I am building a jsp web application for a student placements system.
I have a login screen at index.jsp. I will have a login.jsp file to check the login.
I have an access database with a table called UsersPasswords which has the following fields:
studentid, username, password, usertype
I need the login system to check the input data, and recognise the usertype (admin or user), on the login form with the data in the database and either redirect to success.jsp or an error message.
I am new to java so have no clue how to do this.
My index.jsp login form:
<div id="loginForm">
<form method="post" action="login.jsp" class="clearfix">
<label>Username</label><br />
<input type="text" name="username" /><br />
<label>Password</label><br />
<input type="password" name="password" /><br />
<input type="submit" name="submit" id="submit" />
</form>
<p align="right"><a href="#">Register</a></p>
</div>
My database connector jsp code:
package placementadminclasses;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
public class DBConnector {
private String dbName = "StudentPlacements";
private Connection dbc = null;
private ResultSet rs = null;
public DBConnector() {
}
public void createConnection() {
try {
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
String dbURL = "jdbc:odbc:" + dbName;
dbc = DriverManager.getConnection(dbURL);
}
catch (Exception e) {
e.printStackTrace();
}
}
public boolean idExists(String ID) {
boolean exists = false;
try {
selectPlacementByID(ID);
if (rs.next())
exists = true;
else
exists = false;
} catch (SQLException e) {
e.printStackTrace();
}
return exists;
}
public PlacementList selectAllPlacements(String ordering) {
PlacementList list = null;
try {
String strQuery = "SELECT ID, company, jobtitle, industry, location, salary, status" +
" FROM StudentPlacementsall" +
" ORDER BY " + ordering;
PreparedStatement stmt = dbc.prepareStatement(strQuery);
rs = stmt.executeQuery();
list = new PlacementList(rs);
}
catch (SQLException e) {
e.printStackTrace();
}
return list;
}
public PlacementDetails selectPlacementByID(String strID) {
PlacementDetails placement = null;
try {
String strQuery = "SELECT ID, company, jobtitle, industry, location, salary, status" +
"FROM StudentPlacementsall" +
" WHERE ID = ?";
PreparedStatement stmt = dbc.prepareStatement(strQuery);
stmt.setString(1, strID);
rs = stmt.executeQuery();
while (rs.next()) {
placement = new PlacementDetails(
rs.getString(1),
rs.getString(2),
rs.getString(3),
rs.getString(4),
rs.getString(5),
rs.getDouble(6),
rs.getString(7));
}
}
catch (SQLException e) {
e.printStackTrace();
}
return placement;
}
public void insertPlacement(PlacementDetails placement) {
try {
String strQuery = " INSERT INTO StudentPlacementsall" +
" (ID, company, jobtitle, industry, location, salary, status) " +
" VALUES(?, ?, ?, ?, ?, ?)";
PreparedStatement stmt = dbc.prepareStatement(strQuery);
stmt.setString(1, placement.getID());
stmt.setString(2, placement.getCompany());
stmt.setString(3, placement.getJobTitle());
stmt.setString(4, placement.getIndustry());
stmt.setString(5, placement.getLocation());
stmt.setDouble(6, placement.getSalary());
stmt.setString(7, placement.getStatus());
stmt.executeUpdate();
}
catch (SQLException e) {
e.printStackTrace();
}
}
public void updatePlacement(PlacementDetails placement) {
try {
String strQuery = "UPDATE StudentPlacementsall" +
" SET company = ?, jobtitle = ?, industry = ?, location = ?, salary = ?, status = ?" +
" WHERE ID = ?";
PreparedStatement stmt = dbc.prepareStatement(strQuery);
stmt.setString(1, placement.getID());
stmt.setString(2, placement.getCompany());
stmt.setString(3, placement.getJobTitle());
stmt.setString(4, placement.getIndustry());
stmt.setString(5, placement.getLocation());
stmt.setDouble(6, placement.getSalary());
stmt.setString(7, placement.getStatus());
stmt.executeUpdate(strQuery);
}
catch (SQLException e) {
e.printStackTrace();
}
}
public void closeConnection() {
try {
if ((dbc != null) || (dbc.isClosed() == false)) {
dbc.close();
}
}
catch (SQLException e) {
e.printStackTrace();
}
}
}