<%@ page import="java.sql.*"%> <% String login = request.getParameter("login"); String passwd = request.getParameter("passwd"); String submit = request.getParameter("submit"); if (submit==null) { %>

CMUBook Login Page

Login ID:
Password:
<% } else { %> <% Connection conn = null; Statement stmt = null; ResultSet r = null; try { Class.forName("org.postgresql.Driver"); conn = DriverManager.getConnection("jdbc:postgresql://localhost:40123/hw9?user=www&password=lakoglu415"); stmt = conn.createStatement(); r = stmt.executeQuery("SELECT * FROM users WHERE login='" + login + "' and passwd='" + passwd + "'"); if (r.next()) { session.setAttribute("login", r.getString(1)); response.sendRedirect("user.jsp"); } else { out.println("Login failed!!"); out.println("Log In"); out.println("Register"); } } catch (Exception ex) { out.println("Login failed!"); } finally { //this is important. You should close all three to free up resources. Always. In a finally block. stmt.close(); conn.close(); } %> <% } %>