Yep, here's a snippet of the code....Any tips?
--------
String UserName = request.getParameter("UserName");
String Xword = request.getParameter("password");
Statement st = con.createStatement();
ResultSet rs = st.executeQuery("SELECT * FROM USERS WHERE USER_ID='" +
UserName + "' AND PASSWORD='" + Xword + "'");
out.print("<html><title>Login Processed</title><body bgcolor='#ffffff'>");
if (rs != null) {
out.print ("Welcome");
//set session variables here
try {
while (rs.next()) {
String thisUser = rs.getString("USER_ID");
out.print (thisUser);
}
} catch(SQLException se){}
rs.close();
st.close();
con.close();
}else{
out.print ("You are not a valid user of the system or your password is
incorrect.");
}
> -----Original Message-----
> From: subramanian Athimoolam [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, August 08, 2000 8:54 PM
> To: [EMAIL PROTECTED]
> Subject: Re: FW: JSP & Sessions & Recordsets
>
>
> check the datatypes. both are string?
>
>
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
>
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
