import java.io.IOException;import java.sql.Connection;import java.sql.Dr

1.  
2.  
3. import java.io.IOException;
4. import java.sql.Connection;
5. import java.sql.DriverManager;
6. import java.sql.ResultSet;
7.  
8. import javax.servlet.ServletException;
9. import javax.servlet.annotation.WebServlet;
10. import javax.servlet.http.HttpServlet;
11. import javax.servlet.http.HttpServletRequest;
12. import javax.servlet.http.HttpServletResponse;
13.  
14. import com.mysql.jdbc.PreparedStatement;
15.  
16. /**
17. * Servlet implementation class Login
18. */
19. @WebServlet("/Login")
20. public class Login extends HttpServlet {
21. private static final long serialVersionUID = 1L;
22.  
23. /**
24. * @see HttpServlet#HttpServlet()
25. */
26. public Login() {
27. super();
28. // TODO Auto-generated constructor stub
29. }
30.  
31. /**
32. * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
33. */
34. protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
35. // TODO Auto-generated method stub
36. response.getWriter().append("Served at: ").append(request.getContextPath());
37. }
38.  
39. /**
40. * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
41. */
42. protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
43.  
44.  
45.  
46. response.setContentType("text/html");
47. Connection conn = null;
48. String url="jdbc:mysql://localhost:3306/";
49. String dbName="Tamir";
50. String driver="com.mysql.jdbc.Driver";
51.  
52.  
53.  
54. try{
55. request.setAttribute("message", "");
56. String nick = request.getParameter("check_name");
57. String password = request.getParameter("check_password");
58.  
59.  
60. Class.forName(driver).newInstance();
61. conn = DriverManager.getConnection(url+dbName,"root", "tamir");
62. //admin check
63. /*
64. java.sql.PreparedStatement st2 = conn.prepareStatement("SELECT * FROM users WHERE nickname = ? or email = ? and password = ? and admin = T");
65. st2.setString(1, nick);
66. st2.setString(2, nick);
67. st2.setString(3, password);
68. ResultSet r2=st2.executeQuery();
69.  
70. if(r2.next()) {
71. request.getSession().setAttribute("admin", nick);
72. }
73. */
74. //regular check
75. java.sql.PreparedStatement st = conn.prepareStatement("SELECT * FROM users WHERE nickname = ? or email = ? and password = ?");
76. st.setString(1, nick);
77. st.setString(2, nick);
78. st.setString(3, password);
79. ResultSet r1=st.executeQuery();
80.  
81. if(r1.next()) {
82.  
83.  
84. request.getSession().setAttribute("user", nick);
85. request.getRequestDispatcher("/tf2main.jsp").forward(request, response);
86.  
87.  
88. } else {
89.  
90.  
91.  
92. request.setAttribute("message", "Username or password are incorrect.");
93. request.getSession().setAttribute("user", null);
94. request.getRequestDispatcher("/Login.jsp").forward(request, response);
95.  
96. }
97.  
98. }catch (Exception ex) {
99. System.out.println("Error");
100. }
101. }
102.  
103. }