Customer Menu

import java.io.*; import java.sql.*; import javax.servlet.*; import javax.servlet.http.*; public class ProcessCustLogin extends HttpServlet { public static Connection conn; public static Statement stmt; public static String uAccess; public void doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doPost(request,response); } public void doPost (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String cno[] = request.getParameterValues("customerId"); String pwd[] = request.getParameterValues("password"); try { Class.forName("oracle.jdbc.driver.OracleDriver"); } catch(ClassNotFoundException e){ out.println("Error loading the Driver:"+e.getMessage()); return; } Connection conn = null; try { conn = DriverManager.getConnection ( MyUtilities.CONNECTSTRING,MyUtilities.ID,MyUtilities.PASSWORD); } catch (SQLException e1) { out.println("Error connecting to Oracle:"+e1.getMessage()); return; } if (conn == null) { out.println("Null Connection"); return; } Statement stmt = null; try { stmt = conn.createStatement (); } catch (SQLException e) { out.println("createStatement " + e.getMessage()); try {conn.close();} catch (SQLException e2) {}; return; } ResultSet rset = null; String query = "select password from customers where cno='"+cno[0]+"'"; try { rset = stmt.executeQuery(query); } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } boolean OK = false; try { if (rset.next()) { if (pwd[0].equals(rset.getString(1))) { OK = true; String update = "update customers set u_access = to_char(sysdate, 'DDMONYYYYHHMISS'), l_access = sysdate where cno='"+cno[0]+"'"; int nrows; try { nrows = stmt.executeUpdate(update); } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } } else { out.println("Invalid Password
"); } } else { out.println("Invalid Customer Id
"); } } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } String query1 = "select u_access from customers where cno='"+cno[0]+"'"; try { rset = stmt.executeQuery(query1); } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } try { if (rset.next()) { uAccess = rset.getString(1); } } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } try { stmt.close(); conn.close(); } catch (SQLException e) { out.println("executeQuery " + e.getMessage()); return; } if (OK) { out.println(""); out.println(" "); out.println(" Customer Menu"); out.println(" "); out.println(" "); out.println(" "); out.println(" "); out.println(" "); out.println(" "); out.println(" "); out.println(" "); out.println(""); } out.close(); } public String getServletInfo() { return "This Servlet processes Customer Login"; } }