQuery " + e.getMessage());
return;
}
if (OK) {
out.println("");
out.println("