String ID = request.getParameter("ID");
String password = request.getParameter("password");
String info = "0";
Connection con = null;
Statement sm = null;
ResultSet rs = null;
try
{
Class.forName("com.mysql.jdbc.Driver").newInstance();
String url = "jdbc:mysql://localhost/mydb1";
con = DriverManager.getConnection(url,"root","admin");
sm = con.createStatement();
rs = sm.executeQuery("select * from userinfo where userid='"+ID+"'");
if(rs.next())
{
if(rs.getString("password").equals(password))
{
response.sendRedirect("../index.jsp");
session.setAttribute("user",ID);
}
else
response.sendRedirect("login.jsp?info=2");
}
else
{
response.sendRedirect("login.jsp?info=1");;
}
}
catch(Exception e)
{
e.printStackTrace();
}
finally
{
if(rs!=null)
{
try{ rs.close();}catch(Exception e){e.printStackTrace();}
}
if(sm!=null)
{
try{ sm.close();}catch(Exception e){e.printStackTrace();}
}
if(con!=null)
{
try{ con.close();}catch(Exception e){e.printStackTrace();}
}
}
%>