<%@ page import="java.sql.*" %>
<%@ page import="java.io.*" %>
<%@ page language="java" session="true" %>
<html>
<body>
<%
//Getting the text values from create login page
String lid = request.getParameter("loginid");
String lpin = request.getParameter("loginpin");
String loginid = lid.trim();
String loginpin = lpin.trim();
out.println(loginid);
out.println(loginpin); // Connect to Database to retrive all the login id created and check if the Id already exist if it exist then redirect to login page again
java.sql.Connection con;
java.sql.Statement s;
java.sql.ResultSet rs , rs1;
con=null;
s=null;
rs=null;
rs1=null;
String id = null;
String pin = null;
int i=0;
//Connecting Connetion String - passing the string to connect to db
String connectionURL = "jdbc:sqlserver://localhost:1433;databaseName=Admissions;integratedSecurity=true;selectMethod=cursor";
try{
Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
con = java.sql.DriverManager.getConnection(connectionURL);
// out.println("1");
}
catch(ClassNotFoundException cnfex)
{
cnfex.printStackTrace();
}
String sql = "select * from Login where userID='"+loginid+"'";
try{
s = con.createStatement();
rs = s.executeQuery(sql);
while( rs.next() )
{
pin = rs.getString("userPin");
id = rs.getString("userID");
//i++;
}
out.println(id);
out.println(pin);
if(loginid.equals(id) && loginpin.equals(pin))
{
out.println("login successful");
}
else
{
out.println("incorrect username/password combination");
}
}
catch(Exception e){e.printStackTrace();}
finally{
if(rs!=null) rs.close();
if(s!=null) s.close();
if(con!=null) con.close();
}
%>
</body>
</html>When I execute this code its not allowing valid login and password.
i tried printing the values to see if its comparing wrong values but the same values are being displayed. i think the if statement is not working fine. does any one know what could be the problem with the if statement or any other possible problem,....
